r17864: Fix possible null deref if client doesn't give us

author Jeremy Allison <jra@samba.org>

Mon, 28 Aug 2006 02:13:50 +0000 (02:13 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 16:38:55 +0000 (11:38 -0500)
author Jeremy Allison <jra@samba.org>
Mon, 28 Aug 2006 02:13:50 +0000 (02:13 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 16:38:55 +0000 (11:38 -0500)
diff --git a/source3/nmbd/nmbd_namequery.c b/source3/nmbd/nmbd_namequery.c

index 1b07852f111b9e5415a6285b5049822e80ebef31..2c1cd130345b2a3857c14dae54a0a34406ce7f30 100644 (file)
--- a/source3/nmbd/nmbd_namequery.c
+++ b/source3/nmbd/nmbd_namequery.c
@@ -59,7 +59,15 @@ static void query_name_response( struct subnet_record   *subrec,
    
                         rrec->repeat_count = 0;
                         /* How long we should wait for. */
-                       rrec->repeat_time = p->timestamp + nmb->answers->ttl;
+                       if (nmb->answers) {
+                               rrec->repeat_time = p->timestamp + nmb->answers->ttl;
+                       } else {
+                               /* No answer - this is probably a corrupt
+                                  packet.... */
+                               DEBUG(0,("query_name_response: missing answer record in "
+                                       "NMB_WACK_OPCODE response.\n"));
+                               rrec->repeat_time = p->timestamp + 10;
+                       }
                         rrec->num_msgs--;
                         return;
                 } else if(nmb->header.rcode != 0) {
author	Jeremy Allison <jra@samba.org>
	Mon, 28 Aug 2006 02:13:50 +0000 (02:13 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 16:38:55 +0000 (11:38 -0500)