git.samba.org
/
gd
/
samba-autobuild
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
735fc34
)
smb2_server: make sure in_ctl_code = IVAL(body, 0x04); reads valid bytes
author
Stefan Metzmacher
<metze@samba.org>
Wed, 15 Sep 2021 15:22:39 +0000
(17:22 +0200)
committer
Ralph Boehme
<slow@samba.org>
Wed, 1 Dec 2021 11:04:29 +0000
(11:04 +0000)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14788
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
source3/smbd/smb2_server.c
patch
|
blob
|
history
diff --git
a/source3/smbd/smb2_server.c
b/source3/smbd/smb2_server.c
index 4f302c3541934ebe7c5b992c3440ac8148f9ed32..fd02c129c408276fd5b1e9280b4b632af6e257b3 100644
(file)
--- a/
source3/smbd/smb2_server.c
+++ b/
source3/smbd/smb2_server.c
@@
-3194,7
+3194,7
@@
NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
const uint8_t *body = SMBD_SMB2_IN_BODY_PTR(req);
size_t body_size = SMBD_SMB2_IN_BODY_LEN(req);
uint32_t in_ctl_code;
- size_t needed =
4
;
+ size_t needed =
8
;
if (needed > body_size) {
return smbd_smb2_request_error(req,