From d2d29ea9530a5d7077cf0ee138f1f29095e5b496 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 21 Mar 2003 22:37:14 +0000 Subject: Clobber our SMB buffers between packets. I hope this will help find bugs where we assume the buffer is zero, when it might not be (ie due to, previous packets). Andrew Bartlett (This used to be commit 191b0ab4d7c35c83d2bb2052b2e37d01fbf37b45) --- source3/smbd/process.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 57bc236eef..c3fbc22e94 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1249,12 +1249,16 @@ void smbd_process(void) extern int smb_echo_count; time_t last_timeout_processing_time = time(NULL); unsigned int num_smbs = 0; + const size_t total_buffer_size = BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN; - InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN); - OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN); + InBuffer = (char *)malloc(total_buffer_size); + OutBuffer = (char *)malloc(total_buffer_size); if ((InBuffer == NULL) || (OutBuffer == NULL)) return; + clobber_region(__FUNCTION__, __LINE__, InBuffer, total_buffer_size); + clobber_region(__FUNCTION__, __LINE__, OutBuffer, total_buffer_size); + max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); while (True) { @@ -1278,6 +1282,8 @@ void smbd_process(void) num_smbs = 0; /* Reset smb counter. */ } + clobber_region(__FUNCTION__, __LINE__, InBuffer, total_buffer_size); + while (!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout)) { if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time)) return; @@ -1295,6 +1301,8 @@ void smbd_process(void) */ num_echos = smb_echo_count; + clobber_region(__FUNCTION__, __LINE__, OutBuffer, total_buffer_size); + process_smb(InBuffer, OutBuffer); if (smb_echo_count != num_echos) { -- cgit