From 1ebeb54932de01323356e8201d465656b8723d46 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 20 Oct 1998 18:27:49 +0000 Subject: some quite important bug-fixes i missed because i transferred the wrong smb.tgz file from my portable. particularly the call to mem_data followed by a realloc of that data in cli_pipe.c's rpc_read() function. smbd responses now use p->rdata_i which is a faked-up pointer into p->rdata's response data. rdata can be very long; rdata_i is limited to point to no more than max_tsize - 0x18 in length. this will make it an almost trivial task to add the encrypted rpc headers after rdata_i, and mem_buf_copy will cope admirably with rhdr chained to rdata_i chained to auth_verifier etc etc... (This used to be commit 05a297e3a98c14360782af4ad0d851638fb5da9a) --- source3/lib/membuffer.c | 8 ++++---- source3/lib/util.c | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'source3/lib') diff --git a/source3/lib/membuffer.c b/source3/lib/membuffer.c index 18e9fa9453..92bc2be439 100644 --- a/source3/lib/membuffer.c +++ b/source3/lib/membuffer.c @@ -79,7 +79,7 @@ void mem_init(struct mem_buf *buf, int margin) dynamic indicates memory has been dynamically allocated. if mem_free is called, the memory will be freed. ********************************************************************/ -void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dynamic) +void mem_create(struct mem_buf *buf, char *data, int offset, int size, int margin, BOOL dynamic) { buf->dynamic = dynamic; buf->data = data; @@ -90,8 +90,8 @@ void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dyna buf->next = NULL; - buf->offset.start = 0; - buf->offset.end = size; + buf->offset.start = offset; + buf->offset.end = offset + size; } /******************************************************************* @@ -109,7 +109,7 @@ BOOL mem_alloc_data(struct mem_buf *buf, int size) buf->data = malloc(buf->data_size); - if (buf->data == NULL) + if (buf->data == NULL && size != 0) { DEBUG(3,("mem_alloc: could not malloc size %d\n", buf->data_size)); diff --git a/source3/lib/util.c b/source3/lib/util.c index f2cd2a99d1..e5486e6159 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2262,8 +2262,10 @@ BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) { ret = receive_smb(fd, buffer, timeout); - if(ret == False) + if (!ret) + { return ret; + } /* Ignore session keepalive packets. */ if(CVAL(buffer,0) != 0x85) -- cgit