From: Volker Lendecke <vl@samba.org>
Date: Sat, 4 May 2024 08:54:27 +0000 (+0200)
Subject: reparse: Tighten reparse point length check
X-Git-Tag: tdb-1.4.11~874
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fafe29a26407237d9742cf135a7db759c88656b6;p=thirdparty%2Fsamba.git

reparse: Tighten reparse point length check

test_create_reparse shows that the length checks need to be precise,
not just checking for overflow.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---

diff --git a/libcli/smb/reparse.c b/libcli/smb/reparse.c
index 49ecc77725d..ab0cf39e8a9 100644
--- a/libcli/smb/reparse.c
+++ b/libcli/smb/reparse.c
@@ -45,7 +45,7 @@ static NTSTATUS reparse_buffer_check(const uint8_t *in_data,
 
 	reparse_data_length = PULL_LE_U16(in_data, 4);
 
-	if (reparse_data_length > (in_len - 8)) {
+	if (reparse_data_length != (in_len - 8)) {
 		DBG_DEBUG("in_len=%zu, reparse_data_length=%" PRIu16 "\n",
 			  in_len,
 			  reparse_data_length);