Thomas Bork
2005-Jan-05 14:33 UTC
[Samba] 3.0.10 with printing patch, NULL devmode, failing to fetch tdb and buffer overflow
Hi Jerry, hi @all, some users with 3.0.10 with printing patch have problems with old printjobs in her status monitor in windows. Loglevel 10 shows two problems: 1. The devmode for this printer was not set properly (I know, thiswill cause problems). log.smbd: [2005/01/05 14:02:09, 8] rpc_parse/parse_spoolss.c:smb_io_reldevmode(2407) boing, the devmode was NULL 2. A buffer overflow is logged. log.smbd: [2005/01/05 14:02:09, 5] smbd/ipc.c:send_trans_reply(91) send_trans_reply: buffer 1024 too large [2005/01/05 14:02:09, 3] smbd/error.c:error_packet(129) error packet at smbd/ipc.c(99) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW [2005/01/05 14:02:09, 5] smbd/ipc.c:copy_trans_params_and_data(62) copy_trans_params_and_data: params[0..0] data[0..1024] Is this a risk? Is it possible to avoid this even if the devmode is not set? Is this the reason for the failed fetching of the tdb?: [2005/01/05 12:53:03, 0] smbd/connection.c:register_message_flags(220) register_message_flags: tdb_fetch failed der tom __________________________________________________________ Mit WEB.DE FreePhone mit hoechster Qualitaet ab 0 Ct./Min. weltweit telefonieren! http://freephone.web.de/?mc=021201
Gerald (Jerry) Carter
2005-Jan-05 16:33 UTC
[Samba] 3.0.10 with printing patch, NULL devmode, failing to fetch tdb and buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas Bork wrote: | Hi Jerry, hi @all, | | some users with 3.0.10 with printing patch have problems | with old printjobs in her status monitor in windows. Loglevel 10 | shows two problems: I'm still working on this. The two errors you mention are unrelated though. The last one might be related now that I think of it. | | 1. The devmode for this printer was not set properly (I know, | thiswill cause problems). log.smbd: | boing, the devmode was NULL | | 2. A buffer overflow is logged. | log.smbd: | [2005/01/05 14:02:09, 5] smbd/ipc.c:send_trans_reply(91) | send_trans_reply: buffer 1024 too large | [2005/01/05 14:02:09, 3] smbd/error.c:error_packet(129) | error packet at smbd/ipc.c(99) cmd=37 (SMBtrans) | STATUS_BUFFER_OVERFLOW The BUFFER_OVERFLOW error is a normal RPC error code when the reply PDU must be fragmented across multiple packets. | Is this the reason for the failed fetching of the tdb?: | [2005/01/05 12:53:03, 0] smbd/connection.c:register_message_flags(220) | register_message_flags: tdb_fetch failed | This was a bug in smbd when clients connected to port 445. Should be fixed in 3.0.11pre1. Could you test that and let me know if the print jobs are removed normally? Thanks. cheers, jerry - --------------------------------------------------------------------- Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "If we're adding to the noise, turn off this song"--Switchfoot (2003) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB3Ba7IR7qMdg1EfYRAubxAJ9Sjkt79JbnVSgWs2WNR2WFIyYWFQCZATtx Hbf1f3Sg7w7KQuNyv1T6DNA=UHMa -----END PGP SIGNATURE-----