From 1a622fe641ffebd93a2ae1ee6ff5e8c4177668aa Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 29 Jun 2012 13:16:11 +0200
Subject: s3:smb2_server: remove max_charge check in
 smbd_smb2_request_verify_creditcharge()

The client can send any credit charge value, it's ok to send more than needed.

metze

Signed-off-by: Michael Adam <obnox@samba.org>
---
 source3/smbd/smb2_server.c | 16 ----------------
 1 file changed, 16 deletions(-)

(limited to 'source3/smbd')

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index c9c6431b81..0abd4fcd64 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1437,7 +1437,6 @@ NTSTATUS smbd_smb2_request_verify_creditcharge(struct smbd_smb2_request *req,
 {
 	uint16_t needed_charge;
 	uint16_t credit_charge = 1;
-	uint16_t max_charge = 1;
 	const uint8_t *inhdr;
 	int i = req->current_idx;
 
@@ -1446,14 +1445,6 @@ NTSTATUS smbd_smb2_request_verify_creditcharge(struct smbd_smb2_request *req,
 	if (req->sconn->smb2.supports_multicredit) {
 		credit_charge = SVAL(inhdr, SMB2_HDR_CREDIT_CHARGE);
 		credit_charge = MAX(credit_charge, 1);
-
-		/*
-		 * TODO: should we limit this here
-		 * to a transport specific value?
-		 *
-		 * TODO: we need tests for this?
-		 */
-		max_charge = UINT16_MAX;
 	}
 
 	needed_charge = (data_length - 1)/ 65536 + 1;
@@ -1468,13 +1459,6 @@ NTSTATUS smbd_smb2_request_verify_creditcharge(struct smbd_smb2_request *req,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	if (credit_charge > max_charge) {
-		DEBUG(2, ("CreditCharge too high, given %d, "
-			  "needed %d, allowed %d\n",
-			  credit_charge, needed_charge, max_charge));
-		return NT_STATUS_INVALID_PARAMETER;
-	}
-
 	return NT_STATUS_OK;
 }
 
-- 
cgit