r4383: in order to cope with overfilled buffers on trans2 findfirst we need to use...

author Andrew Tridgell <tridge@samba.org>

Tue, 28 Dec 2004 23:28:02 +0000 (23:28 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:07:41 +0000 (13:07 -0500)
author Andrew Tridgell <tridge@samba.org>
Tue, 28 Dec 2004 23:28:02 +0000 (23:28 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:07:41 +0000 (13:07 -0500)
diff --git a/source/smb_server/trans2.c b/source/smb_server/trans2.c

index 2f2629a3ea06fbc3761fbc3774644f3541535cba..8aa60daa6df43d7028caa215b94fa73477eaf74b 100644 (file)
--- a/source/smb_server/trans2.c
+++ b/source/smb_server/trans2.c
@@ -119,8 +119,8 @@ static size_t trans2_pull_blob_string(struct smbsrv_request *req,
  */
  static size_t trans2_push_data_string(struct smbsrv_request *req, 
                                       struct smb_trans2 *trans,
-                                     uint16_t len_offset,
-                                     uint16_t offset,
+                                     uint32_t len_offset,
+                                     uint32_t offset,
                                       const WIRE_STRING *str,
                                       int dest_len,
                                       int flags)
@@ -193,7 +193,7 @@ static void trans2_append_data_string(struct smbsrv_request *req,
                                         int flags)
  {
         size_t ret;
-       uint16_t offset;
+       uint32_t offset;
         const int max_bytes_per_char = 3;
  
         offset = trans->out.data.length;
@@ -718,7 +718,7 @@ static NTSTATUS trans2_fileinfo_fill(struct smbsrv_request *req, struct smb_tran
                 SSVAL(trans->out.params.data, 0, 0);
  
                 for (i=0;i<st->stream_info.out.num_streams;i++) {
-                       uint16_t data_size = trans->out.data.length;
+                       uint32_t data_size = trans->out.data.length;
                         uint8_t *data;
  
                         trans2_grow_data(req, trans, data_size + 24);
@@ -1277,7 +1277,8 @@ static NTSTATUS trans2_findfirst(struct smbsrv_request *req, struct smb_trans2 *
                 }
         }
  
-       /* setup the private state structure that the backend will give us in the callback */
+       /* setup the private state structure that the backend will
+          give us in the callback */
         state.req = req;
         state.trans = trans;
         state.level = search.t2ffirst.level;
author	Andrew Tridgell <tridge@samba.org>
	Tue, 28 Dec 2004 23:28:02 +0000 (23:28 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:07:41 +0000 (13:07 -0500)