If a session expires during a compound request chain,
we exit smbd_smb2_request_dispatch() with
'return smbd_smb2_request_error(req, ...)' before
calling smbd_smb2_request_dispatch_update_counts().
As req->request_counters_updated was only reset
within smbd_smb2_request_dispatch_update_counts(),
smbd_smb2_request_reply_update_counts() was called
twice on the same request, which triggers
SMB_ASSERT(op->request_count > 0);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
87e25cd1e45bfe57292b62ffc44ddafc01c61ca0)
bool update_open = false;
NTSTATUS status = NT_STATUS_OK;
- req->request_counters_updated = false;
+ SMB_ASSERT(!req->request_counters_updated);
if (xconn->protocol < PROTOCOL_SMB2_22) {
return NT_STATUS_OK;
DO_PROFILE_INC(request);
+ SMB_ASSERT(!req->request_counters_updated);
+
/* TODO: verify more things */
flags = IVAL(inhdr, SMB2_HDR_FLAGS);
return;
}
+ req->request_counters_updated = false;
+
if (xconn->protocol < PROTOCOL_SMB2_22) {
return;
}
projects / thirdparty / samba.git / commitdiff
