From 11e6f4b5185f6d3ee4e8c91cf598839a7f1d5002 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 30 Oct 2003 16:01:02 +0000
Subject: bug 696; check for an invalid fid before dereferencing the fsp
 pointer (This used to be commit 2cc43e760b02f2088a0222d1f5080913a96f3e5a)

---
 source3/smbd/trans2.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 394adeeb6f..56d1aae3a2 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -3319,7 +3319,12 @@ static int call_trans2ioctl(connection_struct *conn, char* inbuf,
 {
 	char *pdata = *ppdata;
 	files_struct *fsp = file_fsp(inbuf,smb_vwv15);
+
+	/* check for an invalid fid before proceeding */
 	
+	if (!fsp)                                
+		return(ERROR_DOS(ERRDOS,ERRbadfid));  
+
 	if ((SVAL(inbuf,(smb_setup+4)) == LMCAT_SPL) &&
 			(SVAL(inbuf,(smb_setup+6)) == LMFUNC_GETJOBID)) {
 		pdata = Realloc(*ppdata, 32);
-- 
cgit