From af7cf4f992d8bb3b6677c094c85b9b1055a6ffc9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Sun, 2 Nov 2008 01:21:53 +0100
Subject: Remove some direct inbuf references by adding smbreq_bufrem

---
 source3/include/smb_macros.h | 2 ++
 source3/include/srvstr.h     | 2 +-
 source3/smbd/message.c       | 4 ++--
 source3/smbd/negprot.c       | 2 +-
 source3/smbd/reply.c         | 4 ++--
 source3/smbd/sesssetup.c     | 6 +++---
 6 files changed, 11 insertions(+), 9 deletions(-)

(limited to 'source3')

diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h
index 89d8994eaf..46ca236553 100644
--- a/source3/include/smb_macros.h
+++ b/source3/include/smb_macros.h
@@ -131,6 +131,8 @@
 
 /* the remaining number of bytes in smb buffer 'buf' from pointer 'p'. */
 #define smb_bufrem(buf, p) (smb_buflen(buf)-PTR_DIFF(p, smb_buf(buf)))
+#define smbreq_bufrem(req, p) (req->buflen - PTR_DIFF(p, req->buf))
+
 
 /* Note that chain_size must be available as an extern int to this macro. */
 #define smb_offset(p,buf) (PTR_DIFF(p,buf+4) + chain_size)
diff --git a/source3/include/srvstr.h b/source3/include/srvstr.h
index d2de6805d3..7e7d8a2e92 100644
--- a/source3/include/srvstr.h
+++ b/source3/include/srvstr.h
@@ -27,4 +27,4 @@
 
 #define srvstr_pull_req_talloc(ctx, req_, dest, src, flags) \
     pull_string_talloc(ctx, req_->inbuf, req_->flags2, dest, src, \
-		       smb_bufrem(req_->inbuf, src), flags)
+		       smbreq_bufrem(req_, src), flags)
diff --git a/source3/smbd/message.c b/source3/smbd/message.c
index 347370e40c..65eaeca777 100644
--- a/source3/smbd/message.c
+++ b/source3/smbd/message.c
@@ -162,7 +162,7 @@ void reply_sends(struct smb_request *req)
 	msg = p;
 
 	len = SVAL(msg,0);
-	len = MIN(len, smb_bufrem(req->inbuf, msg+2));
+	len = MIN(len, smbreq_bufrem(req, msg+2));
 
 	state->msg = talloc_array(state, char, len);
 
@@ -256,7 +256,7 @@ void reply_sendtxt(struct smb_request *req)
 
 	old_len = talloc_get_size(smbd_msg_state->msg);
 
-	len = MIN(SVAL(msg, 0), smb_bufrem(req->inbuf, msg+2));
+	len = MIN(SVAL(msg, 0), smbreq_bufrem(req, msg+2));
 
 	tmp = TALLOC_REALLOC_ARRAY(smbd_msg_state, smbd_msg_state->msg,
 				   char, old_len + len);
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 1fe0193e00..fe168aad3a 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -539,7 +539,7 @@ void reply_negprot(struct smb_request *req)
 	num_cliprotos = 0;
 	cliprotos = NULL;
 
-	while (smb_bufrem(req->inbuf, p) > 0) {
+	while (smbreq_bufrem(req, p) > 0) {
 
 		char **tmp;
 
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index f7165ff217..ebd85bcd28 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -272,7 +272,7 @@ size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
 				 NTSTATUS *err, bool *contains_wcard)
 {
 	return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
-				     pp_dest, src, smb_bufrem(req->inbuf, src),
+				     pp_dest, src, smbreq_bufrem(req, src),
 				     flags, err, contains_wcard);
 }
 
@@ -630,7 +630,7 @@ void reply_tcon_and_X(struct smb_request *req)
 
 	p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
 				&client_devicetype, p,
-				MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
+				MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
 
 	if (client_devicetype == NULL) {
 		data_blob_clear_free(&password);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 6981764e22..798c84ad6b 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -1195,7 +1195,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
 		return;
 	}
 
-	bufrem = smb_bufrem(req->inbuf, p);
+	bufrem = smbreq_bufrem(req, p);
 	/* pull the spnego blob */
 	blob1 = data_blob(p, MIN(bufrem, data_blob_len));
 
@@ -1529,7 +1529,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
 
 		/* check for nasty tricks */
 		if (passlen1 > MAX_PASS_LEN
-		    || passlen1 > smb_bufrem(req->inbuf, p)) {
+		    || passlen1 > smbreq_bufrem(req, p)) {
 			reply_nterror(req, nt_status_squash(
 					      NT_STATUS_INVALID_PARAMETER));
 			END_PROFILE(SMBsesssetupX);
@@ -1537,7 +1537,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
 		}
 
 		if (passlen2 > MAX_PASS_LEN
-		    || passlen2 > smb_bufrem(req->inbuf, p+passlen1)) {
+		    || passlen2 > smbreq_bufrem(req, p+passlen1)) {
 			reply_nterror(req, nt_status_squash(
 					      NT_STATUS_INVALID_PARAMETER));
 			END_PROFILE(SMBsesssetupX);
-- 
cgit