From 8d9588390822745ad43f0df82b29704234c760b9 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 9 Jun 2009 19:32:30 +0200 Subject: s4:smb2srv: don't allow the related flag on the first request in a compounded chain metze --- source4/smb_server/smb2/receive.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source4/smb_server/smb2') diff --git a/source4/smb_server/smb2/receive.c b/source4/smb_server/smb2/receive.c index 16f888b0a6..5ac01dcb7c 100644 --- a/source4/smb_server/smb2/receive.c +++ b/source4/smb_server/smb2/receive.c @@ -470,6 +470,7 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob) uint32_t protocol_version; uint16_t buffer_code; uint32_t dynamic_size; + uint32_t flags; smb_conn->statistics.last_request_time = cur_time; @@ -543,6 +544,12 @@ NTSTATUS smbsrv_recv_smb2_request(void *private_data, DATA_BLOB blob) * - make sure it's a request */ + flags = IVAL(req->in.hdr, SMB2_HDR_FLAGS); + /* the first request should never have the related flag set */ + if (flags & SMB2_HDR_FLAG_CHAINED) { + req->chain_status = NT_STATUS_INVALID_PARAMETER; + } + return smb2srv_reply(req); } -- cgit