From 031952fd2703daa6783be9602dffa8a3f50aa0d4 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 24 Jun 2011 08:54:02 +0200 Subject: [PATCH] s3:smb2_ioctl/FSCTL_PIPE_TRANSCEIVE: generate STATUS_BUFFER_OVERFLOW if needed (bug #8260) This should fix DCERPC responses with fragments larger than 1024 bytes. metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Fri Jun 24 11:25:36 CEST 2011 on sn-devel-104 (cherry picked from commit 2bb325ad913c1cff88faab55102cef75d14c04a6) --- source3/smbd/smb2_ioctl.c | 5 +++++ source3/smbd/smb2_read.c | 5 +++++ 2 files changed, 10 insertions(+), 0 deletions(-) diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c index 21cc1be..88775b4 100644 --- a/source3/smbd/smb2_ioctl.c +++ b/source3/smbd/smb2_ioctl.c @@ -589,6 +589,11 @@ static void smbd_smb2_ioctl_pipe_read_done(struct tevent_req *subreq) state->out_output.length = nread; + if (is_data_outstanding) { + tevent_req_nterror(req, STATUS_BUFFER_OVERFLOW); + return; + } + tevent_req_done(req); } diff --git a/source3/smbd/smb2_read.c b/source3/smbd/smb2_read.c index 6850d3d..a88781e 100644 --- a/source3/smbd/smb2_read.c +++ b/source3/smbd/smb2_read.c @@ -575,6 +575,11 @@ static void smbd_smb2_read_pipe_done(struct tevent_req *subreq) state->out_data.length = nread; state->out_remaining = 0; + /* + * TODO: add STATUS_BUFFER_OVERFLOW handling, once we also + * handle it in SMB1 pipe_read_andx_done(). + */ + tevent_req_done(req); } -- 1.7.4.1