summaryrefslogtreecommitdiff
path: root/source3/nmbd/nmbd_processlogon.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nmbd/nmbd_processlogon.c')
-rw-r--r--source3/nmbd/nmbd_processlogon.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 9784afe9e2..bb4b7547a6 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -67,7 +67,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
strupper(my_name);
code = SVAL(buf,0);
- DEBUG(1,("process_logon_packet: Logon from %s: code = %x\n", inet_ntoa(p->ip), code));
+ DEBUG(1,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p->ip), code));
switch (code)
{
@@ -202,10 +202,15 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
domainsidsize = IVAL(q, 0);
q += 4;
- if (domainsidsize != 0) {
+ DEBUG(3,("process_logon_packet: SAMLOGON sidsize %d, len = %d\n", domainsidsize, len));
+
+ if (domainsidsize < (len - PTR_DIFF(q, buf)) && (domainsidsize != 0)) {
q += domainsidsize;
q = ALIGN4(q, buf);
}
+
+ DEBUG(3,("process_logon_packet: len = %d PTR_DIFF(q, buf) = %d\n", len, PTR_DIFF(q, buf) ));
+
if (len - PTR_DIFF(q, buf) > 8) {
/* with NT5 clients we can sometimes
get additional data - a length specificed string
@@ -213,7 +218,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
data (no idea what it is) */
int dom_len = CVAL(q, 0);
q++;
- if (dom_len != 0) {
+ if (dom_len < (len - PTR_DIFF(q, buf)) && (dom_len != 0)) {
q += dom_len + 1;
}
q += 16;