--- smbd/notify.c.orig 2014-05-27 04:02:44.646017469 -0700 +++ smbd/notify.c 2014-05-27 04:19:18.831606140 -0700 @@ -66,7 +66,7 @@ static bool notify_marshall_changes(int struct notify_change *changes, DATA_BLOB *final_blob) { - int i; + int i, ualign_size=0; if (num_changes == -1) { return false; @@ -92,6 +92,9 @@ static bool notify_marshall_changes(int m.Action = c->action; m.NextEntryOffset = (i == num_changes-1) ? 0 : ndr_size_FILE_NOTIFY_INFORMATION(&m, 0); + ualign_size += 12; /* NextEntryOffset(4) + Action(4) + FileNameLength(4) */ + ualign_size += m.FileNameLength; + /* * Offset to next entry, only if there is one */ @@ -114,7 +117,8 @@ static bool notify_marshall_changes(int data_blob_free(&blob); - if (final_blob->length > max_offset) { + /* Compare unaligned notify information size against max offset */ + if (ualign_size > max_offset) { /* Too much data for client. */ DEBUG(10, ("Client only wanted %d bytes, trying to " "marshall %d bytes\n", (int)max_offset,