From 3144e4508505d03540347879c816ac723c6af158 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Tue, 16 Dec 2008 13:40:38 -0800 Subject: (Fixed) Final part of fix for bug #5953 - smbclient crashes: cli_list_new segmentation fault (with NAS-BASIC server). --- source3/libsmb/clilist.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'source3/libsmb/clilist.c') diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index cebafc6919..1431b804b0 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -79,16 +79,17 @@ static size_t interpret_long_filename(TALLOC_CTX *ctx, p += 27; p += clistr_align_in(cli, p, 0); - /* We can safely use +1 here (which is required by OS/2) - * instead of +2 as the STR_TERMINATE flag below is + /* We can safely use len here (which is required by OS/2) + * and the NAS-BASIC server instead of +2 or +1 as the + * STR_TERMINATE flag below is * actually used as the length calculation. - * The len+2 is merely an upper bound. + * The len is merely an upper bound. * Due to the explicit 2 byte null termination * in cli_receive_trans/cli_receive_nt_trans * we know this is safe. JRA + kukks */ - if (p + len + 1 > pdata_end) { + if (p + len > pdata_end) { return pdata_end - base; } -- cgit