CVE-2015-5370: s4:rpc_server: set alloc_hint = 24 in dcesrv_fault()

This matches a Windows 2012R2 server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source4/rpc_server/common/reply.c b/source4/rpc_server/common/reply.c
index 5d76f4c17492320bd56a77a3dc84d607e1e5eec1..9bbd62319b49e60fd9646ecd2cc4aab710823bd1 100644 (file)
--- a/source4/rpc_server/common/reply.c
+++ b/source4/rpc_server/common/reply.c
@@ -110,7 +110,7 @@ NTSTATUS dcesrv_fault(struct dcesrv_call_state *call, uint32_t fault_code)
        pkt.call_id = call->pkt.call_id;
        pkt.ptype = DCERPC_PKT_FAULT;
        pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST;
-       pkt.u.fault.alloc_hint = 0;
+       pkt.u.fault.alloc_hint = 24;
        pkt.u.fault.context_id = 0;
        pkt.u.fault.cancel_count = 0;
        pkt.u.fault.status = fault_code;