summaryrefslogtreecommitdiff
path: root/source3/smbd/ipc.c
AgeCommit message (Collapse)AuthorFilesLines
2008-11-28Consolidate the buffer checks for the reply_trans style functionsVolker Lendecke1-55/+18
This is the one where I found the problem that led to 3.2.5. So if there is one checkin in the last year that I would like others to review and *understand*, it is this one :-) Volker
2008-11-28Remove the variable "size" from reply_transVolker Lendecke1-12/+16
This converts the range checks for the setup[] array to rely on req->wct being set correctly in init_smb_request. As that already verifies the vwv array to be in the range of the smb_request inbuf, we don't have to do overflow checks here anymore. Jeremy, please check thoroughly! :-) Thanks, Volker
2008-11-27Fix the offset checks in the trans routinesVolker Lendecke1-3/+3
This fixes a potential crash bug, a client can make us read memory we should not read. Luckily I got the disp checks right... Volker (cherry picked from commit 64a1d80851da5b05e70ec6c96f6e9bd473748369) (cherry picked from commit f04c5650a3aeca23591ddc781c4b297caaf9bb3f)
2008-11-08Do not write into inbuf for the transs requestVolker Lendecke1-6/+12
Instead, fix up the outbuf in send_xx_reply. In those routines, we know what we are returning.
2008-11-08Remove direct inbuf refs from send_trans_replyVolker Lendecke1-37/+35
2008-11-02Pass smb_request to send_trans_reply to match with send_[nt]trans[2]_replyVolker Lendecke1-9/+9
2008-11-02Use "vwv" in trans parsingVolker Lendecke1-16/+16
2008-11-02Remove a bunch of direct inbuf references by adding "vwv" to smb_requestVolker Lendecke1-6/+6
2008-11-02Simplify params of srvstr_pull_buf_talloc()Volker Lendecke1-2/+2
Now that "req" is available everywhere, use it. Rename srvstr_pull_buf_talloc() to srvstr_pull_req()
2008-11-01Remove a bunch of direct inbuf references by adding "buf" to smb_requestVolker Lendecke1-1/+1
2008-10-13Use "struct files_struct" for pipes instead of smb_np_structVolker Lendecke1-49/+41
2008-10-11Fix some nonempty blank linesVolker Lendecke1-6/+6
2008-10-09Fix a typoVolker Lendecke1-1/+1
2008-06-28Let send_trans_reply work on only the inbufVolker Lendecke1-52/+55
It does not really need the whole smb_request (This used to be commit d3facf4cbdb2915168e91d64c2d8320f67524df8)
2008-05-05Remove connection_struct->mem_ctx, connection_struct is its own parentVolker Lendecke1-1/+1
(This used to be commit 559180f7d30606d1999399d954ceedc798c669a4)
2008-04-07Rewrite the wrap checks to deal with gcc 4.x optimisations.Jeremy Allison1-33/+45
Karolin, please pull once Volker has reviewed. Thanks. Jeremy. (This used to be commit 09852899cadc48abe2f2651ecbceaf881198e648)
2008-01-04Now conn is part of smb_request, we don't need it asJeremy Allison1-2/+4
an extra parameter. This cleans up quite a few places we were passing it around without needing it. Jeremy. (This used to be commit 8f36def18e9f980e8db522e1de41e80cfd5f466e)
2008-01-04Refactor the crypto code after a very helpful conversationJeremy Allison1-23/+30
with Volker. Mostly making sure we have data on the incoming packet type, not stored in the smb header. Jeremy. (This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8)
2007-12-10Don't need an fstring here, we can talloc.Jeremy Allison1-9/+8
Jeremy. (This used to be commit 3f6cc826378729c9157ea68e7cf5c7b584bbb585)
2007-12-04Fix crash bug with vl's new trans handling in old transsJeremy Allison1-5/+6
calls. Make this look like the (working) transs2 handling (replace inbuf, not write to outbuf - outbuf isn't allocated yet so you get a null deref). Jeremy. (This used to be commit f04e37a630f8e7538d670d34db4ea7fc7c0b50a3)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-3/+3
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25103: Ensure we don't return unwritten memory (valgrind caught).Jeremy Allison1-3/+9
Jeremy. (This used to be commit b3f0d39d11fa18b7bfef6cec88efaf4a2be2d6e0)
2007-10-10r24320: Fix the wct checks in reply_trans2 and the reply_trans callsVolker Lendecke1-2/+2
No idea what I've been smoking here. Thanks to Stefan for closely looking (This used to be commit 708f5af2e8c10d9a0d0027e3c31fa23689e746b8)
2007-10-10r24244: Complete the conversion of reply_trans[s]Volker Lendecke1-62/+63
Remove reply_prep/post_legacy from send_trans_replies (This used to be commit c08366f840ead5aba7199cf0b058587055b4d98e)
2007-10-10r24243: Remove reply_prep_legacy from api_replyVolker Lendecke1-14/+4
(This used to be commit b01664b43b0bd94bb59dec57480d2be954a7298a)
2007-10-10r24242: Remove reply_prep_legacy from api_rpc_trans_replyVolker Lendecke1-24/+10
(This used to be commit 160f65946af9b3e1609b0efb211edc81514fb36f)
2007-10-10r24241: Remove reply_prep_legacy from api_WNPHS and api_SNPHSVolker Lendecke1-57/+23
(This used to be commit 8702450e91943b1097ae3c8979d60b6962a69632)
2007-10-10r24240: Push down reply_prep_legacy one level inside api_fd_replyVolker Lendecke1-19/+54
(This used to be commit 0bb95639d6b49b18f2a7f1131f54239355097119)
2007-10-10r24239: Push reply_prep_legacy into api_fd_replyVolker Lendecke1-51/+38
(This used to be commit e2a96497928ab959e36639fef2d493640bb6e951)
2007-10-10r24238: Push down reply_prep_legacy one levelVolker Lendecke1-8/+25
(This used to be commit a6a2d97facf95c7997f3d12457f2811b3b7bde1b)
2007-10-10r24237: Add send_trans_reply_newVolker Lendecke1-0/+18
(This used to be commit f0598b3ca0ee04e31855c3e54f3198e6fd968737)
2007-10-10r24236: Push reply_prep_legacy() into named_pipe()Volker Lendecke1-46/+46
(This used to be commit b38f9347e81364d224e5ca00609099a74410e99c)
2007-10-10r24235: Make handle_trans reply to errors itselfVolker Lendecke1-47/+29
(This used to be commit 06d0c74b74754c55f4c8ef0899bda08476e7dd4b)
2007-10-10r24234: Reformatting -- SCNRVolker Lendecke1-49/+20
(This used to be commit 040d6d5db6d929f1612b1b0dc762b7f55c956740)
2007-10-10r24233: Push reply_prep_legacy into handle_transVolker Lendecke1-34/+16
(This used to be commit dc27c3c668f86d008c27b8a749f5726287ba54a5)
2007-10-10r24232: Push down reply_prep_legacy inside reply_transsVolker Lendecke1-25/+35
(This used to be commit 511f8bc030a9a16c2e793ce5d06577608e101de4)
2007-10-10r24231: Push allocating InBuffer/OutBuffer into reply_transsVolker Lendecke1-9/+20
(This used to be commit 74ae19cca6dd15b65deffbf464cfd0e485da8611)
2007-10-10r24230: Push down reply_prep_legacy in reply_transVolker Lendecke1-52/+62
The last checkin was for reply_trans, not reply_transs (This used to be commit 50a2bfd9e04d51aa5e3ae9d6620a98eeb158b6ea)
2007-10-10r24229: Push allocating InBuffer/OutBuffer into reply_transsVolker Lendecke1-18/+32
(This used to be commit 39a7809aa4c34bb26178589245c419df44796e22)
2007-10-10r24224: Check wct in reply_transVolker Lendecke1-4/+19
(This used to be commit fc8759e63ccec7f1cfb9f1d0ecd0f19a496e4153)
2007-10-10r23823: Memory leak fix from Atsushi Nakabayashi <nakabayashi@miraclelinux.com>Volker Lendecke1-0/+2
Thanks! Volker (This used to be commit 17b875ae5bab9473f0f896e63fff4a65588c2fb8)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23726: Explicitly pass down the FLAGS2 field to srvstr_pull_buf. The nextVolker Lendecke1-2/+2
checkin will pull this up to srvstr_get_path. At that point we can get more independent of the inbuf, the base_ptr in pull_string will only be used to satisfy UCS2 alignment constraints. (This used to be commit 836782b07bf133e9b2598c4a089f1c810e4c7754)
2007-10-10r22391: Looks bigger than it is. Make "inbuf" availableJeremy Allison1-53/+126
to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy. (This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
2007-10-10r22059: Over-allocate and NULL out 100 bytes for lanman.c.Volker Lendecke1-4/+8
Volker (This used to be commit 0eea6b84cec7e2a3fc1f784d5a9b162f71cc8a02)
2007-10-10r20237: Replace exit_server with exit_server_cleanly where appropriate. AllJames Peach1-2/+2
send_smb failures should be clean exits. All times when we exit as a matter of policy should also be clean exits. (This used to be commit d6382092e72120a3c89ffe81975e8898d454bf06)
2007-10-10r20178: Ensure we allocate the intermediate trans structsJeremy Allison1-1/+2
off conn->mem_ctx, not the null context so we can safefy free everything on conn close. Should fix possible memleak. Jeremy. (This used to be commit b33bde7b39953e171f05cdb53b6345ee3a9ec6e7)
2007-10-10r17316: More C++ warnings -- 456 leftVolker Lendecke1-2/+2
(This used to be commit 1e4ee728df7eeafc1b4d533240acb032f73b4f5c)
2007-10-10r16275: Start fixing up gcc4 -O6 warnings on an x86_64 box. size_t != ↵Jeremy Allison1-4/+4
unsigned int in a format string. Jeremy. (This used to be commit 952547471f03bd2da1eda0247471b17aa1ff15de)
generated by cgit (git 2.34.1) at 2024-07-06 11:27:45 +0000