From 22ddbb50534aa73240a171732d4ac1fa884fa412 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 9 Nov 2011 16:04:09 +0100 Subject: s3:smbd: don't limit the number of open dptrs for smb2 (bug #8592) This fixes a crash bug that is triggered, when a client has more than 256 directory handles with searches. metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Thu Nov 10 14:08:14 CET 2011 on sn-devel-104 --- source3/smbd/dir.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 1d90a77b57..a7dc537074 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -261,6 +261,10 @@ static void dptr_close_internal(struct dptr_struct *dptr) goto done; } + if (sconn->using_smb2) { + goto done; + } + DLIST_REMOVE(sconn->searches.dirptrs, dptr); /* @@ -524,6 +528,10 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp, dptr->attr = attr; + if (sconn->using_smb2) { + goto done; + } + if(old_handle) { /* @@ -594,6 +602,7 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp, DLIST_ADD(sconn->searches.dirptrs, dptr); +done: DEBUG(3,("creating new dirptr %d for path %s, expect_close = %d\n", dptr->dnum,path,expect_close)); @@ -1367,7 +1376,7 @@ static int smb_Dir_destructor(struct smb_Dir *dirp) #endif SMB_VFS_CLOSEDIR(dirp->conn,dirp->dir); } - if (dirp->conn->sconn) { + if (dirp->conn->sconn && !dirp->conn->sconn->using_smb2) { dirp->conn->sconn->searches.dirhandles_open--; } return 0; @@ -1398,7 +1407,7 @@ struct smb_Dir *OpenDir(TALLOC_CTX *mem_ctx, connection_struct *conn, goto fail; } - if (sconn) { + if (sconn && !sconn->using_smb2) { sconn->searches.dirhandles_open++; } talloc_set_destructor(dirp, smb_Dir_destructor); @@ -1442,7 +1451,7 @@ static struct smb_Dir *OpenDir_fsp(TALLOC_CTX *mem_ctx, connection_struct *conn, goto fail; } - if (sconn) { + if (sconn && !sconn->using_smb2) { sconn->searches.dirhandles_open++; } talloc_set_destructor(dirp, smb_Dir_destructor); -- cgit