Checked. Actually, I think this is redundent due to
the code above in reply_nttrans()

/*
* All nttrans messages we handle have smb_wct == 19 +
* state->setup_count. Ensure this is so as a sanity check.
*/

if(req->wct != 19 + (state->setup_count/2)) {
DEBUG(2,("Invalid smb_wct %d in nttrans call (should be %d)\n",
req->wct, 19 + (state->setup_count/2)));
goto bad_param;
}

but it doesn't hurt. Belt and braces and all that :-).
Checked.

Both these changes make sense to me. Thanks,

Jeremy.

Ok, I really like this. Very nice cleanup. The only thing :

I think "(offset + length < offset)" and
"(offset + length < length)" is redundent. We only need one
I believe. Doesn't hurt having both though.

Jeremy.

Guenther, can we get this fix into 3.3 please ?

Jeremy.

--=-gRIJdCKO1GZuxvILilvG
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Nice catch!

Andrew Bartlett

--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.

--=-gRIJdCKO1GZuxvILilvG
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQBJPEtQz4A8Wyi0NrsRArXiAKCM2eJOgRFSuz/cUKcO0CUsPyt1dQCgnoO6
wDVIJ1QDAaT2wIsjECPQrs8=
=aJSk
-----END PGP SIGNATURE-----

--=-gRIJdCKO1GZuxvILilvG--

--=-WNNyKeUNxA42goc1pdPr
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
The OpenLDAP backend does not like zero-length strings, and I'm
presuming it's your new tests.=20

I'm wondering if you have any ideas how we can correctly store these ""
userParameters. Should we instead not store the parameter?

=3D Failed tests =3D
=3D=3D samba4.rpc.samr.users on ncacn_np with connect (dc) =3D=3D
ENVLOG: SMBD LOG of: localdc1
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: LDAP erro=
r 21
LDAP_INVALID_ATTRIBUTE_SYNTAX - <userParameters: value #0 invalid per
syntax> <>
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: LDAP erro=
r 21
LDAP_INVALID_ATTRIBUTE_SYNTAX - <userParameters: value #0 invalid per
syntax> <>
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: LDAP erro=
r 21
LDAP_INVALID_ATTRIBUTE_SYNTAX - <userParameters: value #0 invalid per
syntax> <>
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: error in =
module
entryuuid: Operations error (1)
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: error in =
module
entryuuid: Operations error (1)
Failed to modify record
CN=3Dsamrtorturetest,CN=3DUsers,dc=3Dsamba,dc=3Dexample,dc=3Dcom: error in =
module
entryuuid: Operations error (1)

--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.

--=-WNNyKeUNxA42goc1pdPr
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQBJQlNOz4A8Wyi0NrsRApjHAJoDxIrqA9Hnytn8rp+3s92WrOSTUQCglw6f
/4ybhDoOUtVSV7EMZirfzyo=
=JRVt
-----END PGP SIGNATURE-----

--=-WNNyKeUNxA42goc1pdPr--

I think this is a very old controversial behavior of OpenLDAP, it would
be nice to know why it doesn't.
In theory a zero length string is a perfectly valid value, although not
possible to express in an ldif, does AD allow to set a zero length
string ?

Simo.

As said in another posting: It's a matter of the LDAP syntaxes. Most
LDAP syntaxes don't allow empty strings as attribute values (IIRC it's
allowed for IA5String). OpenLDAP is more strict enforcing the specific
constraints of various LDAP syntaxes than other LDAP server implementations.
Think about it: E.g. if the LDAP syntax is "Integer" which value should
an empty string indicate? Should the LDAP server automagically normalize
the empty string to the number zero? Or should an empty string indicate
an absent attribute value to be completely ignored. I'm sure this would
lead to various issues.

This is a little bit like None!='' in Python.
Certainly you can express an empty string in LDIF. Otherwise you
couldn't address the rootDSE with LDIF. If a LDIF parser cannot handle
that it's broken.
This cannot be generally answered for all LDAP syntaxes (see above).

Ciao, Michael.

True.
I was thinking about string syntaxes only.
Uhmm, right, I guess "attr: " is all is needed, didn't think about it.
You forget that AD might be one of those servers that do not do such
strict checking... we need a test to make sure it does or does not.

Simo.

Be assured I didn't forget that!
I wanted to point out that even with AD you have to conduct the tests
for different LDAP syntaxes or, even worse, different attribute types of
the same LDAP syntax.

Ciao, Michael.

Then it seem we are in violent agreement :)

Simo.

Volker, yes, your modified code is the right way to do it. Much better than
what was there previously. Thanks.

Derrell

Thanks for catching this bug and fixing it!

-Tim

Andrew are you sure this is correct ?
It is inconsistent with other changes in this patch set.

Simo.

--=-3+S1/A1yMhZZ6gsLzMCf
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
It is. I carefully checked, which is why I added the assert to the
other cases. (This is actually looking up the target, not index
records, and I wanted to be more clear about the split).=20

Andrew Bartlett

--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.

--=-3+S1/A1yMhZZ6gsLzMCf
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQBJSrWIz4A8Wyi0NrsRAoH/AJ9OBRpg0guVTYJ+MIaTmj3KOkmhSACgluvi
U4p2/O+5jiTyXgzH8KhLThk=
=nhnN
-----END PGP SIGNATURE-----

--=-3+S1/A1yMhZZ6gsLzMCf--

Maybe a comment to that effect would have been helpful, but as long as
it is correct I am fine :)

Simo.

Any chance of a torture test for s4 smbtorture for this Tim ?
That way we'll never regress (hopefully).

Thanks,

Jeremy.

--Apple-Mail-96-497555612
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
I actually did write one, but ran into a few problems:

1. Samba 4's smbclient was having some issues when receiving a trans2
response with Data Count equal to the request's Max Data Count. This
caused the wrong error message to be passed up to smbtorture. A
windows XP client had no problem receiving a response with Data Count
== Max Data Count, and was able to execute the buffer sizing algorithm
described in the comment against samba.

2. I may have missed something, but I didn't see a way in Samba 4's
smbclient to set the Max Data Count. It appears to be hard coded to
64K. This prevented me from writing a torture test that really
reproduces what the windows client does.

I didn't spend too much time tinkering with samba 4's smbclient, but
if anyone is interested in looking, I attached the test. I'll try and
get to it after I get a few other higher priority items done.

Jeremy, speaking of RAW-STREAMS torture, how is the rename fix going?
I also wrote a rename torture test last week to reproduce that exact
bug :). I was about to get started on writing a fix when I saw that
you already wrote one :). Once you get RAW-STREAMS passing again,
I'll push any additions I have in my rename test.

-Tim


--Apple-Mail-96-497555612
Content-Disposition: attachment;
filename=0001-s4-torture-Add-large-streaminfo-buffer-torture-test.patch
Content-Type: application/octet-stream; x-unix-mode=0700;
name="0001-s4-torture-Add-large-streaminfo-buffer-torture-test.patch"
Content-Transfer-Encoding: quoted-printable

=46rom=20d9c89c3afdfd4ca3254f102b8b45c0d05d9f6d78=20Mon=20Sep=2017=20=
00:00:00=202001=0AFrom:=20Tim=20Prouty=20<***@samba.org>=0ADate:=20=
Tue,=2023=20Dec=202008=2011:18:17=20-0800=0ASubject:=20[PATCH]=20s4=20=
torture:=20Add=20large=20streaminfo=20buffer=20torture=20test=20to=20=
RAW-STREAMS=0A=0A---=0A=20source4/torture/raw/streams.c=20|=20=20=2078=20=
+++++++++++++++++++++++++++++++++++++++++=0A=201=20files=20changed,=2078=20=
insertions(+),=200=20deletions(-)=0A=0Adiff=20--git=20=
a/source4/torture/raw/streams.c=20b/source4/torture/raw/streams.c=0A=
index=20ba74530..c9c5c31=20100644=0A---=20=
a/source4/torture/raw/streams.c=0A+++=20b/source4/torture/raw/streams.c=0A=
@@=20-1113,6=20+1113,82=20@@=20done:=0A=20}=0A=20=0A=20=0A+static=20bool=20=
create_file_with_stream(struct=20torture_context=20*tctx,=0A+=09=09=09=09=
=20=20=20=20struct=20smbcli_state=20*cli,=0A+=09=09=09=09=20=20=20=20=
TALLOC_CTX=20*mem_ctx,=0A+=09=09=09=09=20=20=20=20const=20char=20=
*base_fname,=0A+=09=09=09=09=20=20=20=20const=20char=20*stream)=0A+{=0A+=09=
NTSTATUS=20status;=0A+=09bool=20ret=20=3D=20true;=0A+=09union=20smb_open=20=
io;=0A+=0A+=09/*=20Create=20a=20file=20with=20a=20stream=20*/=0A+=09=
io.generic.level=20=3D=20RAW_OPEN_NTCREATEX;=0A+=09=
io.ntcreatex.in.root_fid=20=3D=200;=0A+=09io.ntcreatex.in.flags=20=3D=20=
0;=0A+=09io.ntcreatex.in.access_mask=20=3D=20=
(SEC_FILE_READ_DATA|SEC_FILE_WRITE_DATA|=0A+=09=20=20=20=20=
SEC_FILE_APPEND_DATA|SEC_STD_READ_CONTROL);=0A+=09=
io.ntcreatex.in.create_options=20=3D=200;=0A+=09=
io.ntcreatex.in.file_attr=20=3D=20FILE_ATTRIBUTE_NORMAL;=0A+=09=
io.ntcreatex.in.share_access=20=3D=200;=0A+=09io.ntcreatex.in.alloc_size=20=
=3D=200;=0A+=09io.ntcreatex.in.open_disposition=20=3D=20=
NTCREATEX_DISP_CREATE;=0A+=09io.ntcreatex.in.impersonation=20=3D=20=
NTCREATEX_IMPERSONATION_ANONYMOUS;=0A+=09io.ntcreatex.in.security_flags=20=
=3D=200;=0A+=09io.ntcreatex.in.fname=20=3D=20stream;=0A+=0A+=09status=20=
=3D=20smb_raw_open(cli->tree,=20mem_ctx,=20&io);=0A+=09=
CHECK_STATUS(status,=20NT_STATUS_OK);=0A+=0A+=20done:=0A+=09=
smbcli_close(cli->tree,=20io.ntcreatex.out.file.fnum);=0A+=09return=20=
ret;=0A+}=0A+=0A+/*=20Test=20streaminfo=20with=20enough=20streams=20on=20=
a=20file=20to=20fill=20up=20the=20buffer.=20=20*/=0A+static=20bool=20=
test_stream_large_streaminfo(struct=20torture_context=20*tctx,=0A+=09=09=09=
=09=09=20struct=20smbcli_state=20*cli,=0A+=09=09=09=09=09=20TALLOC_CTX=20=
*mem_ctx)=0A+{=0A+#define=20LONG_STREAM_SIZE=20200=0A+=09char=20=
*lstream_name;=0A+=09const=20char=20*fname=20=3D=20BASEDIR=20=
"\\stream.txt";=0A+=09const=20char=20*fname_stream;=0A+=09NTSTATUS=20=
status;=0A+=09bool=20ret=20=3D=20true;=0A+=09int=20i;=0A+=09union=20=
smb_fileinfo=20finfo;=0A+=0A+=09lstream_name=20=3D=20=
talloc_array(mem_ctx,=20char,=20LONG_STREAM_SIZE);=0A+=0A+=09for=20(i=20=
=3D=200;=20i=20<=20LONG_STREAM_SIZE=20-=201;=20i++)=20{=0A+=09=09=
lstream_name[i]=20=3D=20(char)('a'=20+=20i%26);=0A+=09}=0A+=09=
lstream_name[LONG_STREAM_SIZE=20-=201]=20=3D=20'\0';=0A+=0A+=09=
printf("(%s)=20Creating=20a=20file=20with=20a=20lot=20of=20streams\n",=20=
__location__);=0A+=09for=20(i=20=3D=200;=20i=20<=20150;=20i++)=20{=0A+=09=
=09fname_stream=20=3D=20talloc_asprintf(mem_ctx,=20"%s:%s%d",=20fname,=0A=
+=09=09=09=09=09=20=20=20=20=20=20=20lstream_name,=20i);=0A+=09=09ret=20=
=3D=20create_file_with_stream(tctx,=20cli,=20mem_ctx,=20fname,=0A+=09=09=09=
=09=09=20=20=20=20=20=20fname_stream);=0A+=09=09if=20(!ret)=20{=0A+=09=09=
=09goto=20done;=0A+=09=09}=0A+=09}=0A+=0A+=09finfo.generic.level=20=3D=20=
RAW_FILEINFO_STREAM_INFO;=0A+=09finfo.generic.in.file.path=20=3D=20=
fname;=0A+=0A+=09status=20=3D=20smb_raw_pathinfo(cli->tree,=20mem_ctx,=20=
&finfo);=0A+=09CHECK_STATUS(status,=20STATUS_BUFFER_OVERFLOW);=0A+=0A+=20=
done:=0A+=09smbcli_unlink(cli->tree,=20fname);=0A+=09return=20ret;=0A+}=0A=
+=0A=20/*=20=0A=20=20=20=20basic=20testing=20of=20streams=20calls=0A=20=
*/=0A@@=20-1140,6=20+1216,8=20@@=20bool=20torture_raw_streams(struct=20=
torture_context=20*torture,=0A=20=09if=20(!torture_setting_bool(torture,=20=
"samba4",=20false))=20{=0A=20=09=09ret=20&=3D=20=
test_stream_delete(torture,=20cli,=20torture);=0A=20=09}=0A+=09ret=20&=3D=20=
test_stream_large_streaminfo(torture,=20cli,=20torture);=0A+=09=
smb_raw_exit(cli->session);=0A=20=0A=20=09smb_raw_exit(cli->session);=0A=20=
=09smbcli_deltree(cli->tree,=20BASEDIR);=0A--=20=0A1.6.0=0A=0A=

--Apple-Mail-96-497555612
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit



--Apple-Mail-96-497555612--

Ok, cool - no problem. It's hard when the infrastructure
isn't there, but I scarfed your fix for 3.3 and 3.2 as the
streams code is stable and the same there.
RAW-STREAMS is actually passing right now against 3.3.x.
The build farm failures seem to be many different issues
right now. I'm concentrating on removing all gcc 4.3.x
warnings first as RAW-STREAMS is ok.

Can you push any new stuff you have so I can look at it ?

Thanks,

Jeremy.

Thanks!
Yes. I probably won't have time before the holidays, but I'll try and
get them upstream along with any associated fixes soon.

-Tim

Sorry Kai, compiled in 3.3 and was a bad merge before
going on vacation :-(.

Jeremy.

--ibTvN161/egqYuK8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Thanks :-)

Volker

--ibTvN161/egqYuK8
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFJXKVrbsgDfmnSbrYRAuzAAJ92hX4aXj9AYYb5cxApuDTtnW2czwCggPSb
SxLO05RiOfjLdIgWNEUhQmg=
=QLif
-----END PGP SIGNATURE-----

--ibTvN161/egqYuK8--