From 5d97ab9df86af7004572f227f47bd74a0830833d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 14 Nov 2001 20:02:02 +0000 Subject: Got ready to implement Martin's idea, but request doesn't have a length field.... well, now at least the code is there when it does :-). Jeremy. (This used to be commit 22e323ca47325482b6ae527070509ed9c6cbccee) --- source3/nsswitch/winbindd.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) (limited to 'source3/nsswitch/winbindd.c') diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index b37fdb1a4f..fb3309ec33 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -602,7 +602,7 @@ static void process_loop(int accept_sock) /* Process activity on client connections */ - for (state = client_list; state; state = state->next) { + for (state = client_list; state; ) { /* Data available for reading */ @@ -613,17 +613,29 @@ static void process_loop(int accept_sock) client_read(state); #if 0 - /* If we have the start of a + /* JRA - currently there's no length field in the request... */ + /* + * If we have the start of a * packet, then check the * length field to make sure * the client's not talking - * Mock Swedish. */ + * Mock Swedish. + */ + if (state->read_buf_len >= sizeof(int) && *(int *) state->buf != sizeof(state->request)) { - BORK_BORK_BORK(); + + struct winbindd_cli_state *rem_state = state; + + DEBUG(0,("process_loop: Invalid request size (%d) send, should be (%d)\n", + *(int *) rem_state->buf, sizeof(rem_state->request) )); + + state = state_next; + remove_client(rem_state); + continue; } #endif - + /* A request packet might be complete */ @@ -631,6 +643,8 @@ static void process_loop(int accept_sock) sizeof(state->request)) { process_packet(state); } + + state = state->next; } /* Data available for writing */ -- cgit