Commit e6b73849 authored by Robert Sprowson's avatar Robert Sprowson
Browse files

Fix for truncating writes to servers that declare MaxBufferSize >= 64k smb.c,...

Fix for truncating writes to servers that declare MaxBufferSize >= 64k smb.c, lines 2726 onwards: when chopping up the next buffer, make sure the size sent still fits in the SMB_COM_WRITE count field (16 bits). For completeness, make sure the estimate of bytes remaining is similarly saturated too.

smb.c, lines 2711-2713: cifs-v1-spec-02 section 5.27 says the server always expects to receive up to 65535 bytes, so this test should not be subject to the negotiated MaxBufferSize, and is expected to often exceed it. Currently we use 32k, if this is ever increased we really ought to take into account MaxRawSize that the server tells us.

Tested with a handful of files of power-of-2 sizes and odd sizes. Inspection in Wireshark looks OK. Variation of a diagnosis by Will Ling https://www.riscosopen.org/forum/forums/4/topics/8966

Version 2.59. Tagged as 'LanManFS-2_59'
parent f5f7b48f
/* (2.58)
/* (2.59)
*
* This file is automatically maintained by srccommit, do not edit manually.
* Last processed by srccommit version: 1.1.
*
*/
#define Module_MajorVersion_CMHG 2.58
#define Module_MajorVersion_CMHG 2.59
#define Module_MinorVersion_CMHG
#define Module_Date_CMHG 23 Oct 2016
#define Module_Date_CMHG 21 Jan 2017
#define Module_MajorVersion "2.58"
#define Module_Version 258
#define Module_MajorVersion "2.59"
#define Module_Version 259
#define Module_MinorVersion ""
#define Module_Date "23 Oct 2016"
#define Module_Date "21 Jan 2017"
#define Module_ApplicationDate "23-Oct-16"
#define Module_ApplicationDate "21-Jan-17"
#define Module_ComponentName "LanManFS"
#define Module_ComponentPath "castle/RiscOS/Sources/Networking/Omni/Protocols/LanManFS"
#define Module_FullVersion "2.58"
#define Module_HelpVersion "2.58 (23 Oct 2016)"
#define Module_LibraryVersionInfo "2:58"
#define Module_FullVersion "2.59"
#define Module_HelpVersion "2.59 (21 Jan 2017)"
#define Module_LibraryVersionInfo "2:59"
......@@ -2688,7 +2688,7 @@ err_t SMB_Write ( int FH, uint offset, uint len, BYTE *where,
uint *pOutLen )
{
BUFCHAIN pB;
uint len_left, n_written;
uint len_left, n_written, n_count;
int fid;
hSHARE hS;
......@@ -2705,9 +2705,9 @@ err_t SMB_Write ( int FH, uint offset, uint len, BYTE *where,
if ( hS->hServer->ProtFlags & PROT_WRITERAW )
{
while ( len_left > hS->hServer->maxTxBufferSize )
while ( len_left >= WRRAW_BLOCK_SIZE )
{
n_written = min(len_left,WRRAW_BLOCK_SIZE);
n_written = WRRAW_BLOCK_SIZE;
res = SMB_WriteRaw ( hS, fid, offset, n_written, where );
if ( res != OK )
goto finish;
......@@ -2720,14 +2720,14 @@ err_t SMB_Write ( int FH, uint offset, uint len, BYTE *where,
while ( len_left > 0 )
{
n_written = min(len_left, hS->hServer->maxTxBufferSize);
n_count = min(0xFFFF, min(len_left, hS->hServer->maxTxBufferSize));
SMB_TxWords[0] = fid;
SMB_TxWords[1] = n_written;
SMB_TxWords[2] = offset & 0xFFFF;
SMB_TxWords[3] = (offset >> 16 );
SMB_TxWords[4] = (len_left);
SMB_TxWords[1] = n_count;
SMB_TxWords[2] = (WORD)offset;
SMB_TxWords[3] = (WORD)(offset >> 16);
SMB_TxWords[4] = min(0xFFFF, len_left); /* Estimate of remainder */
pB = MkDataBlock ( NULL, DATA_BLOCK, where, n_written, true );
pB = MkDataBlock ( NULL, DATA_BLOCK, where, n_count, true );
if ( pB == NULL )
{
res = EOUTOFMEM;
......@@ -2743,7 +2743,7 @@ err_t SMB_Write ( int FH, uint offset, uint len, BYTE *where,
where += n_written;
offset += n_written;
if ( n_written < hS->hServer->maxTxBufferSize ) /* End of data */
if ( n_written < n_count ) /* Server has insufficient resources */
break;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment