From bc24603e41804a1d54ff85f9114f0288a03483fa Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 29 Oct 2004 06:01:51 +0000 Subject: r3355: fixed the old style search code in smb_server to correctly handle searches that go beyond the negotiated max xmit size (This used to be commit 84762a59763005f5d29106cd409867cb150d648f) --- source4/smb_server/search.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/source4/smb_server/search.c b/source4/smb_server/search.c index b7b3d10ab6..adcafccafa 100644 --- a/source4/smb_server/search.c +++ b/source4/smb_server/search.c @@ -65,10 +65,14 @@ struct search_state { /* fill a single entry in a search find reply */ -static void find_fill_info(struct smbsrv_request *req, +static BOOL find_fill_info(struct smbsrv_request *req, union smb_search_data *file) { char *p; + + if (req->out.data_size + 43 > req_max_data(req)) { + return False; + } req_grow_data(req, req->out.data_size + 43); p = req->out.data + req->out.data_size - 43; @@ -84,6 +88,8 @@ static void find_fill_info(struct smbsrv_request *req, memset(p+30, ' ', 12); memcpy(p+30, file->search.name, MIN(strlen(file->search.name)+1, 12)); SCVAL(p,42,0); + + return True; } /* callback function for search first/next */ @@ -91,9 +97,7 @@ static BOOL find_callback(void *private, union smb_search_data *file) { struct search_state *state = (struct search_state *)private; - find_fill_info(state->req, file); - - return True; + return find_fill_info(state->req, file); } /**************************************************************************** -- cgit