s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo in case output_buffer_leng...

author Ralph Wuerthner <ralph.wuerthner@de.ibm.com>

Wed, 10 Jul 2013 06:59:58 +0000 (08:59 +0200)

committer Jeremy Allison <jra@samba.org>

Mon, 5 Aug 2013 23:46:05 +0000 (16:46 -0700)
author Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Wed, 10 Jul 2013 06:59:58 +0000 (08:59 +0200)
committer Jeremy Allison <jra@samba.org>
Mon, 5 Aug 2013 23:46:05 +0000 (16:46 -0700)
diff --git a/source3/smbd/smb2_getinfo.c b/source3/smbd/smb2_getinfo.c

index 5616c849ade6309ba156d28af6dc0811d790717d..ec0bad0220631ca867afd0fb38a996db1d0dace2 100644 (file)
--- a/source3/smbd/smb2_getinfo.c
+++ b/source3/smbd/smb2_getinfo.c
@@ -498,6 +498,11 @@ static struct tevent_req *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx,
                 return tevent_req_post(req, ev);
         }
  
+       if (state->out_output_buffer.length > in_output_buffer_length) {
+               tevent_req_nterror(req, NT_STATUS_INFO_LENGTH_MISMATCH);
+               return tevent_req_post(req, ev);
+       }
+
         tevent_req_done(req);
         return tevent_req_post(req, ev);
  }
author	Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
	Wed, 10 Jul 2013 06:59:58 +0000 (08:59 +0200)
committer	Jeremy Allison <jra@samba.org>
	Mon, 5 Aug 2013 23:46:05 +0000 (16:46 -0700)