From 4ced6b5f3efdce5fe934913b4c0f942356292031 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Thu, 25 May 2006 00:06:48 +0000 Subject: [PATCH] STABLE14-windows-smb-mods-20060524 Prevent smb_FindVCP from returning dead virtual circuits Treat "*." as an alias for "all" (cherry picked from commit b753ef7265b1970d1e38f3c65532af929102e1d6) --- src/WINNT/afsd/smb.c | 13 ++++++------- src/WINNT/afsd/smb3.c | 10 +++++++--- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c index 4340f3239..c59fca464 100644 --- a/src/WINNT/afsd/smb.c +++ b/src/WINNT/afsd/smb.c @@ -809,7 +809,8 @@ smb_vc_t *smb_FindVC(unsigned short lsn, int flags, int lana) osi_panic("afsd: invalid smb_vc_t detected in smb_allVCsp", __FILE__, __LINE__); - if (lsn == vcp->lsn && lana == vcp->lana) { + if (lsn == vcp->lsn && lana == vcp->lana && + !(vcp->flags & SMB_VCFLAG_ALREADYDEAD)) { smb_HoldVCNoLock(vcp); break; } @@ -1047,10 +1048,6 @@ void smb_CleanupDeadVC(smb_vc_t *vcp) uidpNext = vcp->usersp; } - lock_ObtainMutex(&vcp->mx); - vcp->flags &= ~SMB_VCFLAG_CLEAN_IN_PROGRESS; - lock_ReleaseMutex(&vcp->mx); - /* The vcp is now on the deadVCsp list. We intentionally drop the * reference so that the refcount can reach 0 and we can delete it */ smb_ReleaseVCNoLock(vcp); @@ -7861,6 +7858,8 @@ void smb_Server(VOID *parmp) * then we are in big trouble. This means either : * a) we have the wrong NCB. * b) Netbios screwed up the call. + * c) The VC was already marked dead before we were able to + * process the call * Obviously this implies that * ( LSNs[idx_session] != ncbp->ncb_lsn || * lanas[idx_session] != ncbp->ncb_lana_num ) @@ -7873,7 +7872,7 @@ void smb_Server(VOID *parmp) char *ptbuf[1]; sprintf(buf, - "Bad vcp!! : " + "vcp does not exist!! : " "LSNs[idx_session]=[%d]," "lanas[idx_session]=[%d]," "ncbp->ncb_lsn=[%d]," @@ -7892,7 +7891,7 @@ void smb_Server(VOID *parmp) } /* Also log in the trace log. */ - osi_Log4(smb_logp, "Server: BAD VCP!" + osi_Log4(smb_logp, "Server: VCP does not exist!" "LSNs[idx_session]=[%d]," "lanas[idx_session]=[%d]," "ncbp->ncb_lsn=[%d]," diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c index a7ede8ae9..ce69bc8b4 100644 --- a/src/WINNT/afsd/smb3.c +++ b/src/WINNT/afsd/smb3.c @@ -1029,6 +1029,8 @@ long smb_ReceiveV3TreeConnectX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *o tidp = smb_FindTID(vcp, newTid, SMB_FLAG_CREATE); if (!ipc) { + if (!strcmp(shareName, "*.")) + strcpy(shareName, "all"); uidp = smb_FindUID(vcp, ((smb_t *)inp)->uid, 0); shareFound = smb_FindShare(vcp, uidp, shareName, &sharePath); if (uidp) @@ -1599,7 +1601,8 @@ long smb_ReceiveRAPNetShareEnum(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_packet_ for (i=0; i < nRegShares && cshare < nSharesRet; i++) { len = sizeof(thisShare); rv = RegEnumValue(hkSubmount, i, thisShare, &len, NULL, NULL, NULL, NULL); - if (rv == ERROR_SUCCESS && strlen(thisShare) && (!allSubmount || stricmp(thisShare,"all"))) { + if (rv == ERROR_SUCCESS && strlen(thisShare) && + (!allSubmount || (stricmp(thisShare,"all") && strcmp(thisShare,"*.")))) { strncpy(shares[cshare].shi1_netname, thisShare, sizeof(shares->shi1_netname)-1); shares[cshare].shi1_netname[sizeof(shares->shi1_netname)-1] = 0; /* unfortunate truncation */ shares[cshare].shi1_remark = cstrp - outp->datap; @@ -1685,7 +1688,7 @@ long smb_ReceiveRAPNetShareGetInfo(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_pack outp = smb_GetTran2ResponsePacket(vcp, p, op, totalParam, totalData); - if(!stricmp(shareName,"all")) { + if(!stricmp(shareName,"all") || !strcmp(shareName,"*.")) { rv = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_SVC_PARAM_SUBKEY, 0, KEY_QUERY_VALUE, &hkParam); if (rv == ERROR_SUCCESS) { @@ -3248,7 +3251,8 @@ smb_ReceiveTran2GetDFSReferral(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_packet_t requestFileName[0] == '\\' && !_strnicmp(cm_NetbiosName,&requestFileName[1],nbnLen) && requestFileName[nbnLen+1] == '\\' && - !_strnicmp("all",&requestFileName[nbnLen+2],3)) + (!_strnicmp("all",&requestFileName[nbnLen+2],3) || + !_strnicmp("*.",&requestFileName[nbnLen+2],2))) { USHORT * sp; struct smb_v2_referral * v2ref; -- 2.39.5