IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The creating of replicated objects without their parent object allows database corruption as they can end up under
the wrong object. We need to re-try the replication with the DRSUAPI_DRS_GET_ANC flag
set to get the objects in tree order.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This avoids re-adding the same code in repl_meta_data or making a shared subroutine
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
This avoids fetching it over and over again
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 6 12:25:14 CEST 2016 on sn-devel-144
This makes us replicate the schema, and then go back to what we asked to replicate
originally, when the schema changes. This should make the replication much more
robust after schema changes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Older Samba versions could delete this. This patch tries very hard
to put back the original object, with the original GUID, so that
if another replica has the correct container, that we just merge
rather than conflict.
The existing "wrong dn" check can then put any deleted objects
under this container correctly.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This causes the version number in replPropertyMetaData to be
incorrectly bumped twice, because it is implied by not being in the
list of attributes to be preserved.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This avoids a segfault when we remove the duplication of this value from dsdb_convert_object_ex()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
The tests that invoke --local will not pass, naturally, but otherwise it works
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This is needed so that we get parents before children.
We need this to ensure that we always know the correct parent for a
new child object, rather than just trusting the DN string
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
We know which NC this is in, so save searching all the backends.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
When we were processing an EXOP, we would pass in a DN specific to that
operation, but this stopped repl_meta_data from finding the parent object
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
On windows, the RDN is not sorted last. Additionally, the check should have been
against dsdb_attribute_get_attid(), not just ->attributeID_id
By including this in earlier versions of Samba, we allow a backport of Samba
databases from Samba 4.5, where this will be sorted in the same way
as Windows 2012R2.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11842
The urgent_replication.py test used the OID of uid, and this caused
other tests to fail
The other random OIDs should have been from under our arc, not under
iso.member-body.us
We split up the range a little to avoid some of the birthday paradox,
in the tests that create multiple OIDs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Jun 3 11:02:26 CEST 2016 on sn-devel-144
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We would build, but not use, many components of the NTVFS file server
even when we asked not to. They would then consume disk, but not be
of any use
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Jun 2 16:35:35 CEST 2016 on sn-devel-144
In case of a wrong realm in a cross forest trust we return early with
just the realm corrected. We need to parse a kdb entry but do not have
all information available. So skip creating the kmod.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
If we return because of a wrong realm in a cross forest trust case, we
do not have a skdc_entry allocated.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
These things are applied by the incoming ticket by the KDC.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This is a preperatory test to add tests for the MIT KDC.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Following from the lesson of subtree_rename, do the rename first,
as this is more likely to fail for some reason
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 1 14:01:36 CEST 2016 on sn-devel-144
Otherwise, we might rename children to be under a different, conflicting, DN.
This would normally be picked up in the transaction rollback, but in replication
the transaction is not aborted for this situation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Our newly run repl_exop tests expect this, matching Windows 2012R2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
samba-too: Allow 'samba-tool fsmo' to cope with empty or missing fsmo roles
Signed-off-by: Rowland Penny <rpenny@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
W2K8 Clients ask for DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2 on DsBind. W2K8
expect this to be set (with server fl 2k8) or else they do not call
DsGetDomainControllerInfo.
If DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2 is set, DsGetDomainControllerInfo
must be able to return DCInfo Level 3.
If Samba4 AD ist set to work as 2k8, with >2k8 clients the following
will not work as expected:
* Group Policy Editor Infrastructure Discovery
* nltest /dclist:<domain>
* w32tm /monitor
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9971
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9976
Signed-off-by: Dirk Godau <voidswitch@gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu May 26 06:21:10 CEST 2016 on sn-devel-144
These are marked as known_fail pending the next patch ("Extend DsBind
and DsGetDomainControllerInfo to work with w2k8").
Signed-off-by: Dirk Godau <voidswitch@gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
The folks at heimdal didn't like the patch in
commit 6379737b7d and insisted
that kvno should remain unsigned internally, even though it is
encoded as signed in packets. This patch reverts some of the
unsigned->signed changes in that commit, and resolves conversion
issues - in order to be aligned with upstream Heimdal.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 24 03:00:39 CEST 2016 on sn-devel-144
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri May 13 03:50:10 CEST 2016 on sn-devel-144
in run_opentest()
While fixing this, also convert to using talloc_asprintf instead.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
As in commit 841845dea3, this avoids
quoting problems in user DN's.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11751
Signed-off-by: Mantas Mikulėnas <grawity@gmail.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This helps us understand failure modes in selftest
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We don't need to walk to the end of the list to find out if the first
one is NULL.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We were calling str_list_length(new_attrs) three times when one is
enough.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This patch changes the encoding/decoding of kvno (key version number)
in blobs and packets to signed integer, for compatibility with Windows.
Reportedly, MIT Kerberos does the same.
This patch effectively reverts commit 1124c4872dfb81bec9c4b527b8927ca35e39a599
in the heimdal tree.
According to the Kerberos spec (RFC 4120 5.2.9), the kvno field
in encrypted data object is an unsigned integer that fits in
32 bits. The Heimdal Kerberos component bundled with Samba
conforms to this. However, Windows deviates from the standard
and encodes kvno as a signed integer, and this creates
interoperability issues.
ASN.1 DER has no special encoding for unsigned integer. A 32-bit
unsigned integer is encoded as a signed integer, so while a signed
32-bit integer (covering the range of -0x80000000..0x7fffffff) is
encoded using up to 4 bytes, an unsigned integer (covering
0..0xffffffff) could require 5 bytes.
Normally, kvno for a given account starts at 1 and increments on
password changes. Kerberos defined this as unsigned because there's
no meaning for negative version numbers, so the standard writers figured
4 billion versions is better than 2 billion. It was not
expected for a kvno to really go past 0x7fffffff and the disctinction
usually does not matter. However, RODCs use kvnos which
have the most-significant bit set.
In Active Directory, RODCs have a private secret for the krbtgt,
because the assumption is that the RODC is less secure, and
recovering the domain krbtgt secret from the RODC would compromise
the security of the entire domain. The kvno field is being used
to identify the private krbtgt account that owns the key - the
upper 16 bits are the RODC id, and the lower 16 bits identify
the key version number for this specific RODC. It's common to
have an RODC id greater than 0x8000, and therefore to have a
kvno larger than 0x7fffffff, which would be DER-encoded using
5 bytes.
Windows encodes kvno as signed integer - basically taking the
32 bits and treating them as a signed integer rather than an
unsigned integer. This means that in Windows a kvno can
always be encoded using 4 bytes, and Windows DCs reject a kvno
encoded using more than 4 bytes without even generating an error
response (the DC assumes it's an attack).
Heimdal re-encodes the TGT when it creates a TGS request. Obviously
it cannot decode and encode the encrypted parts but it does re-encode
the plain parts, which include the kvno. That leads to a 5-byte
kvno in the TGS request, which is rejected without an error
response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11900
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat May 7 21:14:21 CEST 2016 on sn-devel-144
Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This tests what happens with the VLV if the results are subject to
an expression.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The VLV was wrongly returning an operations error when the list of
results was empty.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The new tests show that single and multiple forwarders work as expected.
They also describe the behaviour encountered when the DNS server
encounters a CNAME from a forwarded request (which is not to pursue any
further).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This allows a secondary DNS forwarder for a trivial failover. Requests
which fail/timeout at the primary DNS forwarder will be restarted
entirely with the next forwarder in the list.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Unchecked return value of gnutls_global_init().
Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
There is missing check of status value in
http_auth.c:http_create_auth_request() which can leave values
inside 'DATA_BLOB in' unitialized.
http_auth.c:http_create_auth_request() calls
http_auth.c:http_parse_auth_response() which can return NT_STATUS_NOT_SUPPORTED
and which is not checked by caller and later passed as argument to other functions.
For example:
'DATA_BLOB in' can be passed to
auth/gensec/spnego.c:gensec_spnego_update() later:
...
switch (spnego_state->state_position) {
..
case SPNEGO_SERVER_START:
if (in.length) {
Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
running rpc.dsgetinfo.DsGetReplicaInfo results in the following valgrind
trace
==14966== Invalid read of size 8
==14966== at 0x88B2D5D: dcerpc_binding_handle_call (binding_handle.c:538)
==14966== by 0x978F33B: dcerpc_drsuapi_DsUnbind_r (ndr_drsuapi_c.c:319)
==14966== by 0x2E9F19: torture_dsgetinfo_tcase_teardown (dsgetinfo.c:431)
==14966== by 0x95536EF: internal_torture_run_test (torture.c:452)
==14966== by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==14966== by 0x260074: run_matching (smbtorture.c:110)
==14966== by 0x25FF36: run_matching (smbtorture.c:95)
==14966== by 0x260195: torture_run_named_tests (smbtorture.c:143)
==14966== by 0x261E14: main (smbtorture.c:665)
==14966== Address 0x28 is not stack'd, malloc'd or (recently) free'd
==14966==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Apr 25 14:01:33 CEST 2016 on sn-devel-144
when running smbtorture test
'vfs.fruit.SMB2/CREATE context AAPL.SMB2/CREATE context AAPL'
(on non-osx system) the following valgrind errors occur
==2419== Invalid read of size 8
==2419== at 0x4055EA: test_aapl (fruit.c:1939)
==2419== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==2419== by 0x955368F: internal_torture_run_test (torture.c:442)
==2419== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==2419== by 0x26013F: run_matching (smbtorture.c:110)
==2419== by 0x260001: run_matching (smbtorture.c:95)
==2419== by 0x260001: run_matching (smbtorture.c:95)
==2419== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==2419== by 0x261EDF: main (smbtorture.c:665)
==2419== Address 0x10 is not stack'd, malloc'd or (recently) free'd
==2419==
===============================================================
INTERNAL ERROR: Signal 11 in pid 2419 (4.2.4)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
PANIC: internal error
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test net.api.delshare.api.delshare generates the following
valgrind trace
==29209== Syscall param writev(vector[...]) points to uninitialised byte(s)
==29209== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==29209== by 0x106CB033: writev_handler (async_sock.c:340)
==29209== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==29209== by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==29209== by 0xBC6B4A1: dcerpc_srvsvc_NetShareAdd_r (ndr_srvsvc_c.c:3327)
==29209== by 0x5990D8: test_addshare (libnet_share.c:194)
==29209== by 0x5992D5: torture_delshare (libnet_share.c:228)
==29209== by 0x9553F62: wrap_simple_test (torture.c:632)
==29209== by 0x955368F: internal_torture_run_test (torture.c:442)
==29209== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29209== by 0x26013F: run_matching (smbtorture.c:110)
==29209== by 0x260001: run_matching (smbtorture.c:95)
==29209== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29209== by 0x261EDF: main (smbtorture.c:665)
==29209== Address 0x1887fd16 is 598 bytes inside a block of size 1,325 alloc'd
==29209== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29209== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==29209== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==29209== by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==29209== by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==29209== by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==29209== by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==29209== by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==29209== by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==29209== by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==29209== by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==29209== by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==29209== by 0xBC6B4A1: dcerpc_srvsvc_NetShareAdd_r (ndr_srvsvc_c.c:3327)
==29209== by 0x5990D8: test_addshare (libnet_share.c:194)
==29209== by 0x5992D5: torture_delshare (libnet_share.c:228)
==29209== by 0x9553F62: wrap_simple_test (torture.c:632)
==29209== by 0x955368F: internal_torture_run_test (torture.c:442)
==29209== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29209== by 0x26013F: run_matching (smbtorture.c:110)
==29209== by 0x260001: run_matching (smbtorture.c:95)
==29209== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29209== by 0x261EDF: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test net.domopen.domopen generated the following valgrind
trace.
==29054== Conditional jump or move depends on uninitialised value(s)
==29054== at 0x9788D31: libnet_DomainOpen_send (libnet_domain.c:617)
==29054== by 0x9788E01: libnet_DomainOpen (libnet_domain.c:676)
==29054== by 0x595F5D: test_domainopen (domain.c:41)
==29054== by 0x5961AD: torture_domainopen (domain.c:101)
==29054== by 0x9553F62: wrap_simple_test (torture.c:632)
==29054== by 0x955368F: internal_torture_run_test (torture.c:442)
==29054== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29054== by 0x26013F: run_matching (smbtorture.c:110)
==29054== by 0x260001: run_matching (smbtorture.c:95)
==29054== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29054== by 0x261EDF: main (smbtorture.c:665)
==29054==
==29054== Conditional jump or move depends on uninitialised value(s)
==29054== at 0x9788D95: libnet_DomainOpen_recv (libnet_domain.c:648)
==29054== by 0x9788E1D: libnet_DomainOpen (libnet_domain.c:677)
==29054== by 0x595F5D: test_domainopen (domain.c:41)
==29054== by 0x5961AD: torture_domainopen (domain.c:101)
==29054== by 0x9553F62: wrap_simple_test (torture.c:632)
==29054== by 0x955368F: internal_torture_run_test (torture.c:442)
==29054== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29054== by 0x26013F: run_matching (smbtorture.c:110)
==29054== by 0x260001: run_matching (smbtorture.c:95)
==29054== by 0x260260: torture_run_named_tests (smbtorture.c:143)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.streams.attributes.attributes generates the following
valgrind trace,
==17997== Use of uninitialised value of size 8
==17997== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17997== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17997== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17997== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17997== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17997== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17997== by 0x5B030F3: smb2_close_send (close.c:42)
==17997== by 0x5B0358A: smb2_close (close.c:78)
==17997== by 0x5B087B3: smb2_util_close (util.c:40)
==17997== by 0x521457: test_stream_attributes (streams.c:1750)
==17997== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17997== by 0x955368F: internal_torture_run_test (torture.c:442)
==17997== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17997== by 0x26013F: run_matching (smbtorture.c:110)
==17997== by 0x260001: run_matching (smbtorture.c:95)
==17997== by 0x260001: run_matching (smbtorture.c:95)
==17997== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17997== by 0x261EDF: main (smbtorture.c:665)
==17997==
==17997== Use of uninitialised value of size 8
==17997== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17997== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17997== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17997== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17997== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17997== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17997== by 0x5B030F3: smb2_close_send (close.c:42)
==17997== by 0x5B0358A: smb2_close (close.c:78)
==17997== by 0x5B087B3: smb2_util_close (util.c:40)
==17997== by 0x521457: test_stream_attributes (streams.c:1750)
==17997== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17997== by 0x955368F: internal_torture_run_test (torture.c:442)
==17997== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17997== by 0x26013F: run_matching (smbtorture.c:110)
==17997== by 0x260001: run_matching (smbtorture.c:95)
==17997== by 0x260001: run_matching (smbtorture.c:95)
==17997== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17997== by 0x261EDF: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.streams.rename2.rename2 generates the following valgrind
trace
==17379== Use of uninitialised value of size 8
==17379== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17379== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17379== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17379== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17379== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17379== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17379== by 0x5B030F3: smb2_close_send (close.c:42)
==17379== by 0x5B0358A: smb2_close (close.c:78)
==17379== by 0x5B087B3: smb2_util_close (util.c:40)
==17379== by 0x51FBA7: test_stream_rename2 (streams.c:1381)
==17379== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17379== by 0x955368F: internal_torture_run_test (torture.c:442)
==17379== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17379== by 0x26013F: run_matching (smbtorture.c:110)
==17379== by 0x260001: run_matching (smbtorture.c:95)
==17379== by 0x260001: run_matching (smbtorture.c:95)
==17379== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17379== by 0x261EDF: main (smbtorture.c:665)
==17379==
==17379== Use of uninitialised value of size 8
==17379== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17379== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17379== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17379== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17379== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17379== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17379== by 0x5B030F3: smb2_close_send (close.c:42)
==17379== by 0x5B0358A: smb2_close (close.c:78)
==17379== by 0x5B087B3: smb2_util_close (util.c:40)
==17379== by 0x51FBA7: test_stream_rename2 (streams.c:1381)
==17379== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17379== by 0x955368F: internal_torture_run_test (torture.c:442)
==17379== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17379== by 0x26013F: run_matching (smbtorture.c:110)
==17379== by 0x260001: run_matching (smbtorture.c:95)
==17379== by 0x260001: run_matching (smbtorture.c:95)
==17379== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17379== by 0x261EDF: main (smbtorture.c:665)
==17379==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.streams.names.names generated the following
valgrind trace.
(../source4/torture/smb2/streams.c:791) testing stream names
==17238== Use of uninitialised value of size 8
==17238== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17238== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17238== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17238== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17238== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17238== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17238== by 0x5B030F3: smb2_close_send (close.c:42)
==17238== by 0x5B0358A: smb2_close (close.c:78)
==17238== by 0x5B087B3: smb2_util_close (util.c:40)
==17238== by 0x51E480: test_stream_names (streams.c:1053)
==17238== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17238== by 0x955368F: internal_torture_run_test (torture.c:442)
==17238== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17238== by 0x26013F: run_matching (smbtorture.c:110)
==17238== by 0x260001: run_matching (smbtorture.c:95)
==17238== by 0x260001: run_matching (smbtorture.c:95)
==17238== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17238== by 0x261EDF: main (smbtorture.c:665)
==17238==
==17238== Use of uninitialised value of size 8
==17238== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17238== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17238== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17238== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17238== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17238== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17238== by 0x5B030F3: smb2_close_send (close.c:42)
==17238== by 0x5B0358A: smb2_close (close.c:78)
==17238== by 0x5B087B3: smb2_util_close (util.c:40)
==17238== by 0x51E480: test_stream_names (streams.c:1053)
==17238== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17238== by 0x955368F: internal_torture_run_test (torture.c:442)
==17238== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17238== by 0x26013F: run_matching (smbtorture.c:110)
==17238== by 0x260001: run_matching (smbtorture.c:95)
==17238== by 0x260001: run_matching (smbtorture.c:95)
==17238== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17238== by 0x261EDF: main (smbtorture.c:665)
==17238==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.streams.sharemodes.sharemodes generates the following valgrind
trace
==16980== Use of uninitialised value of size 8
==16980== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==16980== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16980== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16980== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16980== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16980== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16980== by 0x5B030F3: smb2_close_send (close.c:42)
==16980== by 0x5B0358A: smb2_close (close.c:78)
==16980== by 0x5B087B3: smb2_util_close (util.c:40)
==16980== by 0x51B4F3: test_stream_sharemodes (streams.c:557)
==16980== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16980== by 0x955368F: internal_torture_run_test (torture.c:442)
==16980== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16980== by 0x26013F: run_matching (smbtorture.c:110)
==16980== by 0x260001: run_matching (smbtorture.c:95)
==16980== by 0x260001: run_matching (smbtorture.c:95)
==16980== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16980== by 0x261EDF: main (smbtorture.c:665)
==16980==
==16980== Use of uninitialised value of size 8
==16980== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16980== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16980== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16980== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16980== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16980== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16980== by 0x5B030F3: smb2_close_send (close.c:42)
==16980== by 0x5B0358A: smb2_close (close.c:78)
==16980== by 0x5B087B3: smb2_util_close (util.c:40)
==16980== by 0x51B4F3: test_stream_sharemodes (streams.c:557)
==16980== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16980== by 0x955368F: internal_torture_run_test (torture.c:442)
==16980== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16980== by 0x26013F: run_matching (smbtorture.c:110)
==16980== by 0x260001: run_matching (smbtorture.c:95)
==16980== by 0x260001: run_matching (smbtorture.c:95)
==16980== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16980== by 0x261EDF: main (smbtorture.c:665)
==16980==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.streams.io.io generates the following valgrind trace
==16652== Use of uninitialised value of size 8
==16652== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==16652== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16652== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16652== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16652== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16652== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16652== by 0x5B030F3: smb2_close_send (close.c:42)
==16652== by 0x5B0358A: smb2_close (close.c:78)
==16652== by 0x5B087B3: smb2_util_close (util.c:40)
==16652== by 0x51AF21: test_stream_io (streams.c:480)
==16652== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16652== by 0x955368F: internal_torture_run_test (torture.c:442)
==16652== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16652== by 0x26013F: run_matching (smbtorture.c:110)
==16652== by 0x260001: run_matching (smbtorture.c:95)
==16652== by 0x260001: run_matching (smbtorture.c:95)
==16652== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16652== by 0x261EDF: main (smbtorture.c:665)
==16652==
==16652== Use of uninitialised value of size 8
==16652== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16652== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16652== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16652== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16652== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16652== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16652== by 0x5B030F3: smb2_close_send (close.c:42)
==16652== by 0x5B0358A: smb2_close (close.c:78)
==16652== by 0x5B087B3: smb2_util_close (util.c:40)
==16652== by 0x51AF21: test_stream_io (streams.c:480)
==16652== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16652== by 0x955368F: internal_torture_run_test (torture.c:442)
==16652== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16652== by 0x26013F: run_matching (smbtorture.c:110)
==16652== by 0x260001: run_matching (smbtorture.c:95)
==16652== by 0x260001: run_matching (smbtorture.c:95)
==16652== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16652== by 0x261EDF: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.oplock.brl3.brl3 generated the following valgrind
trace
==16564== Use of uninitialised value of size 8
==16564== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16564== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16564== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16564== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16564== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16564== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16564== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16564== by 0x5B07AAE: smb2_lock (lock.c:80)
==16564== by 0x4B62B1: test_smb2_oplock_brl3 (oplock.c:3578)
==16564== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16564== by 0x955368F: internal_torture_run_test (torture.c:442)
==16564== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16564== by 0x26013F: run_matching (smbtorture.c:110)
==16564== by 0x260001: run_matching (smbtorture.c:95)
==16564== by 0x260001: run_matching (smbtorture.c:95)
==16564== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16564== by 0x261EDF: main (smbtorture.c:665)
==16564==
==16564== Use of uninitialised value of size 8
==16564== at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16564== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16564== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16564== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16564== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16564== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16564== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16564== by 0x5B07AAE: smb2_lock (lock.c:80)
==16564== by 0x4B62B1: test_smb2_oplock_brl3 (oplock.c:3578)
==16564== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16564== by 0x955368F: internal_torture_run_test (torture.c:442)
==16564== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16564== by 0x26013F: run_matching (smbtorture.c:110)
==16564== by 0x260001: run_matching (smbtorture.c:95)
==16564== by 0x260001: run_matching (smbtorture.c:95)
==16564== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16564== by 0x261EDF: main (smbtorture.c:665)
==16564==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.oplock.brl2.brl2 generates the following
valgrind trace
==16443== Use of uninitialised value of size 8
==16443== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16443== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16443== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16443== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16443== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16443== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16443== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16443== by 0x5B07AAE: smb2_lock (lock.c:80)
==16443== by 0x4B5971: test_smb2_oplock_brl2 (oplock.c:3464)
==16443== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16443== by 0x955368F: internal_torture_run_test (torture.c:442)
==16443== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16443== by 0x26013F: run_matching (smbtorture.c:110)
==16443== by 0x260001: run_matching (smbtorture.c:95)
==16443== by 0x260001: run_matching (smbtorture.c:95)
==16443== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16443== by 0x261EDF: main (smbtorture.c:665)
==16443==
==16443== Use of uninitialised value of size 8
==16443== at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16443== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16443== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16443== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16443== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16443== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16443== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16443== by 0x5B07AAE: smb2_lock (lock.c:80)
==16443== by 0x4B5971: test_smb2_oplock_brl2 (oplock.c:3464)
==16443== by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16443== by 0x955368F: internal_torture_run_test (torture.c:442)
==16443== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16443== by 0x26013F: run_matching (smbtorture.c:110)
==16443== by 0x260001: run_matching (smbtorture.c:95)
==16443== by 0x260001: run_matching (smbtorture.c:95)
==16443== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16443== by 0x261EDF: main (smbtorture.c:665)
==16443==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture smb2.oplock.brl1.brl1 generates the following valgrind trace
==16002== Use of uninitialised value of size 8
==16002== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16002== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002== by 0x5B07AAE: smb2_lock (lock.c:80)
==16002== by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002== by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002== by 0x955368F: internal_torture_run_test (torture.c:442)
==16002== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002== by 0x26013F: run_matching (smbtorture.c:110)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002== by 0x261EDF: main (smbtorture.c:665)
==16002==
==16002== Use of uninitialised value of size 8
==16002== at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16002== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002== by 0x5B07AAE: smb2_lock (lock.c:80)
==16002== by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002== by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002== by 0x955368F: internal_torture_run_test (torture.c:442)
==16002== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002== by 0x26013F: run_matching (smbtorture.c:110)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002== by 0x261EDF: main (smbtorture.c:665)
==16002==
==16002== Use of uninitialised value of size 8
==16002== at 0x8F006AF: _samba_rijndaelEncrypt (rijndael-alg-fst.c:968)
==16002== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002== by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002== by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002== by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002== by 0x5B07AAE: smb2_lock (lock.c:80)
==16002== by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002== by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002== by 0x955368F: internal_torture_run_test (torture.c:442)
==16002== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002== by 0x26013F: run_matching (smbtorture.c:110)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260001: run_matching (smbtorture.c:95)
==16002== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002== by 0x261EDF: main (smbtorture.c:665)
==16002==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.oplock.batch10.batch10 produces the following
valgrind trace
Use of uninitialised value of size 8
==9662== at 0x8F005A1: _samba_rijndaelEncrypt (rijndael-alg-fst.c:956)
==9662== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==9662== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==9662== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==9662== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==9662== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==9662== by 0x5B04C89: smb2_write_send (write.c:49)
==9662== by 0x5B04F85: smb2_write (write.c:79)
==9662== by 0x4AD523: test_smb2_oplock_batch10 (oplock.c:1820)
==9662== by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==9662== by 0x955368F: internal_torture_run_test (torture.c:442)
==9662== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==9662== by 0x26013F: run_matching (smbtorture.c:110)
==9662== by 0x260001: run_matching (smbtorture.c:95)
==9662== by 0x260001: run_matching (smbtorture.c:95)
==9662== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==9662== by 0x261EDF: main (smbtorture.c:665)
==9662==
==9662== Use of uninitialised value of size 8
==9662== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==9662== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==9662== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==9662== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==9662== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==9662== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==9662== by 0x5B04C89: smb2_write_send (write.c:49)
==9662== by 0x5B04F85: smb2_write (write.c:79)
==9662== by 0x4AD523: test_smb2_oplock_batch10 (oplock.c:1820)
==9662== by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==9662== by 0x955368F: internal_torture_run_test (torture.c:442)
==9662== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==9662== by 0x26013F: run_matching (smbtorture.c:110)
==9662== by 0x260001: run_matching (smbtorture.c:95)
==9662== by 0x260001: run_matching (smbtorture.c:95)
==9662== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==9662== by 0x261EDF: main (smbtorture.c:665)
==9662==
Please enter the commit message for your changes. Lines starting
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.notify.mask.mask
==6451== Use of uninitialised value of size 8
==6451== at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==6451== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==6451== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==6451== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==6451== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==6451== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==6451== by 0x5B030F3: smb2_close_send (close.c:42)
==6451== by 0x5B0358A: smb2_close (close.c:78)
==6451== by 0x5B087B3: smb2_util_close (util.c:40)
==6451== by 0x483E97: torture_smb2_notify_mask (notify.c:1061)
==6451== by 0x48B783: wrap_simple_2smb2_test (smb2.c:112)
==6451== by 0x955368F: internal_torture_run_test (torture.c:442)
==6451== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6451== by 0x26013F: run_matching (smbtorture.c:110)
==6451== by 0x260001: run_matching (smbtorture.c:95)
==6451== by 0x260001: run_matching (smbtorture.c:95)
==6451== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6451== by 0x261EDF: main (smbtorture.c:665)
==6451==
==6451== Use of uninitialised value of size 8
==6451== at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==6451== by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==6451== by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==6451== by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==6451== by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==6451== by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==6451== by 0x5B030F3: smb2_close_send (close.c:42)
==6451== by 0x5B0358A: smb2_close (close.c:78)
==6451== by 0x5B087B3: smb2_util_close (util.c:40)
==6451== by 0x483E97: torture_smb2_notify_mask (notify.c:1061)
==6451== by 0x48B783: wrap_simple_2smb2_test (smb2.c:112)
==6451== by 0x955368F: internal_torture_run_test (torture.c:442)
==6451== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6451== by 0x26013F: run_matching (smbtorture.c:110)
==6451== by 0x260001: run_matching (smbtorture.c:95)
==6451== by 0x260001: run_matching (smbtorture.c:95)
==6451== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6451== by 0x261EDF: main (smbtorture.c:665)
==6451==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test smb2.create.aclfile.aclfile produces the following
valgrind trace
==6025== Use of uninitialised value of size 8
==6025== at 0xFB0B061: _itoa_word (in /lib64/libc-2.19.so)
==6025== by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==6025== by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==6025== by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==6025== by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==6025== by 0x3E5951: ndr_print_security_ace (ndr_security.c:539)
==6025== by 0x3E6251: ndr_print_security_acl (ndr_security.c:642)
==6025== by 0x3E7A76: ndr_print_security_descriptor (ndr_security.c:890)
==6025== by 0xAEBB860: ndr_print_debug (ndr.c:409)
==6025== by 0x45FCB6: smb2_util_verify_sd (util.c:598)
==6025== by 0x502246: test_create_acl_ext (create.c:634)
==6025== by 0x506E13: test_create_acl_file (create.c:1232)
==6025== by 0x48B420: wrap_simple_1smb2_test (smb2.c:52)
==6025== by 0x955368F: internal_torture_run_test (torture.c:442)
==6025== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6025== by 0x26013F: run_matching (smbtorture.c:110)
==6025== by 0x260001: run_matching (smbtorture.c:95)
==6025== by 0x260001: run_matching (smbtorture.c:95)
==6025== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6025== by 0x261EDF: main (smbtorture.c:665)
==6025==
==6025== Conditional jump or move depends on uninitialised value(s)
==6025== at 0xFB0B068: _itoa_word (in /lib64/libc-2.19.so)
==6025== by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==6025== by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==6025== by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==6025== by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==6025== by 0x3E5951: ndr_print_security_ace (ndr_security.c:539)
==6025== by 0x3E6251: ndr_print_security_acl (ndr_security.c:642)
==6025== by 0x3E7A76: ndr_print_security_descriptor (ndr_security.c:890)
==6025== by 0xAEBB860: ndr_print_debug (ndr.c:409)
==6025== by 0x45FCB6: smb2_util_verify_sd (util.c:598)
==6025== by 0x502246: test_create_acl_ext (create.c:634)
==6025== by 0x506E13: test_create_acl_file (create.c:1232)
==6025== by 0x48B420: wrap_simple_1smb2_test (smb2.c:52)
==6025== by 0x955368F: internal_torture_run_test (torture.c:442)
==6025== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6025== by 0x26013F: run_matching (smbtorture.c:110)
==6025== by 0x260001: run_matching (smbtorture.c:95)
==6025== by 0x260001: run_matching (smbtorture.c:95)
==6025== by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6025== by 0x261EDF: main (smbtorture.c:665)
==6025==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test raw.offline.offline generates the following valgrind trace(s).
==5130== at 0x2223AF: loadfile_callback (offline.c:107)
==5130== by 0x5AF73E6: loadfile_handler (loadfile.c:208)
==5130== by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5130== by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0x223A16: torture_test_offline (offline.c:493)
==5130== by 0x9553F62: wrap_simple_test (torture.c:632)
==5130== by 0x955368F: internal_torture_run_test (torture.c:442)
==5130== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5130== by 0x260121: run_matching (smbtorture.c:110)
==5130== by 0x25FFE3: run_matching (smbtorture.c:95)
==5130== by 0x260242: torture_run_named_tests (smbtorture.c:143)
==5130== by 0x261EC1: main (smbtorture.c:665)
==5130== Address 0x188b80d0 is 96 bytes inside a block of size 8,288 free'd
==5130== at 0x4C2A37C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==5130== by 0xF4673A3: ??? (in /usr/lib64/libtalloc.so.2.1.5)
==5130== by 0xF460E42: _talloc_free (in /usr/lib64/libtalloc.so.2.1.5)
==5130== by 0x5AF7635: smb_composite_loadfile_recv (loadfile.c:278)
==5130== by 0x2222F7: loadfile_callback (offline.c:91)
==5130== by 0x5AF73E6: loadfile_handler (loadfile.c:208)
==5130== by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5130== by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5130== by 0x223A16: torture_test_offline (offline.c:493)
==5130== by 0x9553F62: wrap_simple_test (torture.c:632)
==5130== by 0x955368F: internal_torture_run_test (torture.c:442)
==5130== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5130== by 0x260121: run_matching (smbtorture.c:110)
==5130== by 0x25FFE3: run_matching (smbtorture.c:95)
==5130== by 0x260242: torture_run_named_tests (smbtorture.c:143)
==5130== by 0x261EC1: main (smbtorture.c:665)
==5130==
AND
==5428== Conditional jump or move depends on uninitialised value(s)
==5428== at 0x22270E: getoffline_callback (offline.c:197)
==5428== by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5428== by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5428== by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5428== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5428== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5428== by 0x223A1B: torture_test_offline (offline.c:494)
==5428== by 0x9553F62: wrap_simple_test (torture.c:632)
==5428== by 0x955368F: internal_torture_run_test (torture.c:442)
==5428== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5428== by 0x260126: run_matching (smbtorture.c:110)
==5428== by 0x25FFE8: run_matching (smbtorture.c:95)
==5428== by 0x260247: torture_run_named_tests (smbtorture.c:143)
==5428== by 0x261EC6: main (smbtorture.c:665)
==5428==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test raw.bench-tcon.bench-tcon produces the following valgrind
trace
==32163== Conditional jump or move depends on uninitialised value(s)
==32163== at 0x1F9D61: rate_convert_secs (tconrate.c:149)
==32163== by 0x1FA04C: torture_bench_treeconnect (tconrate.c:189)
==32163== by 0x9553F62: wrap_simple_test (torture.c:632)
==32163== by 0x955368F: internal_torture_run_test (torture.c:442)
==32163== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==32163== by 0x260121: run_matching (smbtorture.c:110)
==32163== by 0x25FFE3: run_matching (smbtorture.c:95)
==32163== by 0x260242: torture_run_named_tests (smbtorture.c:143)
==32163== by 0x261EC1: main (smbtorture.c:665)
==32163==
==32163== Use of uninitialised value of size 8
==32163== at 0xFB0B0BB: _itoa_word (in /lib64/libc-2.19.so)
==32163== by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==32163== by 0xFB15598: printf (in /lib64/libc-2.19.so)
==32163== by 0x1FA064: torture_bench_treeconnect (tconrate.c:188)
==32163== by 0x9553F62: wrap_simple_test (torture.c:632)
==32163== by 0x955368F: internal_torture_run_test (torture.c:442)
==32163== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==32163== by 0x260121: run_matching (smbtorture.c:110)
==32163== by 0x25FFE3: run_matching (smbtorture.c:95)
==32163== by 0x260242: torture_run_named_tests (smbtorture.c:143)
==32163== by 0x261EC1: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test raw.acls.create_file.create_file produces the following
valgrind trace
==31783== Use of uninitialised value of size 8
==31783== at 0xFB0B061: _itoa_word (in /lib64/libc-2.19.so)
==31783== by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==31783== by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==31783== by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==31783== by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==31783== by 0x3E591A: ndr_print_security_ace (ndr_security.c:539)
==31783== by 0x3E621A: ndr_print_security_acl (ndr_security.c:642)
==31783== by 0x3E7A3F: ndr_print_security_descriptor (ndr_security.c:890)
==31783== by 0xAEBB860: ndr_print_debug (ndr.c:409)
==31783== by 0x20C91F: verify_sd (acls.c:89)
==31783== by 0x20D8C3: test_nttrans_create_ext (acls.c:306)
==31783== by 0x20E3A8: test_nttrans_create_file (acls.c:381)
==31783== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==31783== by 0x955368F: internal_torture_run_test (torture.c:442)
==31783== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==31783== by 0x260108: run_matching (smbtorture.c:110)
==31783== by 0x25FFCA: run_matching (smbtorture.c:95)
==31783== by 0x25FFCA: run_matching (smbtorture.c:95)
==31783== by 0x260229: torture_run_named_tests (smbtorture.c:143)
==31783== by 0x261EA8: main (smbtorture.c:665)
==31783==
==31783== Conditional jump or move depends on uninitialised value(s)
==31783== at 0xFB0B068: _itoa_word (in /lib64/libc-2.19.so)
==31783== by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==31783== by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==31783== by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==31783== by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==31783== by 0x3E591A: ndr_print_security_ace (ndr_security.c:539)
==31783== by 0x3E621A: ndr_print_security_acl (ndr_security.c:642)
==31783== by 0x3E7A3F: ndr_print_security_descriptor (ndr_security.c:890)
==31783== by 0xAEBB860: ndr_print_debug (ndr.c:409)
==31783== by 0x20C91F: verify_sd (acls.c:89)
==31783== by 0x20D8C3: test_nttrans_create_ext (acls.c:306)
==31783== by 0x20E3A8: test_nttrans_create_file (acls.c:381)
==31783== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==31783== by 0x955368F: internal_torture_run_test (torture.c:442)
==31783== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==31783== by 0x260108: run_matching (smbtorture.c:110)
==31783== by 0x25FFCA: run_matching (smbtorture.c:95)
==31783== by 0x25FFCA: run_matching (smbtorture.c:95)
==31783== by 0x260229: torture_run_named_tests (smbtorture.c:143)
==31783== by 0x261EA8: main (smbtorture.c:665)
==31783==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test raw.streams.createdisp.createdisp results in
the following valgrind trace
==30946== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30946== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30946== by 0x106CB033: writev_handler (async_sock.c:340)
==30946== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30946== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30946== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30946== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30946== by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30946== by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30946== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30946== by 0x209F0D: create_file_with_stream (streams.c:1502)
==30946== by 0x20A072: test_stream_create_disposition (streams.c:1527)
==30946== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30946== by 0x955368F: internal_torture_run_test (torture.c:442)
==30946== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30946== by 0x2600D6: run_matching (smbtorture.c:110)
==30946== by 0x25FF98: run_matching (smbtorture.c:95)
==30946== by 0x25FF98: run_matching (smbtorture.c:95)
==30946== by 0x2601F7: torture_run_named_tests (smbtorture.c:143)
==30946== by 0x261E76: main (smbtorture.c:665)
==30946== Address 0x187ebbc6 is 598 bytes inside a block of size 1,325 alloc'd
==30946== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30946== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30946== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30946== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30946== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30946== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30946== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30946== by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30946== by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30946== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30946== by 0x209F0D: create_file_with_stream (streams.c:1502)
==30946== by 0x20A072: test_stream_create_disposition (streams.c:1527)
==30946== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30946== by 0x955368F: internal_torture_run_test (torture.c:442)
==30946== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30946== by 0x2600D6: run_matching (smbtorture.c:110)
==30946== by 0x25FF98: run_matching (smbtorture.c:95)
==30946== by 0x25FF98: run_matching (smbtorture.c:95)
==30946== by 0x2601F7: torture_run_named_tests (smbtorture.c:143)
==30946== by 0x261E76: main (smbtorture.c:665
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test raw.open.openx-over-dir.openx-over-dir results in
the following valgrind trace
==30597== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30597== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30597== by 0x106CB033: writev_handler (async_sock.c:340)
==30597== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30597== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30597== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30597== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30597== by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30597== by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30597== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30597== by 0x1A57F0: test_openx_over_dir (open.c:1495)
==30597== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30597== by 0x955368F: internal_torture_run_test (torture.c:442)
==30597== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30597== by 0x2600BD: run_matching (smbtorture.c:110)
==30597== by 0x25FF7F: run_matching (smbtorture.c:95)
==30597== by 0x25FF7F: run_matching (smbtorture.c:95)
==30597== by 0x2601DE: torture_run_named_tests (smbtorture.c:143)
==30597== by 0x261E5D: main (smbtorture.c:665)
==30597== Address 0x187e41d6 is 598 bytes inside a block of size 1,325 alloc'd
==30597== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30597== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30597== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30597== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30597== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30597== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30597== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30597== by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30597== by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30597== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30597== by 0x1A57F0: test_openx_over_dir (open.c:1495)
==30597== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30597== by 0x955368F: internal_torture_run_test (torture.c:442)
==30597== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30597== by 0x2600BD: run_matching (smbtorture.c:110)
==30597== by 0x25FF7F: run_matching (smbtorture.c:95)
==30597== by 0x25FF7F: run_matching (smbtorture.c:95)
==30597== by 0x2601DE: torture_run_named_tests (smbtorture.c:143)
==30597== by 0x261E5D: main (smbtorture.c:665)
==30597==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test raw.open.chained-ntcreatex.chained-ntcreatex results
in the following valgrind trace
==30405== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30405== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30405== by 0x106CB033: writev_handler (async_sock.c:340)
==30405== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30405== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30405== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30405== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30405== by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30405== by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30405== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30405== by 0x1A66B4: test_chained_ntcreatex_readx (open.c:1735)
==30405== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30405== by 0x955368F: internal_torture_run_test (torture.c:442)
==30405== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30405== by 0x2600A4: run_matching (smbtorture.c:110)
==30405== by 0x25FF66: run_matching (smbtorture.c:95)
==30405== by 0x25FF66: run_matching (smbtorture.c:95)
==30405== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==30405== by 0x261E44: main (smbtorture.c:665)
==30405== Address 0x187e1196 is 598 bytes inside a block of size 1,325 alloc'd
==30405== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30405== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30405== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30405== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30405== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30405== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30405== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30405== by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30405== by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30405== by 0x9BE60B4: smbcli_close (clifile.c:316)
==30405== by 0x1A66B4: test_chained_ntcreatex_readx (open.c:1735)
==30405== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30405== by 0x955368F: internal_torture_run_test (torture.c:442)
==30405== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30405== by 0x2600A4: run_matching (smbtorture.c:110)
==30405== by 0x25FF66: run_matching (smbtorture.c:95)
==30405== by 0x25FF66: run_matching (smbtorture.c:95)
==30405== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==30405== by 0x261E44: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test base.bench-holdopen.bench-holdopen yields the
following valgrind trace.
==29953== Conditional jump or move depends on uninitialised value(s)
==29953== at 0xF4634F0: _talloc_zero_array (in /usr/lib64/libtalloc.so.2.1.5)
==29953== by 0x5AE257E: smbcli_request_setup_transport (rawrequest.c:101)
==29953== by 0x5AE04AF: smb_raw_echo_send (clitransport.c:554)
==29953== by 0x5AE0774: smb_raw_echo (clitransport.c:609)
==29953== by 0x4183D3: torture_holdopen (misc.c:288)
==29953== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==29953== by 0x955368F: internal_torture_run_test (torture.c:442)
==29953== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29953== by 0x2600A4: run_matching (smbtorture.c:110)
==29953== by 0x25FF66: run_matching (smbtorture.c:95)
==29953== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==29953== by 0x261E44: main (smbtorture.c:665)
==29953==
==29953== Conditional jump or move depends on uninitialised value(s)
==29953== at 0xF4630E3: _talloc_zero (in /usr/lib64/libtalloc.so.2.1.5)
==29953== by 0x5AE257E: smbcli_request_setup_transport (rawrequest.c:101)
==29953== by 0x5AE04AF: smb_raw_echo_send (clitransport.c:554)
==29953== by 0x5AE0774: smb_raw_echo (clitransport.c:609)
==29953== by 0x4183D3: torture_holdopen (misc.c:288)
==29953== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==29953== by 0x955368F: internal_torture_run_test (torture.c:442)
==29953== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29953== by 0x2600A4: run_matching (smbtorture.c:110)
==29953== by 0x25FF66: run_matching (smbtorture.c:95)
==29953== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==29953== by 0x261E44: main (smbtorture.c:665)
==29953==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test base.winattr.winattr yields the following trace
==25514== Syscall param writev(vector[...]) points to uninitialised byte(s)
==25514== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==25514== by 0x106CB033: writev_handler (async_sock.c:340)
==25514== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==25514== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==25514== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==25514== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==25514== by 0x5AEEC7E: smb_raw_nttrans_recv (rawtrans.c:408)
==25514== by 0x5AF6543: smb_raw_query_secdesc_recv (rawacl.c:67)
==25514== by 0x5AF580F: smb_raw_fileinfo_recv (rawfileinfo.c:699)
==25514== by 0x5AF58BE: smb_raw_fileinfo (rawfileinfo.c:721)
==25514== by 0x454AC3: torture_winattrtest (attr.c:217)
==25514== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==25514== by 0x955368F: internal_torture_run_test (torture.c:442)
==25514== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==25514== by 0x2600A4: run_matching (smbtorture.c:110)
==25514== by 0x25FF66: run_matching (smbtorture.c:95)
==25514== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==25514== by 0x261E44: main (smbtorture.c:665)
==25514== Address 0x187d69c6 is 598 bytes inside a block of size 1,325 alloc'd
==25514== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25514== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==25514== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==25514== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==25514== by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==25514== by 0x5AEE9B2: smb_raw_nttrans_send (rawtrans.c:310)
==25514== by 0x5AF64F0: smb_raw_query_secdesc_send (rawacl.c:51)
==25514== by 0x5AF56E5: smb_raw_fileinfo_send (rawfileinfo.c:658)
==25514== by 0x5AF58A3: smb_raw_fileinfo (rawfileinfo.c:720)
==25514== by 0x454AC3: torture_winattrtest (attr.c:217)
==25514== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==25514== by 0x955368F: internal_torture_run_test (torture.c:442)
==25514== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==25514== by 0x2600A4: run_matching (smbtorture.c:110)
==25514== by 0x25FF66: run_matching (smbtorture.c:95)
==25514== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==25514== by 0x261E44: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test base.tcondev.tcondev causes the following valgrind trace
==23282== Conditional jump or move depends on uninitialised value(s)
==23282== at 0x9BE5632: smbcli_tconX (cliconnect.c:148)
==23282== by 0x41021C: tcon_devtest (base.c:91)
==23282== by 0x411A01: run_tcon_devtype_test (base.c:522)
==23282== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23282== by 0x955368F: internal_torture_run_test (torture.c:442)
==23282== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23282== by 0x2600A4: run_matching (smbtorture.c:110)
==23282== by 0x25FF66: run_matching (smbtorture.c:95)
==23282== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23282== by 0x261E44: main (smbtorture.c:665)
==23282==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test base.aliases.setpathinfo_aliases.setpathinfo_aliases
results in the following valgrind trace
==23067== Syscall param writev(vector[...]) points to uninitialised byte(s)
==23067== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==23067== by 0x106CB033: writev_handler (async_sock.c:340)
==23067== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==23067== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==23067== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==23067== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==23067== by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==23067== by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==23067== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==23067== by 0x423EB4: setpathinfo_aliases (aliases.c:367)
==23067== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23067== by 0x955368F: internal_torture_run_test (torture.c:442)
==23067== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23067== by 0x2600A4: run_matching (smbtorture.c:110)
==23067== by 0x25FF66: run_matching (smbtorture.c:95)
==23067== by 0x25FF66: run_matching (smbtorture.c:95)
==23067== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23067== by 0x261E44: main (smbtorture.c:665)
==23067== Address 0x187e0096 is 598 bytes inside a block of size 1,325 alloc'd
==23067== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==23067== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==23067== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==23067== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==23067== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==23067== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==23067== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==23067== by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==23067== by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==23067== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==23067== by 0x423EB4: setpathinfo_aliases (aliases.c:367)
==23067== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23067== by 0x955368F: internal_torture_run_test (torture.c:442)
==23067== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23067== by 0x2600A4: run_matching (smbtorture.c:110)
==23067== by 0x25FF66: run_matching (smbtorture.c:95)
==23067== by 0x25FF66: run_matching (smbtorture.c:95)
==23067== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23067== by 0x261E44: main (smbtorture.c:665)
==23067==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture test base.aliases.setfileinfo_aliases.setfileinfo_aliases
results in the following valgrind trace
==22757== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22757== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22757== by 0x106CB033: writev_handler (async_sock.c:340)
==22757== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22757== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22757== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22757== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22757== by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22757== by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22757== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22757== by 0x423C91: setfileinfo_aliases (aliases.c:327)
==22757== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22757== by 0x955368F: internal_torture_run_test (torture.c:442)
==22757== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22757== by 0x2600A4: run_matching (smbtorture.c:110)
==22757== by 0x25FF66: run_matching (smbtorture.c:95)
==22757== by 0x25FF66: run_matching (smbtorture.c:95)
==22757== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22757== by 0x261E44: main (smbtorture.c:665)
==22757== Address 0x187dfee6 is 598 bytes inside a block of size 1,325 alloc'd
==22757== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22757== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22757== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22757== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22757== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22757== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22757== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22757== by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22757== by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22757== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22757== by 0x423C91: setfileinfo_aliases (aliases.c:327)
==22757== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22757== by 0x955368F: internal_torture_run_test (torture.c:442)
==22757== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22757== by 0x2600A4: run_matching (smbtorture.c:110)
==22757== by 0x25FF66: run_matching (smbtorture.c:95)
==22757== by 0x25FF66: run_matching (smbtorture.c:95)
==22757== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22757== by 0x261E44: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test base.aliases.FINDFIRST aliases.FINDFIRST aliases
results in the following valgrind trace
==22639== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22639== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22639== by 0x106CB033: writev_handler (async_sock.c:340)
==22639== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22639== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22639== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22639== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22639== by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22639== by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22639== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22639== by 0x423672: findfirst_aliases (aliases.c:213)
==22639== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22639== by 0x955368F: internal_torture_run_test (torture.c:442)
==22639== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22639== by 0x2600A4: run_matching (smbtorture.c:110)
==22639== by 0x25FF66: run_matching (smbtorture.c:95)
==22639== by 0x25FF66: run_matching (smbtorture.c:95)
==22639== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22639== by 0x261E44: main (smbtorture.c:665)
==22639== Address 0x187dfd26 is 598 bytes inside a block of size 1,325 alloc'd
==22639== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22639== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22639== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22639== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22639== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22639== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22639== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22639== by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22639== by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22639== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22639== by 0x423672: findfirst_aliases (aliases.c:213)
==22639== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22639== by 0x955368F: internal_torture_run_test (torture.c:442)
==22639== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22639== by 0x2600A4: run_matching (smbtorture.c:110)
==22639== by 0x25FF66: run_matching (smbtorture.c:95)
==22639== by 0x25FF66: run_matching (smbtorture.c:95)
==22639== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22639== by 0x261E44: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture 'base.aliases.QPATHINFO aliases.QPATHINFO aliases' results in
following valgrind trace
==22469== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22469== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22469== by 0x106CB033: writev_handler (async_sock.c:340)
==22469== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22469== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22469== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22469== by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22469== by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22469== by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22469== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22469== by 0x423431: qpathinfo_aliases (aliases.c:171)
==22469== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22469== by 0x955368F: internal_torture_run_test (torture.c:442)
==22469== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22469== by 0x2600A4: run_matching (smbtorture.c:110)
==22469== by 0x25FF66: run_matching (smbtorture.c:95)
==22469== by 0x25FF66: run_matching (smbtorture.c:95)
==22469== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22469== by 0x261E44: main (smbtorture.c:665)
==22469== Address 0x187dfb86 is 598 bytes inside a block of size 1,325 alloc'd
==22469== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22469== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22469== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22469== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22469== by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22469== by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22469== by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22469== by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22469== by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22469== by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22469== by 0x423431: qpathinfo_aliases (aliases.c:171)
==22469== by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22469== by 0x955368F: internal_torture_run_test (torture.c:442)
==22469== by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22469== by 0x2600A4: run_matching (smbtorture.c:110)
==22469== by 0x25FF66: run_matching (smbtorture.c:95)
==22469== by 0x25FF66: run_matching (smbtorture.c:95)
==22469== by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22469== by 0x261E44: main (smbtorture.c:665)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbtorture local.registry.diff.dotreg.test_diff_apply produces the following
valgrind trace
==18367== Conditional jump or move depends on uninitialised value(s)
==18367== at 0xA02ED96: reg_dotreg_diff_load (patchfile_dotreg.c:252)
==18367== by 0xA031C6C: reg_diff_load (patchfile.c:375)
==18367== by 0xA0323AB: reg_diff_apply (patchfile.c:542)
==18367== by 0x15F116: test_diff_apply (diff.c:72)
==18367== by 0x955460C: wrap_test_with_simple_test (torture.c:731)
==18367== by 0x955366F: internal_torture_run_test (torture.c:442)
==18367== by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==18367== by 0x260074: run_matching (smbtorture.c:110)
==18367== by 0x25FF36: run_matching (smbtorture.c:95)
==18367== by 0x25FF36: run_matching (smbtorture.c:95)
==18367== by 0x25FF36: run_matching (smbtorture.c:95)
==18367== by 0x260195: torture_run_named_tests (smbtorture.c:143)
==18367==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
when running smbtorture rpc.samba3.regconfig.regconfig
Note: to fix this particular error only the action_taken variable needed
to be initialised. ZERO-ing the structs for completeness.
==14958== Syscall param writev(vector[...]) points to uninitialised byte(s)
==14958== at 0xFB9FC87: writev (in /lib64/libc-2.19.so)
==14958== by 0x106C8003: writev_handler (async_sock.c:340)
==14958== by 0xF67407E: epoll_event_loop (tevent_epoll.c:728)
==14958== by 0xF67469C: epoll_event_loop_once (tevent_epoll.c:926)
==14958== by 0xF671586: std_event_loop_once (tevent_standard.c:114)
==14958== by 0xF66AD42: _tevent_loop_once (tevent.c:533)
==14958== by 0xF66CB9D: tevent_req_poll (tevent_req.c:256)
==14958== by 0x5D19305: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==14958== by 0x88B2DED: dcerpc_binding_handle_call (binding_handle.c:556)
==14958== by 0xBBCE851: dcerpc_winreg_CreateKey_r (ndr_winreg_c.c:1430)
==14958== by 0x3D47C5: torture_samba3_createshare (samba3rpc.c:3192)
==14958== by 0x3D50AC: torture_samba3_regconfig (samba3rpc.c:3299)
==14958== by 0x9553F42: wrap_simple_test (torture.c:632)
==14958== by 0x955366F: internal_torture_run_test (torture.c:442)
==14958== by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==14958== by 0x260074: run_matching (smbtorture.c:110)
==14958== by 0x25FF36: run_matching (smbtorture.c:95)
==14958== by 0x25FF36: run_matching (smbtorture.c:95)
==14958== by 0x260195: torture_run_named_tests (smbtorture.c:143)
==14958== by 0x261E14: main (smbtorture.c:665)
==14958== Address 0x18868ec6 is 598 bytes inside a block of size 1,325 alloc'd
==14958== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14958== by 0xF45EE38: __talloc_with_prefix (talloc.c:668)
==14958== by 0xF45EFF5: _talloc_pool (talloc.c:721)
==14958== by 0xF45F167: _talloc_pooled_object (talloc.c:790)
==14958== by 0xF66C664: _tevent_req_create (tevent_req.c:66)
==14958== by 0xB0D49CF: smb1cli_req_create (smbXcli_base.c:1322)
==14958== by 0xB0E1E3D: smb1cli_trans_send (smb1cli_trans.c:512)
==14958== by 0xB0ED44D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==14958== by 0xB0EC817: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==14958== by 0xB0EC4A7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==14958== by 0xC259DDA: tstream_writev_send (tsocket.c:695)
==14958== by 0xC25AD44: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==14958== by 0xF66BF73: tevent_queue_immediate_trigger (tevent_queue.c:149)
==14958== by 0xF66BBFB: tevent_common_loop_immediate (tevent_immediate.c:135)
==14958== by 0xF674602: epoll_event_loop_once (tevent_epoll.c:907)
==14958== by 0xF671586: std_event_loop_once (tevent_standard.c:114)
==14958== by 0xF66AD42: _tevent_loop_once (tevent.c:533)
==14958== by 0xF66CB9D: tevent_req_poll (tevent_req.c:256)
==14958== by 0x5D19305: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==14958== by 0x88B2DED: dcerpc_binding_handle_call (binding_handle.c:556)
==14958== by 0xBBCE851: dcerpc_winreg_CreateKey_r (ndr_winreg_c.c:1430)
==14958== by 0x3D47C5: torture_samba3_createshare (samba3rpc.c:3192)
==14958== by 0x3D50AC: torture_samba3_regconfig (samba3rpc.c:3299)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture test rpc.samba3.winreg.winreg yields the following
valgrind trace
==18533== Syscall param writev(vector[...]) points to uninitialised byte(s)
==18533== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==18533== by 0x106CB033: writev_handler (async_sock.c:340)
==18533== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==18533== by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==18533== by 0xBBD049F: dcerpc_winreg_EnumValue_r (ndr_winreg_c.c:2354)
==18533== by 0x3D3E3E: enumvalues (samba3rpc.c:2982)
==18533== by 0x3D40A5: enumkeys (samba3rpc.c:3042)
==18533== by 0x3D4085: enumkeys (samba3rpc.c:3041)
==18533== Address 0x1886edd6 is 598 bytes inside a block of size 1,325 alloc'd
==18533== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==18533== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==18533== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==18533== by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==18533== by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==18533== by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==18533== by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==18533== by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==18533== by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==18533== by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==18533== by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture rpc.srvsvc.srvsvc\ (admin\ access).NetDiskEnum results
in the following valgrind trace
==30237== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30237== at 0xDD01C67: writev (in /lib64/libc-2.19.so)
==30237== by 0xE1D09D4: writev_handler (async_sock.c:340)
==30237== by 0xD81A12A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30237== by 0xD8185F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30237== by 0xD8147FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30237== by 0xD815ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==30237== by 0x5AC726D: tevent_req_poll_ntstatus (in /usr/lib64/libtevent-util.so.0.0.1)
==30237== by 0x8120CEA: dcerpc_binding_handle_call (in /usr/lib64/libdcerpc-binding.so.0.0.1)
==30237== by 0xA9AC6EC: dcerpc_srvsvc_NetDiskEnum_r (ndr_srvsvc_c.c:5388)
==30237== by 0x2ADDF8: ??? (in /usr/bin/smbtorture)
==30237== by 0x898DF8C: ??? (in /usr/lib64/libtorture.so.0.0.1)
==30237== by 0x1F0816: ??? (in /usr/bin/smbtorture)
==30237== Address 0x15952676 is 598 bytes inside a block of size 1,325 alloc'd
==30237== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30237== by 0xCCCAA73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30237== by 0xD81566D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30237== by 0xA2B7910: smb1cli_req_create (smbXcli_base.c:1322)
==30237== by 0xA2BA4E3: smb1cli_trans_send (smb1cli_trans.c:512)
==30237== by 0xA2C1F91: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==30237== by 0xA2C23AE: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==30237== by 0xAC8E43C: tstream_writev_send (tsocket.c:695)
==30237== by 0xAC8E9BA: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==30237== by 0xD815023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
running smbtorture rpc.dfs.netdfs.StdRoot yields the following valgrind trace
==18861== Syscall param writev(vector[...]) points to uninitialised byte(s)
==18861== at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==18861== by 0x106CB033: writev_handler (async_sock.c:340)
==18861== by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==18861== by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==18861== by 0xBC6D0D2: dcerpc_srvsvc_NetShareDel_r (ndr_srvsvc_c.c:4272)
==18861== by 0x9786C0C: libnet_DelShare (libnet_share.c:195)
==18861== by 0x2E0174: test_NetShareDel (dfs.c:103)
==18861== by 0x2E126F: test_cleanup_stdroot (dfs.c:488)
==18861== Address 0x18869b46 is 598 bytes inside a block of size 1,325 alloc'd
==18861== at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==18861== by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==18861== by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==18861== by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==18861== by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==18861== by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==18861== by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==18861== by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==18861== by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==18861== by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==18861== by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861==
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows testing keytabs with service tickets. Windows KDCs allow
this as well.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This minimalistic version of ktutil dumps all principal names and
encryption types from a keytab, eg:
./bin/samba4ktutil test.keytab
ktpassuser@HILLHOUSE.SITE (arcfour-hmac-md5)
ktpassuser@HILLHOUSE.SITE (aes256-cts-hmac-sha1-96)
ktpassuser@HILLHOUSE.SITE (aes128-cts-hmac-sha1-96)
ktpassuser@HILLHOUSE.SITE (des-cbc-md5)
ktpassuser@HILLHOUSE.SITE (des-cbc-crc)
This is all we need to run some tests against keytabs exported with
`samba-tool domain exportkeytab`.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fix a regression introduced by 5c5d586d3e that broke exporting
service principals by their spn with
samba-tool exportkeytab --principal=<SPN>.
Iterating with samba_kdc_nextkey() only returns UPNs, so this can't work
with SPNs. If we want to search for a specific SPN, we have to use
samba_kdc_fetch().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Apr 19 07:54:35 CEST 2016 on sn-devel-144
We keep the database startup value for search behaviour, as to re-check
is too expensive. It caused every search to have an additional
search to the database.
We do not need to check as_system when setting ac->userPassword
as this is checked when all password attributes are stripped
As userPassword is not written to after fUserPwdSupport is set
we do not expose any data that was not already visible.
The database overhead was an oversight when this was
originally added with 7f171a9e0f
in 2010.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11853
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
All presentation contexts of a connection use the same association group.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
It's a protocol error if the client doesn't send all fragments of
a request in one go.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Note this is not the negotiated fragment size, but a hardcoded maximum.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Following requests will generate a fault with ACCESS_DENIED.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
The basically matches Windows 2012R2, it's not 100%
but it's enough for our raw protocol tests to pass.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
BIND is the first pdu, which means the list of contexts is always empty.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We should not use one "global" per connection variable to hold the
incoming and outgoing auth_info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
The first pdu is always a BIND.
REQUEST pdus are only allowed once the authentication
is finished.
A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
On protocol errors we should send BIND_NAK or FAULT and mark the
connection as to be terminated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
BIND_NAK or FAULT may mark a connection as to be terminated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
For now we still force \\PIPE\\ in upper case, we may be able to remove
this and change it in our idl files later. But for now we better
behave like a windows server without changing too much.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This depends on the type of the incoming pdu.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
These values are controlled by the client but only in a range between
2048 and 5840 (including these values in 8 byte steps).
recv and xmit result always in same min value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This will simplify checks in the following commits and avoids
derefencing dcesrv_auth->auth_info which is not always arround.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
pkt->u.*.auth_info.length is not the correct thing to check.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We should only allow a combined payload of a response of at max 4 MBytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This should give better error messages if the server doesn't support
a specific abstract/transfer syntax.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We now avoid reusing the same auth_info structure for incoming and outgoing
values. We need to make sure that the remote server doesn't overwrite our own
values.
This will trigger some failures with our currently broken server,
which will be fixed in the next commits.
The broken server requires an dcerpc_auth structure with no credentials
in order to do an alter_context request that just creates a presentation
context without doing authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
It handles the case of DCERPC_AUTH_TYPE_NONE just fine and it makes it
possible to do some verification in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We should avoid using the global dcecli_security->auth_info struct for
individual requests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
In future we want to verify that the auth_context_id from the server
is what we expect.
As Samba (<= 4.2.3) use a hardcoded value of 1 in responses, we
need to use that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This will simplify the following commits and avoids dereferencing
dcecli_security->auth_info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This prevents man in the middle downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This prevents man in the middle downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
With this option turned off we only allow DCERPC_AUTH_LEVEL_{NONE,INTEGRITY,PRIVACY},
this means the reject any request with AUTH_LEVEL_CONNECT with ACCESS_DENIED.
We sadly need to keep this enabled by default for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This matches windows and prevents man in the middle downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This is required for the whole interface (which has just one opnum for now).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This matches windows and prevents man in the middle downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
SMB_SIGNING_IPC_DEFAULT must be used from s3 client code when opening
RPC connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>