svn commit: samba r8783 - in trunk/source/smbd: .

Tue, 26 Jul 2005 11:04:20 -0700 

Author: jra
Date: 2005-07-26 18:04:03 +0000 (Tue, 26 Jul 2005)
New Revision: 8783

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8783

Log:
Fix bug #2918. The problem was using Inbuffer to push a deferred open message 
onto the queue
when we're in a chained message set - we're actually processing a different
buffer then. Added current_inbuf as a static inside smbd/process.c to ensure the
correct message gets pushed and processed.
Jeremy.

Modified:
   trunk/source/smbd/process.c


Changeset:
Modified: trunk/source/smbd/process.c
===================================================================
--- trunk/source/smbd/process.c 2005-07-26 17:58:53 UTC (rev 8782)
+++ trunk/source/smbd/process.c 2005-07-26 18:04:03 UTC (rev 8783)
@@ -29,6 +29,7 @@
 
 static char *InBuffer = NULL;
 static char *OutBuffer = NULL;
+static char *current_inbuf = NULL;
 
 /* 
  * Size of data we can send to client. Set
@@ -236,7 +237,7 @@
                                    SMB_BIG_INT usec_timeout,
                                    char *private_data, size_t priv_len)
 {
-       uint16 mid = SVAL(InBuffer,smb_mid);
+       uint16 mid = SVAL(current_inbuf,smb_mid);
        struct timeval tv;
        SMB_BIG_INT tdif;
 
@@ -252,11 +253,11 @@
        tv.tv_usec = tdif % 1000000;
        
        DEBUG(10,("push_deferred_open_smb_message: pushing message len %u mid 
%u\
- timeout time [%u.%06u]\n", (unsigned int) smb_len(InBuffer)+4, (unsigned 
int)mid,
+ timeout time [%u.%06u]\n", (unsigned int) smb_len(current_inbuf)+4, (unsigned 
int)mid,
                (unsigned int)tv.tv_sec, (unsigned int)tv.tv_usec));
 
-       return push_queued_message(SHARE_VIOLATION_QUEUE, InBuffer,
-                       smb_len(InBuffer)+4, &tv, private_data, priv_len);
+       return push_queued_message(SHARE_VIOLATION_QUEUE, current_inbuf,
+                       smb_len(current_inbuf)+4, &tv, private_data, priv_len);
 }
 
 /****************************************************************************
@@ -968,6 +969,7 @@
                                !check_access(smbd_server_fd(), 
lp_hostsallow(-1), lp_hostsdeny(-1))))
                        return(ERROR_DOS(ERRSRV,ERRaccess));
 
+               current_inbuf = inbuf; /* In case we need to defer this message 
in open... */
                outsize = smb_messages[type].fn(conn, 
inbuf,outbuf,size,bufsize);
        }

Reply via email to