diff options
Diffstat (limited to 'source4/smb_server')
-rw-r--r-- | source4/smb_server/request.c | 2 | ||||
-rw-r--r-- | source4/smb_server/smb_server.c | 21 |
2 files changed, 16 insertions, 7 deletions
diff --git a/source4/smb_server/request.c b/source4/smb_server/request.c index 8bb77af759..4ca9c9ffda 100644 --- a/source4/smb_server/request.c +++ b/source4/smb_server/request.c @@ -252,7 +252,7 @@ void req_send_reply_nosign(struct smbsrv_request *req) tmp_blob.data = req->out.buffer; tmp_blob.length = req->out.size; - status = socket_send(req->smb_conn->connection->socket, req, &tmp_blob, &sendlen, SOCKET_FLAG_BLOCK); + status = socket_send(req->smb_conn->connection->socket, &tmp_blob, &sendlen, SOCKET_FLAG_BLOCK); if (!NT_STATUS_IS_OK(status) || (req->out.size != sendlen)) { smbsrv_terminate_connection(req->smb_conn, "failed to send reply\n"); return; diff --git a/source4/smb_server/smb_server.c b/source4/smb_server/smb_server.c index b7d54c8dee..d6022ef63e 100644 --- a/source4/smb_server/smb_server.c +++ b/source4/smb_server/smb_server.c @@ -64,17 +64,19 @@ static struct smbsrv_request *receive_smb_request(struct smbsrv_connection *smb_ ssize_t len, len2; DATA_BLOB tmp_blob; struct smbsrv_request *req; + char hdr[4]; + size_t nread; - status = socket_recv(smb_conn->connection->socket, smb_conn, &tmp_blob, 4, SOCKET_FLAG_BLOCK|SOCKET_FLAG_PEEK); + status = socket_recv(smb_conn->connection->socket, hdr, + 4, &nread, SOCKET_FLAG_BLOCK|SOCKET_FLAG_PEEK); if (!NT_STATUS_IS_OK(status)) { return NULL; } - if (tmp_blob.length != 4) { + if (nread != 4) { return NULL; } - len = smb_len(tmp_blob.data); - talloc_free(tmp_blob.data); + len = smb_len(hdr); req = init_smb_request(smb_conn); @@ -83,11 +85,18 @@ static struct smbsrv_request *receive_smb_request(struct smbsrv_connection *smb_ len2 = len + NBT_HDR_SIZE; - status = socket_recv(smb_conn->connection->socket, req, &tmp_blob, len2, SOCKET_FLAG_BLOCK); + tmp_blob = data_blob_talloc(req, NULL, len2); + if (tmp_blob.data == NULL) { + return NULL; + } + + status = socket_recv(smb_conn->connection->socket, + tmp_blob.data, len2, + &nread, SOCKET_FLAG_BLOCK); if (!NT_STATUS_IS_OK(status)) { return NULL; } - if (tmp_blob.length != len2) { + if (nread != len2) { return NULL; } |