From: Jeremy Allison Date: Thu, 12 Jul 2018 19:18:50 +0000 (-0700) Subject: s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file. X-Git-Tag: samba-4.7.10~28 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80c7e284afadec4dc346248b1242b771b050f7da;p=thirdparty%2Fsamba.git s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file. We were always asking for SPLICE_BLOCK_SIZE even when the remaining bytes we wanted were smaller than that. This works when using cli_splice() on a complete file, as the cli_read() terminated the read at the right place. We always have the space to read SPLICE_BLOCK_SIZE bytes so this isn't an overflow. Found by Bailey Berro BUG: https://bugzilla.samba.org/show_bug.cgi?id=13527 Signed-off-by: Bailey Berro Reviewed-by: Jeremy Allison Reviewed-by: David Disseldorp Autobuild-User(master): David Disseldorp Autobuild-Date(master): Fri Jul 13 14:57:14 CEST 2018 on sn-devel-144 (cherry picked from commit c9656fd2977557ab20ec4e3d87c385a9b2f1bf43) --- diff --git a/selftest/knownfail b/selftest/knownfail index 85ed2f40abc..01b6b3aff5b 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -16,8 +16,6 @@ ^samba3.*rap.sam.*.useradd # Not provided by Samba 3 ^samba3.*rap.sam.*.userdelete # Not provided by Samba 3 ^samba3.libsmbclient.opendir # This requires a workgroup called 'WORKGROUP' and for netbios browse lists to have been registered -^samba3.smbtorture_s3.plain\(fileserver\).CLI_SPLICE -^samba3.smbtorture_s3.plain\(ad_dc_ntvfs\).CLI_SPLICE # see bug 8412 ^samba3.smb2.rename.*.simple_nodelete ^samba3.smb2.rename.*.no_share_delete_no_delete_access diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index 00ee09ece89..67870d8c40b 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -1462,8 +1462,10 @@ static NTSTATUS cli_splice_fallback(TALLOC_CTX *frame, *written = 0; while (remaining) { + size_t to_read = MIN(remaining, SPLICE_BLOCK_SIZE); + status = cli_read(srccli, src_fnum, - (char *)buf, src_offset, SPLICE_BLOCK_SIZE, + (char *)buf, src_offset, to_read, &nread); if (!NT_STATUS_IS_OK(status)) { return status;