Author: jerry Date: 2007-03-19 17:45:13 +0000 (Mon, 19 Mar 2007) New Revision: 21875
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21875 Log: BUG 3275: Patch from Andy Polyakov <[EMAIL PROTECTED]> Relax check for i386 header checks in the PE header of printer driver files. Thus allowing uploading of x64 print drivers from 64bit Windows clients. Modified: branches/SAMBA_3_0/source/include/nt_printing.h branches/SAMBA_3_0/source/printing/nt_printing.c branches/SAMBA_3_0_25/source/include/nt_printing.h branches/SAMBA_3_0_25/source/printing/nt_printing.c Changeset: Modified: branches/SAMBA_3_0/source/include/nt_printing.h =================================================================== --- branches/SAMBA_3_0/source/include/nt_printing.h 2007-03-19 17:02:15 UTC (rev 21874) +++ branches/SAMBA_3_0/source/include/nt_printing.h 2007-03-19 17:45:13 UTC (rev 21875) @@ -386,18 +386,13 @@ #define NE_HEADER_MAJOR_VER_OFFSET 63 /* Portable Executable format */ -#define PE_HEADER_SIZE 248 +#define PE_HEADER_SIZE 24 #define PE_HEADER_SIGNATURE_OFFSET 0 #define PE_HEADER_SIGNATURE 0x00004550 #define PE_HEADER_MACHINE_OFFSET 4 #define PE_HEADER_MACHINE_I386 0x14c #define PE_HEADER_NUMBER_OF_SECTIONS 6 -#define PE_HEADER_MAJOR_OS_VER_OFFSET 64 -#define PE_HEADER_MINOR_OS_VER_OFFSET 66 -#define PE_HEADER_MAJOR_IMG_VER_OFFSET 68 -#define PE_HEADER_MINOR_IMG_VER_OFFSET 70 -#define PE_HEADER_MAJOR_SS_VER_OFFSET 72 -#define PE_HEADER_MINOR_SS_VER_OFFSET 74 +#define PE_HEADER_OPTIONAL_HEADER_SIZE 20 #define PE_HEADER_SECT_HEADER_SIZE 40 #define PE_HEADER_SECT_NAME_OFFSET 0 #define PE_HEADER_SECT_SIZE_DATA_OFFSET 16 Modified: branches/SAMBA_3_0/source/printing/nt_printing.c =================================================================== --- branches/SAMBA_3_0/source/printing/nt_printing.c 2007-03-19 17:02:15 UTC (rev 21874) +++ branches/SAMBA_3_0/source/printing/nt_printing.c 2007-03-19 17:45:13 UTC (rev 21875) @@ -1036,13 +1036,12 @@ char *buf = NULL; ssize_t byte_count; - if ((buf=(char *)SMB_MALLOC(PE_HEADER_SIZE)) == NULL) { - DEBUG(0,("get_file_version: PE file [%s] PE Header malloc failed bytes = %d\n", - fname, PE_HEADER_SIZE)); + if ((buf=(char *)SMB_MALLOC(DOS_HEADER_SIZE)) == NULL) { + DEBUG(0,("get_file_version: PE file [%s] DOS Header malloc failed bytes = %d\n", + fname, DOS_HEADER_SIZE)); goto error_exit; } - /* Note: DOS_HEADER_SIZE < malloc'ed PE_HEADER_SIZE */ if ((byte_count = vfs_read_data(fsp, buf, DOS_HEADER_SIZE)) < DOS_HEADER_SIZE) { DEBUG(3,("get_file_version: File [%s] DOS header too short, bytes read = %lu\n", fname, (unsigned long)byte_count)); @@ -1064,7 +1063,8 @@ goto no_version_info; } - if ((byte_count = vfs_read_data(fsp, buf, PE_HEADER_SIZE)) < PE_HEADER_SIZE) { + /* Note: DOS_HEADER_SIZE and NE_HEADER_SIZE are incidentally same */ + if ((byte_count = vfs_read_data(fsp, buf, NE_HEADER_SIZE)) < NE_HEADER_SIZE) { DEBUG(3,("get_file_version: File [%s] Windows header too short, bytes read = %lu\n", fname, (unsigned long)byte_count)); /* Assume this isn't an error... the file just looks sort of like a PE/NE file */ @@ -1075,13 +1075,13 @@ if (IVAL(buf,PE_HEADER_SIGNATURE_OFFSET) == PE_HEADER_SIGNATURE) { unsigned int num_sections; unsigned int section_table_bytes; - - if (SVAL(buf,PE_HEADER_MACHINE_OFFSET) != PE_HEADER_MACHINE_I386) { - DEBUG(3,("get_file_version: PE file [%s] wrong machine = 0x%x\n", - fname, SVAL(buf,PE_HEADER_MACHINE_OFFSET))); - /* At this point, we assume the file is in error. It still could be somthing - * else besides a PE file, but it unlikely at this point. - */ + + /* Just skip over optional header to get to section table */ + if (SMB_VFS_LSEEK(fsp, fsp->fh->fd, + SVAL(buf,PE_HEADER_OPTIONAL_HEADER_SIZE)-(NE_HEADER_SIZE-PE_HEADER_SIZE), + SEEK_CUR) == (SMB_OFF_T)-1) { + DEBUG(3,("get_file_version: File [%s] Windows optional header too short, errno = %d\n", + fname, errno)); goto error_exit; } Modified: branches/SAMBA_3_0_25/source/include/nt_printing.h =================================================================== --- branches/SAMBA_3_0_25/source/include/nt_printing.h 2007-03-19 17:02:15 UTC (rev 21874) +++ branches/SAMBA_3_0_25/source/include/nt_printing.h 2007-03-19 17:45:13 UTC (rev 21875) @@ -386,18 +386,13 @@ #define NE_HEADER_MAJOR_VER_OFFSET 63 /* Portable Executable format */ -#define PE_HEADER_SIZE 248 +#define PE_HEADER_SIZE 24 #define PE_HEADER_SIGNATURE_OFFSET 0 #define PE_HEADER_SIGNATURE 0x00004550 #define PE_HEADER_MACHINE_OFFSET 4 #define PE_HEADER_MACHINE_I386 0x14c #define PE_HEADER_NUMBER_OF_SECTIONS 6 -#define PE_HEADER_MAJOR_OS_VER_OFFSET 64 -#define PE_HEADER_MINOR_OS_VER_OFFSET 66 -#define PE_HEADER_MAJOR_IMG_VER_OFFSET 68 -#define PE_HEADER_MINOR_IMG_VER_OFFSET 70 -#define PE_HEADER_MAJOR_SS_VER_OFFSET 72 -#define PE_HEADER_MINOR_SS_VER_OFFSET 74 +#define PE_HEADER_OPTIONAL_HEADER_SIZE 20 #define PE_HEADER_SECT_HEADER_SIZE 40 #define PE_HEADER_SECT_NAME_OFFSET 0 #define PE_HEADER_SECT_SIZE_DATA_OFFSET 16 Modified: branches/SAMBA_3_0_25/source/printing/nt_printing.c =================================================================== --- branches/SAMBA_3_0_25/source/printing/nt_printing.c 2007-03-19 17:02:15 UTC (rev 21874) +++ branches/SAMBA_3_0_25/source/printing/nt_printing.c 2007-03-19 17:45:13 UTC (rev 21875) @@ -1036,13 +1036,12 @@ char *buf = NULL; ssize_t byte_count; - if ((buf=(char *)SMB_MALLOC(PE_HEADER_SIZE)) == NULL) { - DEBUG(0,("get_file_version: PE file [%s] PE Header malloc failed bytes = %d\n", - fname, PE_HEADER_SIZE)); + if ((buf=(char *)SMB_MALLOC(DOS_HEADER_SIZE)) == NULL) { + DEBUG(0,("get_file_version: PE file [%s] DOS Header malloc failed bytes = %d\n", + fname, DOS_HEADER_SIZE)); goto error_exit; } - /* Note: DOS_HEADER_SIZE < malloc'ed PE_HEADER_SIZE */ if ((byte_count = vfs_read_data(fsp, buf, DOS_HEADER_SIZE)) < DOS_HEADER_SIZE) { DEBUG(3,("get_file_version: File [%s] DOS header too short, bytes read = %lu\n", fname, (unsigned long)byte_count)); @@ -1064,7 +1063,8 @@ goto no_version_info; } - if ((byte_count = vfs_read_data(fsp, buf, PE_HEADER_SIZE)) < PE_HEADER_SIZE) { + /* Note: DOS_HEADER_SIZE and NE_HEADER_SIZE are incidentally same */ + if ((byte_count = vfs_read_data(fsp, buf, NE_HEADER_SIZE)) < NE_HEADER_SIZE) { DEBUG(3,("get_file_version: File [%s] Windows header too short, bytes read = %lu\n", fname, (unsigned long)byte_count)); /* Assume this isn't an error... the file just looks sort of like a PE/NE file */ @@ -1075,13 +1075,13 @@ if (IVAL(buf,PE_HEADER_SIGNATURE_OFFSET) == PE_HEADER_SIGNATURE) { unsigned int num_sections; unsigned int section_table_bytes; - - if (SVAL(buf,PE_HEADER_MACHINE_OFFSET) != PE_HEADER_MACHINE_I386) { - DEBUG(3,("get_file_version: PE file [%s] wrong machine = 0x%x\n", - fname, SVAL(buf,PE_HEADER_MACHINE_OFFSET))); - /* At this point, we assume the file is in error. It still could be somthing - * else besides a PE file, but it unlikely at this point. - */ + + /* Just skip over optional header to get to section table */ + if (SMB_VFS_LSEEK(fsp, fsp->fh->fd, + SVAL(buf,PE_HEADER_OPTIONAL_HEADER_SIZE)-(NE_HEADER_SIZE-PE_HEADER_SIZE), + SEEK_CUR) == (SMB_OFF_T)-1) { + DEBUG(3,("get_file_version: File [%s] Windows optional header too short, errno = %d\n", + fname, errno)); goto error_exit; }
