CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destru...

author Stefan Metzmacher <metze@samba.org>

Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)

committer Stefan Metzmacher <metze@samba.org>

Tue, 12 Apr 2016 17:25:32 +0000 (19:25 +0200)
author Stefan Metzmacher <metze@samba.org>
Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)
committer Stefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:32 +0000 (19:25 +0200)
diff --git a/libcli/smb/tstream_smbXcli_np.c b/libcli/smb/tstream_smbXcli_np.c

index af0863e50bb65593450cdca095a6fa7c2e3e3157..a59db13321b193fe235aa89f39d3e3d0aa5821c7 100644 (file)
--- a/libcli/smb/tstream_smbXcli_np.c
+++ b/libcli/smb/tstream_smbXcli_np.c
@@ -111,7 +111,11 @@ static int tstream_smbXcli_np_destructor(struct tstream_smbXcli_np *cli_nps)
          * Once we've fixed all callers to call
          * tstream_disconnect_send()/_recv(), this will
          * never be called.
+        *
+        * We use a maximun timeout of 1 second == 1000 msec.
          */
+       cli_nps->timeout = MIN(cli_nps->timeout, 1000);
+
         if (cli_nps->is_smb1) {
                 status = smb1cli_close(cli_nps->conn,
                                        cli_nps->timeout,
author	Stefan Metzmacher <metze@samba.org>
	Wed, 23 Dec 2015 10:05:45 +0000 (11:05 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 12 Apr 2016 17:25:32 +0000 (19:25 +0200)