Skip to content
Permalink
Browse files Browse the repository at this point in the history
(for 4.9.3) SMB: Add two missing bounds checks
  • Loading branch information
fxlb committed Aug 27, 2019
1 parent 689c6e6 commit 96480ab
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions print-smb.c
Expand Up @@ -371,16 +371,21 @@ print_trans(netdissect_options *ndo,
ND_PRINT((ndo, "smb_bcc=%u\n", bcc));
if (bcc > 0) {
smb_fdata(ndo, data1 + 2, f2, maxbuf - (paramlen + datalen), unicodestr);

if (strcmp((const char *)(data1 + 2), "\\MAILSLOT\\BROWSE") == 0) {
#define MAILSLOT_BROWSE_STR "\\MAILSLOT\\BROWSE"
ND_TCHECK2(*(data1 + 2), strlen(MAILSLOT_BROWSE_STR) + 1);
if (strcmp((const char *)(data1 + 2), MAILSLOT_BROWSE_STR) == 0) {
print_browse(ndo, param, paramlen, data, datalen);
return;
}
#undef MAILSLOT_BROWSE_STR

if (strcmp((const char *)(data1 + 2), "\\PIPE\\LANMAN") == 0) {
#define PIPE_LANMAN_STR "\\PIPE\\LANMAN"
ND_TCHECK2(*(data1 + 2), strlen(PIPE_LANMAN_STR) + 1);
if (strcmp((const char *)(data1 + 2), PIPE_LANMAN_STR) == 0) {
print_ipc(ndo, param, paramlen, data, datalen);
return;
}
#undef PIPE_LANMAN_STR

if (paramlen)
smb_fdata(ndo, param, f3, min(param + paramlen, maxbuf), unicodestr);
Expand Down

0 comments on commit 96480ab

Please sign in to comment.