From 87801bc387e60d8cac74a6fb59af30bfdcc7850d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Jul 2005 17:38:38 +0000 Subject: r8609: Fix for bugid #2889. I think the problem is that the top 16 bits of the "server state" field must be non-zero. As we're using the 32 bit field as an offset then normally this field will be zero. W2K3 fills this field with a counter enumerating the number of SMBsearch calls on this directory - starting at 1. Add back the 1<<31 bit flag DPTR_MASK to ensure this is non-zero - with better checks on use. Jeremy. (This used to be commit 6415657942c49ea51d4e4f4ee2189c7d70b9c5fa) --- source3/smbd/dir.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/smbd/dir.c') diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 949e31210f..aeada5968f 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -641,6 +641,8 @@ BOOL dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, S Fill the 5 byte server reserved dptr field. ****************************************************************************/ +#define DPTR_MASK ((uint32)(((uint32)1)<<31)) + BOOL dptr_fill(char *buf1,unsigned int key) { unsigned char *buf = (unsigned char *)buf1; @@ -653,8 +655,12 @@ BOOL dptr_fill(char *buf1,unsigned int key) offset = (uint32)TellDir(dptr->dir_hnd); DEBUG(6,("fill on key %u dirptr 0x%lx now at %d\n",key, (long)dptr->dir_hnd,(int)offset)); + if (offset != (uint32)-1 && (offset & DPTR_MASK)) { + DEBUG(0,("dptr_fill: Error - offset has bit 32 set. Can't use in server state.\n")); + return False; + } buf[0] = key; - SIVAL(buf,1,offset); + SIVAL(buf,1,offset | DPTR_MASK); return(True); } @@ -678,7 +684,7 @@ struct dptr_struct *dptr_fetch(char *buf,int *num) if (offset == (uint32)-1) { seekoff = -1; } else { - seekoff = (long)offset; + seekoff = (long)(offset & ~DPTR_MASK); } SeekDir(dptr->dir_hnd,seekoff); DEBUG(3,("fetching dirptr %d for path %s at offset %d\n", -- cgit