diff options
author | Luke Leighton <lkcl@samba.org> | 1998-10-20 18:27:49 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1998-10-20 18:27:49 +0000 |
commit | 05a297e3a98c14360782af4ad0d851638fb5da9a (patch) | |
tree | 9c7ddfb8ba98f399fe8a7debb444ce6ccdae8e4e /source/lib | |
parent | 06cc6eaa50fa4b673d527e91740f9d2d2b16d367 (diff) | |
download | samba-05a297e3a98c14360782af4ad0d851638fb5da9a.tar.gz samba-05a297e3a98c14360782af4ad0d851638fb5da9a.tar.xz samba-05a297e3a98c14360782af4ad0d851638fb5da9a.zip |
some quite important bug-fixes i missed because i transferred the wrong
smb.tgz file from my portable.
particularly the call to mem_data followed by a realloc of that data in
cli_pipe.c's rpc_read() function.
smbd responses now use p->rdata_i which is a faked-up pointer into
p->rdata's response data. rdata can be very long; rdata_i is limited
to point to no more than max_tsize - 0x18 in length. this will make
it an almost trivial task to add the encrypted rpc headers after
rdata_i, and mem_buf_copy will cope admirably with rhdr chained to
rdata_i chained to auth_verifier etc etc...
Diffstat (limited to 'source/lib')
-rw-r--r-- | source/lib/membuffer.c | 8 | ||||
-rw-r--r-- | source/lib/util.c | 4 |
2 files changed, 7 insertions, 5 deletions
diff --git a/source/lib/membuffer.c b/source/lib/membuffer.c index 18e9fa94532..92bc2be4397 100644 --- a/source/lib/membuffer.c +++ b/source/lib/membuffer.c @@ -79,7 +79,7 @@ void mem_init(struct mem_buf *buf, int margin) dynamic indicates memory has been dynamically allocated. if mem_free is called, the memory will be freed. ********************************************************************/ -void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dynamic) +void mem_create(struct mem_buf *buf, char *data, int offset, int size, int margin, BOOL dynamic) { buf->dynamic = dynamic; buf->data = data; @@ -90,8 +90,8 @@ void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dyna buf->next = NULL; - buf->offset.start = 0; - buf->offset.end = size; + buf->offset.start = offset; + buf->offset.end = offset + size; } /******************************************************************* @@ -109,7 +109,7 @@ BOOL mem_alloc_data(struct mem_buf *buf, int size) buf->data = malloc(buf->data_size); - if (buf->data == NULL) + if (buf->data == NULL && size != 0) { DEBUG(3,("mem_alloc: could not malloc size %d\n", buf->data_size)); diff --git a/source/lib/util.c b/source/lib/util.c index f2cd2a99d11..e5486e6159e 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -2262,8 +2262,10 @@ BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) { ret = receive_smb(fd, buffer, timeout); - if(ret == False) + if (!ret) + { return ret; + } /* Ignore session keepalive packets. */ if(CVAL(buffer,0) != 0x85) |