static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
{
BOOL is_data_outstanding;
- char *rdata = malloc(p->max_trans_reply);
+ char *rdata = SMB_MALLOC(p->max_trans_reply);
int data_len;
if(rdata == NULL) {
return api_no_reply(outbuf, mdrcnt);
}
- DEBUG(3,("Got API command 0x%x on pipe \"%s\" (pnum %x)", subcommand, p->name, pnum));
+ DEBUG(3,("Got API command 0x%x on pipe \"%s\" (pnum %x)\n", subcommand, p->name, pnum));
/* record maximum data length that can be transmitted in an SMBtrans */
p->max_trans_reply = mdrcnt;
goto bad_param;
if (tdscnt) {
- if((data = (char *)malloc(tdscnt)) == NULL) {
+ if((data = (char *)SMB_MALLOC(tdscnt)) == NULL) {
DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt));
END_PROFILE(SMBtrans);
return(ERROR_DOS(ERRDOS,ERRnomem));
}
if (tpscnt) {
- if((params = (char *)malloc(tpscnt)) == NULL) {
+ if((params = (char *)SMB_MALLOC(tpscnt)) == NULL) {
DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt));
SAFE_FREE(data);
END_PROFILE(SMBtrans);
if (suwcnt) {
unsigned int i;
- if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) {
+ if((setup = SMB_MALLOC_ARRAY(uint16,suwcnt)) == NULL) {
DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16))));
SAFE_FREE(data);
SAFE_FREE(params);
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
show_msg(outbuf);
+ srv_signing_trans_stop();
if (!send_smb(smbd_server_fd(),outbuf))
exit_server("reply_trans: send_smb failed.");
}
ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+ /*
+ * The sequence number for the trans reply is always
+ * based on the last secondary received.
+ */
+
+ srv_signing_trans_start(SVAL(inbuf,smb_mid));
+
if ((ret && (CVAL(inbuf, smb_com) != SMBtranss)) || !ret) {
if(ret) {
DEBUG(0,("reply_trans: Invalid secondary trans packet\n"));
goto bad_param;
if (pcnt) {
- if (pdisp+pcnt >= tpscnt)
+ if (pdisp+pcnt > tpscnt)
goto bad_param;
if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt))
goto bad_param;
}
if (dcnt) {
- if (ddisp+dcnt >= tdscnt)
+ if (ddisp+dcnt > tdscnt)
goto bad_param;
if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt))
goto bad_param;