[SCM] Samba Shared Repository - branch master updated

Sun, 28 Feb 2010 09:50:18 -0800 

The branch, master has been updated
       via  9ad1b4c... s3: Fix the CHAIN1 torture test
      from  fb98f60... tdb: If tdb_parse_record does not find a record, return 
-1 instead of 0

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9ad1b4cda04269dd50a719b4f65de2579d0da220
Author: Volker Lendecke <[email protected]>
Date:   Sun Feb 28 18:45:41 2010 +0100

    s3: Fix the CHAIN1 torture test
    
    I've tried to solve this just within cli_smb_recv(), but I could not find a 
way
    to sanely determine when we are receiving the last entry in the chain just 
from
    looking at the blob. This solves it in an a bit more brutal way...

-----------------------------------------------------------------------

Summary of changes:
 source3/libsmb/async_smb.c |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c
index 520861c..2f1f45c 100644
--- a/source3/libsmb/async_smb.c
+++ b/source3/libsmb/async_smb.c
@@ -201,6 +201,7 @@ struct cli_smb_state {
        uint8_t *inbuf;
        uint32_t seqnum;
        int chain_num;
+       int chain_length;
        struct tevent_req **chained_requests;
 };
 
@@ -710,6 +711,8 @@ static void cli_smb_received(struct tevent_req *subreq)
                state->inbuf = talloc_move(state, &inbuf);
                talloc_set_destructor(req, NULL);
                cli_smb_req_destructor(req);
+               state->chain_num = 0;
+               state->chain_length = 1;
                tevent_req_done(req);
        } else {
                struct tevent_req **chain = talloc_move(
@@ -721,6 +724,7 @@ static void cli_smb_received(struct tevent_req *subreq)
                                                cli_smb_state);
                        state->inbuf = inbuf;
                        state->chain_num = i;
+                       state->chain_length = num_chained;
                        tevent_req_done(chain[i]);
                }
                TALLOC_FREE(inbuf);
@@ -870,7 +874,11 @@ no_err:
                *pbytes = (uint8_t *)state->inbuf + bytes_offset + 2;
        }
        if ((mem_ctx != NULL) && (pinbuf != NULL)) {
-               *pinbuf = talloc_move(mem_ctx, &state->inbuf);
+               if (state->chain_num == state->chain_length-1) {
+                       *pinbuf = talloc_move(mem_ctx, &state->inbuf);
+               } else {
+                       *pinbuf = state->inbuf;
+               }
        }
 
        return status;


-- 
Samba Shared Repository

Reply via email to