The branch, master has been updated
via 7c48369 smbd: Fix file name buflen and padding in notify repsonse
from 2881679 vfs_streams_xattr: fix and simplify streams_xattr_get_name()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7c483690ac6ed007798aeeb7b8549c9d55877e56
Author: Jeremy Allison <j...@samba.org>
Date: Fri Oct 16 15:13:47 2015 -0700
smbd: Fix file name buflen and padding in notify repsonse
The array is uint16, doubling the file name length consumes twice the space
required.
As we're hand assembling this as a series of concatinated individual
data_blobs,
we must take care to ensure the correct 4 byte alignment that was
being masked by the previous doubling of the filename length.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10634
Signed-off-by: Jeremy Allison <j...@samba.org>
Signed-off-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Sun Oct 18 01:56:41 CEST 2015 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
librpc/idl/notify.idl | 4 +++-
source3/smbd/notify.c | 14 +++++++++++++-
2 files changed, 16 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/notify.idl b/librpc/idl/notify.idl
index 66422ec..09d06be 100644
--- a/librpc/idl/notify.idl
+++ b/librpc/idl/notify.idl
@@ -93,6 +93,8 @@ interface notify
uint32 NextEntryOffset;
FILE_NOTIFY_ACTION Action;
[value(strlen_m(FileName1)*2)] uint32 FileNameLength;
- [charset(UTF16),flag(STR_NOTERM)] uint16
FileName1[FileNameLength];
+ [charset(UTF16),flag(STR_NOTERM)]
+ uint16 FileName1[strlen_m(FileName1)];
+ DATA_BLOB _pad;
} FILE_NOTIFY_INFORMATION;
}
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index e776749..6257260 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -138,6 +138,7 @@ static bool notify_marshall_changes(int num_changes,
struct notify_change_event *c;
struct FILE_NOTIFY_INFORMATION m;
DATA_BLOB blob;
+ uint16_t pad = 0;
/* Coalesce any identical records. */
while (i+1 < num_changes &&
@@ -151,12 +152,23 @@ static bool notify_marshall_changes(int num_changes,
m.FileName1 = c->name;
m.FileNameLength = strlen_m(c->name)*2;
m.Action = c->action;
- m.NextEntryOffset = (i == num_changes-1) ? 0 :
ndr_size_FILE_NOTIFY_INFORMATION(&m, 0);
+
+ m._pad = data_blob_null;
/*
* Offset to next entry, only if there is one
*/
+ if (i == (num_changes-1)) {
+ m.NextEntryOffset = 0;
+ } else {
+ if ((m.FileNameLength % 4) == 2) {
+ m._pad = data_blob_const(&pad, 2);
+ }
+ m.NextEntryOffset =
+ ndr_size_FILE_NOTIFY_INFORMATION(&m, 0);
+ }
+
ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), &m,
(ndr_push_flags_fn_t)ndr_push_FILE_NOTIFY_INFORMATION);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
--
Samba Shared Repository
