diff options
author | Stefan Metzmacher <metze@samba.org> | 2011-11-04 12:52:44 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2011-11-09 19:52:04 +0100 |
commit | d0272d6ff1e2e33d710d5bee25a2781c67edc3a5 (patch) | |
tree | c53f0ecc355eb0a24735fb6b6dcded9eda987cf3 | |
parent | 8929b72433aea584f76519b0eabdab8b6423f5cf (diff) | |
download | samba-d0272d6ff1e2e33d710d5bee25a2781c67edc3a5.tar.gz samba-d0272d6ff1e2e33d710d5bee25a2781c67edc3a5.tar.xz samba-d0272d6ff1e2e33d710d5bee25a2781c67edc3a5.zip |
s3:libsmb: the workgroup in the non-extended-security negprot is not aligned (#8573)
I've tested the fix against NT4 sp6a, W2K sp4, W2K8R2 and Win8pre0.
metze
(similar to commit aea76a3aaa7ea52f563e7bc8a8ed60d9651f9e34)
-rw-r--r-- | source3/libsmb/cliconnect.c | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 113b8a5f144..f03219bb0be 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -2655,6 +2655,7 @@ static void cli_negprot_done(struct tevent_req *subreq) if (cli->protocol >= PROTOCOL_NT1) { struct timespec ts; bool negotiated_smb_signing = false; + DATA_BLOB blob = data_blob_null; if (wct != 0x11) { tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); @@ -2680,13 +2681,29 @@ static void cli_negprot_done(struct tevent_req *subreq) /* work out if they sent us a workgroup */ if (!(cli->capabilities & CAP_EXTENDED_SECURITY) && smb_buflen(inbuf) > 8) { + blob = data_blob_const(bytes + 8, num_bytes - 8); + } + + if (blob.length > 0) { ssize_t ret; - status = smb_bytes_talloc_string( - cli, (char *)inbuf, &cli->server_domain, - bytes + 8, num_bytes - 8, &ret); - if (tevent_req_nterror(req, status)) { + char *server_domain = NULL; + + ret = clistr_pull_talloc(cli, + (const char *)inbuf, + SVAL(inbuf, smb_flg2), + &server_domain, + (char *)blob.data, + blob.length, + STR_TERMINATE| + STR_UNICODE| + STR_NOALIGN); + if (ret == -1) { + tevent_req_nterror(req, NT_STATUS_NO_MEMORY); return; } + if (server_domain) { + cli->server_domain = server_domain; + } } /* |