Index: smbd/oplock.c
===================================================================
--- smbd/oplock.c	(Revision 12836)
+++ smbd/oplock.c	(Arbeitskopie)
@@ -370,7 +370,8 @@
 static void process_oplock_break_message(int msg_type, struct process_id src,
 					 void *buf, size_t len)
 {
-	struct share_mode_entry *msg = buf;
+	struct share_mode_entry mymsg;
+	struct share_mode_entry *msg = &mymsg;
 	files_struct *fsp;
 	char *break_msg;
 	BOOL break_to_level2 = False;
@@ -386,6 +387,8 @@
 		return;
 	}
 
+	memcpy(&mymsg, buf, sizeof(mymsg));
+
 	DEBUG(10, ("Got oplock break message from pid %d: %d/%d/%d\n",
 		   (int)procid_to_pid(&src), (int)msg->dev, (int)msg->inode,
 		   (int)msg->share_file_id));
@@ -490,7 +493,8 @@
 static void process_kernel_oplock_break(int msg_type, struct process_id src,
 					void *buf, size_t len)
 {
-	struct kernel_oplock_message *msg = buf;
+	struct kernel_oplock_message mymsg;
+	struct kernel_oplock_message *msg = &mymsg;
 	files_struct *fsp;
 	char *break_msg;
 	BOOL sign_state;
@@ -505,6 +509,8 @@
 		return;
 	}
 
+	memcpy(&mymsg, buf, sizeof(mymsg));
+
 	DEBUG(10, ("Got kernel oplock break message from pid %d: %d/%d/%d\n",
 		   (int)procid_to_pid(&src), (int)msg->dev, (int)msg->inode,
 		   (int)msg->file_id));
@@ -569,7 +575,8 @@
 static void process_oplock_break_response(int msg_type, struct process_id src,
 					  void *buf, size_t len)
 {
-	struct share_mode_entry *msg = buf;
+	struct share_mode_entry mymsg;
+	struct share_mode_entry *msg = &mymsg;
 
 	if (buf == NULL) {
 		DEBUG(0, ("Got NULL buffer\n"));
@@ -581,6 +588,8 @@
 		return;
 	}
 
+	memcpy(&mymsg, buf, sizeof(mymsg));
+
 	DEBUG(10, ("Got oplock break response from pid %d: %d/%d/%d mid %d\n",
 		   (int)procid_to_pid(&src), (int)msg->dev, (int)msg->inode,
 		   (int)msg->share_file_id, (int)msg->op_mid));
@@ -592,7 +601,8 @@
 static void process_open_retry_message(int msg_type, struct process_id src,
 				       void *buf, size_t len)
 {
-	struct share_mode_entry *msg = buf;
+	struct share_mode_entry mymsg;
+	struct share_mode_entry *msg = &mymsg;
 	
 	if (buf == NULL) {
 		DEBUG(0, ("Got NULL buffer\n"));
@@ -604,6 +614,8 @@
 		return;
 	}
 
+	memcpy(&mymsg, buf, sizeof(mymsg));
+
 	DEBUG(10, ("Got open retry msg from pid %d: %d/%d mid %d\n",
 		   (int)procid_to_pid(&src), (int)msg->dev, (int)msg->inode,
 		   (int)msg->op_mid));