]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3dadbb3)
libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
authorDan Robertson <drobertson@tripwire.com>
Thu, 22 Feb 2018 20:47:11 +0000 (20:47 +0000)
committerStefan Metzmacher <metze@samba.org>
Thu, 8 Mar 2018 20:55:23 +0000 (21:55 +0100)
When the connection protocol is SMB2 the tid from the smb1 member is
used instead of smb2 in cli_state_set_tid which often results in a null
deref.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310

Signed-off-by: Dan Robertson <drobertson@tripwire.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b67ffaf518c971817b167b41bf6226cddfdcfd2f)

source3/libsmb/clientgen.c patch | blob | blame | history

diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index e675f95af60e7552c814bee58d54f2626b633483..305f56741bcfb89765d93abaf37fdf781f512190 100644 (file)
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -384,7 +384,7 @@ uint32_t cli_state_set_tid(struct cli_state *cli, uint32_t tid)
        uint32_t ret;
        if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
                ret = smb2cli_tcon_current_id(cli->smb2.tcon);
-               smb2cli_tcon_set_id(cli->smb1.tcon, tid);
+               smb2cli_tcon_set_id(cli->smb2.tcon, tid);
        } else {
                ret = smb1cli_tcon_current_id(cli->smb1.tcon);
                smb1cli_tcon_set_id(cli->smb1.tcon, tid);
Mirror of https://github.com/samba-team/samba.git