Slava Leizerovich (vleizero)
2006-Dec-05 21:22 UTC
[Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba.
I try to use Win32API EnumPrinterDataEx to get registry key's values and data from Samba print server (of course I previously connect to the print queue and retrieve keys by EnumPrinterKey). During the function execution (EnumPrinterDataEx) I collect ethereal trace to verify correct data is sent on wire and that Ethereal can correctly represent that info. Some of the keys parsed correctly by wireshark (DsSpooler for example) the others not (like PrinterDriverData). However any key value name and data fail to be correctly handled by EnumPrinterDataEx. The data received from print server is sequence of structures of type PRINTER_ENUM_VALUES. All the fields of the structure that aren't pointers are represented correctly, however pointers (that should contain actual memory address outside the structure and are set by adding offset value to the structure base address) contain only offset value w/o based struct memory address added to it, thus pointers indicate incorrect memory address. I tested same function execution when working with remote Windows print server and verified that pointers arithmetic is done. Here I brought the enumerated values buffer output for Samba and Windows print servers when EnumPrinterDataEx function is executed. Have anyone seen similar issue and can shed some light on this phenomena. Buffers base memory address for Windows case is 0x003a8390 and the offset for the ValueName is 60. Buffers base memory address for Samba case is 0x003a9d48 and the offset for the ValueName is 380. I use windows XP SP2 client. As one can easily see Samba buffer contains just offset value in hexadecimal presentation while windows buffer contains actual calculated memory reference inside the buffer space. Bolded are the values that ValueName pointer contains, first in the Samba call and second in the windows call. Samba values buffer: Key name [DsSpooler] - Samba 7c 1 0 0 16 0 0 0 3 0 0 0 92 1 0 0 10 0 0 0 8e 1 0 0 18 0 0 0 1 0 0 0 a6 1 0 0 4 0 0 0 96 1 0 0 16 0 0 0 1 0 0 0 ac 1 0 0 6c 0 0 0 4 2 0 0 12 0 0 0 1 0 0 0 16 2 0 0 4 0 0 0 6 2 0 0 12 0 0 0 7 0 0 0 18 2 0 0 1c 0 0 0 20 2 0 0 1e 0 0 0 4 0 0 0 3e 2 0 0 4 0 0 0 2e 2 0 0 1a 0 0 0 4 0 0 0 48 2 0 0 4 0 0 0 38 2 0 0 2a 0 0 0 3 0 0 0 62 2 0 0 1 0 0 0 50 2 0 0 26 0 0 0 1 0 0 0 76 2 0 0 4 0 0 0 66 2 0 0 1e 0 0 0 1 0 0 0 84 2 0 0 24 0 0 0 94 2 0 0 1c 0 0 0 1 0 0 0 b0 2 0 0 48 0 0 0 e4 2 0 0 12 0 0 0 4 0 0 0 f6 2 0 0 4 0 0 0 e6 2 0 0 1c 0 0 0 4 0 0 0 2 3 0 0 4 0 0 0 f2 2 0 0 8 0 0 0 1 0 0 0 fa 2 0 0 b0 0 0 0 96 3 0 0 c 0 0 0 4 0 0 0 a2 3 0 0 4 0 0 0 92 3 0 0 18 0 0 0 1 0 0 0 aa 3 0 0 10 0 0 0 a6 3 0 0 16 0 0 0 1 0 0 0 bc 3 0 0 1e 0 0 0 c6 3 0 0 20 0 0 0 1 0 0 0 e6 3 0 0 1e 0 0 0 f0 3 0 0 10 0 0 0 1 0 0 0 0 4 0 0 32 0 0 0 6f 0 62 0 6a 0 65 0 63 0 74 0 47 0 55 0 49 0 44 0 0 0 f8 b3 f c6 9b 5e b9 43 ac 2d c7 db 67 5c 32 f3 64 0 65 0 73 0 63 0 72 0 69 0 70 0 74 0 69 0 6f 0 6e 0 0 0 0 0 0 0 64 0 72 0 69 0 76 0 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 48 0 50 0 20 0 4c 0 61 0 73 0 65 0 72 0 4a 0 65 0 74 0 20 0 32 0 33 0 30 0 30 0 20 0 53 0 65 0 72 0 69 0 65 0 73 0 20 0 50 0 53 0 0 0 0 0 30 0 0 0 30 0 0 0 2 0 0 0 0 53 0 0 0 65 0 0 0 72 0 0 0 69 0 0 0 65 0 0 0 73 0 0 0 20 0 0 0 50 0 0 0 53 0 0 0 0 0 0 0 6c 0 6f 0 63 0 61 0 74 0 69 0 6f 0 6e 0 0 0 0 0 0 0 70 0 6f 0 7 2 0 74 0 4e 0 61 0 6d 0 65 0 0 0 4c 0 50 0 54 0 31 0 3a 0 0 0 0 0 0 0 3a 0 0 0 0 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 53 0 74 0 61 0 72 0 74 0 54 0 69 0 6d 0 65 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 45 0 6e 0 64 0 54 0 69 0 6d 0 65 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 4b 0 65 0 65 0 70 0 50 0 72 0 69 0 6e 0 74 0 6 5 0 64 0 4a 0 6f 0 62 0 73 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 53 0 65 0 70 0 61 0 72 0 61 0 74 0 6f 0 72 0 46 0 69 0 6c 0 65 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 7 4 0 53 0 68 0 61 0 72 0 65 0 4e 0 61 0 6d 0 65 0 0 0 48 0 50 0 4c 0 61 0 73 0 65 0 72 0 4a 0 0 0 0 0 65 0 0 0 72 0 0 0 4a 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 53 0 70 0 6f 0 6f 0 6c 0 69 0 6e 0 67 0 0 0 50 0 72 0 69 0 6e 0 74 0 41 0 66 0 74 0 65 0 72 0 53 0 70 0 6f 0 6f 0 6c 0 65 0 64 0 0 0 72 0 0 0 53 0 0 0 70 0 0 0 6f 0 0 0 6f 0 0 0 6c 0 0 0 65 0 0 0 64 0 0 0 0 0 0 0 70 0 72 0 69 0 6f 0 72 0 6 9 0 74 0 79 0 0 0 1 0 0 0 76 0 65 0 72 0 73 0 69 0 6f 0 6e 0 4e 0 75 0 6d 0 62 0 65 0 72 0 0 0 4 0 0 0 75 0 72 0 6c 0 0 0 68 0 74 0 74 0 70 0 3a 0 2f 0 2f 0 76 0 6c 0 65 0 69 0 7a 0 65 0 72 0 6f 0 2d 0 77 0 78 0 70 0 2e 0 65 0 6d 0 65 0 61 0 2e 0 63 0 69 0 73 0 63 0 6f 0 2e 0 63 0 6f 0 6d 0 2f 0 48 0 50 0 4c 0 61 0 73 0 65 0 72 0 4a 0 0 0 65 0 0 0 61 0 0 0 2e 0 0 0 63 0 0 0 69 0 0 0 73 0 0 0 63 0 0 0 6f 0 0 0 2e 0 0 0 63 0 0 0 6f 0 0 0 6d 0 0 0 2f 0 0 0 48 0 0 0 50 0 0 0 4c 0 0 0 61 0 0 0 73 0 0 0 65 0 0 0 72 0 0 0 4a 0 0 0 0 0 0 0 66 0 6c 0 61 0 67 0 73 0 0 0 0 0 0 0 70 0 72 0 69 0 6e 0 74 0 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 48 0 5 0 0 5f 0 32 0 33 0 30 0 30 0 0 0 73 0 65 0 72 0 76 0 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 57 0 41 0 45 0 2d 0 52 0 33 0 34 0 2d 0 35 0 31 0 32 0 2d 0 31 0 33 0 0 0 73 0 68 0 6f 0 72 0 74 0 53 0 65 0 72 0 76 0 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 57 0 41 0 45 0 2d 0 52 0 33 0 34 0 2d 0 35 0 31 0 32 0 2d 0 31 0 33 0 0 0 75 0 4 e 0 43 0 4e 0 61 0 6d 0 65 0 0 0 5c 0 5c 0 57 0 41 0 45 0 2d 0 52 0 33 0 34 0 2d 0 35 0 31 0 32 0 2d 0 31 0 33 0 5c 0 48 0 50 0 5f 0 32 0 33 0 30 0 30 0 0 0 0 0 Windows value buffer as filled by EnumPrinterDataEx function: Key name [DsSpooler] f8 84 3a 0 18 0 0 0 1 0 0 0 10 85 3a 0 2 0 0 0 12 85 3a 0 16 0 0 0 1 0 0 0 28 85 3a 0 36 0 0 0 5e 85 3a 0 12 0 0 0 1 0 0 0 70 85 3a 0 2 0 0 0 72 85 3a 0 12 0 0 0 7 0 0 0 84 85 3a 0 e 0 0 0 92 85 3a 0 1e 0 0 0 4 0 0 0 b0 85 3a 0 4 0 0 0 b4 8 5 3a 0 1a 0 0 0 4 0 0 0 d0 85 3a 0 4 0 0 0 d4 85 3a 0 18 0 0 0 1 0 0 0 ec 85 3a 0 36 0 0 0 22 86 3a 0 2a 0 0 0 3 0 0 0 4c 86 3a 0 1 0 0 0 4e 86 3a 0 26 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 74 86 3a 0 1e 0 0 0 1 0 0 0 92 86 3a 0 12 0 0 0 a4 86 3a 0 1c 0 0 0 1 0 0 0 c0 86 3a 0 24 0 0 0 e4 86 3a 0 12 0 0 0 4 0 0 0 f8 86 3a 0 4 0 0 0 fc 86 3a 0 10 0 0 0 1 0 0 0 c 87 3a 0 66 0 0 0 72 87 3a 0 1c 0 0 0 4 0 0 0 90 87 3a 0 4 0 0 0 94 87 3a 0 16 0 0 0 1 0 0 0 aa 87 3a 0 2c 0 0 0 d6 87 3a 0 20 0 0 0 1 0 0 0 f6 87 3a 0 12 0 0 0 8 88 3a 0 8 0 0 0 1 0 0 0 10 88 3a 0 4c 0 0 0 5c 88 3a 0 c 0 0 0 4 0 0 0 68 88 3a 0 4 0 0 0 64 65 73 63 72 69 70 74 69 6f 6e 0 70 0 74 0 69 0 6f 0 6e 0 0 0 0 0 64 72 69 76 65 72 4e 61 6d 65 0 0 4e 0 61 0 6 d 0 65 0 0 0 48 50 20 4c 61 73 65 72 4a 65 74 20 32 33 30 30 20 53 65 72 69 65 7 3 20 50 53 0 0 30 0 30 0 20 0 53 0 65 0 72 0 69 0 65 0 73 0 20 0 50 0 53 0 0 0 6 c 6f 63 61 74 69 6f 6e 0 0 69 0 6f 0 6e 0 0 0 0 0 70 6f 72 74 4e 61 6d 65 0 0 61 0 6d 0 65 0 0 0 4c 50 54 31 3a 0 0 0 3a 0 0 0 0 0 70 72 69 6e 74 53 74 61 72 74 54 69 6d 65 0 0 72 0 74 0 54 0 69 0 6d 0 65 0 0 0 0 0 0 0 70 72 69 6e 74 45 6e 64 54 69 6d 65 0 0 64 0 54 0 69 0 6d 0 65 0 0 0 0 0 0 0 0 0 70 72 69 6e 74 65 72 4e 61 6d 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 48 50 20 4c 61 73 65 72 4a 65 74 20 32 33 30 30 20 53 65 72 69 65 73 20 50 53 0 0 30 0 30 0 20 0 53 0 65 0 72 0 69 0 65 0 73 0 20 0 50 0 53 0 0 0 70 72 69 6e 74 4b 65 65 70 50 72 69 6e 74 65 64 4a 6f 62 73 0 0 69 0 6e 0 74 0 65 0 64 0 4a 0 6f 0 62 0 73 0 0 0 0 0 70 72 69 6e 7 4 53 65 70 61 72 61 74 6f 72 46 69 6c 65 0 0 61 0 74 0 6f 0 72 0 46 0 69 0 6c 0 65 0 0 0 70 72 69 6e 74 53 68 61 72 65 4e 61 6d 65 0 0 72 0 65 0 4e 0 61 0 6d 0 65 0 0 0 48 50 4c 61 73 65 72 4a 0 0 65 0 72 0 4a 0 0 0 70 72 69 6e 74 53 70 6f 6f 6c 69 6e 67 0 6f 0 6f 0 6c 0 69 0 6e 0 67 0 0 0 50 72 69 6e 74 41 66 74 65 72 53 70 6f 6f 6c 65 64 0 72 0 53 0 70 0 6f 0 6f 0 6c 0 65 0 64 0 0 0 70 72 69 6f 72 69 74 79 0 0 69 0 74 0 79 0 0 0 0 0 1 0 0 0 75 4e 43 4e 61 6d 65 0 61 0 6d 0 65 0 0 0 5c 5c 73 6c 61 76 61 2d 78 70 2e 76 65 72 73 65 64 67 65 2e 63 6f 6d 5c 48 50 20 4c 61 73 65 72 4a 65 74 20 32 33 30 30 20 53 65 72 69 65 73 20 50 53 0 0 20 0 4c 0 61 0 73 0 65 0 72 0 4a 0 65 0 74 0 20 0 32 0 33 0 30 0 30 0 20 0 53 0 65 0 72 0 69 0 65 0 73 0 20 0 50 0 53 0 0 0 76 65 72 73 69 6f 6e 4e 75 6d 62 65 72 0 4e 0 75 0 6d 0 62 0 65 0 72 0 0 0 0 0 4 0 0 0 73 65 72 76 65 72 4e 61 6d 65 0 0 4e 0 61 0 6d 0 65 0 0 0 73 6c 61 76 61 2d 78 70 2e 76 65 72 73 65 64 67 65 2e 63 6f 6d 0 72 0 73 0 65 0 64 0 67 0 65 0 2e 0 63 0 6f 0 6d 0 0 0 73 68 6f 72 74 53 65 72 76 65 72 4e 61 6d 65 0 76 0 65 0 72 0 4e 0 61 0 6d 0 65 0 0 0 53 4c 41 56 41 2d 58 50 0 0 2d 0 58 0 50 0 0 0 75 72 6c 0 6c 0 0 0 68 74 74 70 3a 2 f 2f 73 6c 61 76 61 2d 78 70 2e 76 65 72 73 65 64 67 65 2e 63 6f 6d 2f 48 50 4c 61 73 65 72 4a 0 73 0 65 0 64 0 67 0 65 0 2e 0 63 0 6f 0 6d 0 2f 0 48 0 50 0 4c 0 61 0 73 0 65 0 72 0 4a 0 0 0 66 6c 61 67 73 0 67 0 73 0 0 0 0 0 0 0
Volker Lendecke
2006-Dec-06 09:18 UTC
[Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba.
On Tue, Dec 05, 2006 at 10:12:42PM +0100, Slava Leizerovich (vleizero) wrote:> I try to use Win32API EnumPrinterDataEx to get registry key's values and > data from Samba print server (of course I previously connect to the > print queue and retrieve keys by EnumPrinterKey). > > During the function execution (EnumPrinterDataEx) I collect ethereal > trace to verify correct data is sent on wire and that Ethereal can > correctly represent that info.Can you please send the real trace file, not some text dump? Thanks, Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20061206/0115832a/attachment.bin
Slava Leizerovich (vleizero)
2006-Dec-06 10:56 UTC
[Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba.
I sent you the data on the separate mail. Just to explain myself a bit more: I can see in the trace all relevant data, but once it processed by windows EnumPrinterDataEx, the resulting buffer (I inspect its contents in the MSDEV debugger) contains actual offset values for the pointers variables instead of correct memory addresses. If I do the pointers calculations by myself, the relevant data is in place and valid in the buffer. -----Original Message----- From: Volker Lendecke [mailto:vlendec@SerNet.DE] On Behalf Of Volker Lendecke Sent: Wednesday, December 06, 2006 11:19 AM To: Slava Leizerovich (vleizero) Cc: samba@lists.samba.org Subject: Re: [Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba. On Tue, Dec 05, 2006 at 10:12:42PM +0100, Slava Leizerovich (vleizero) wrote:> I try to use Win32API EnumPrinterDataEx to get registry key's valuesand> data from Samba print server (of course I previously connect to the > print queue and retrieve keys by EnumPrinterKey). > > During the function execution (EnumPrinterDataEx) I collect ethereal > trace to verify correct data is sent on wire and that Ethereal can > correctly represent that info.Can you please send the real trace file, not some text dump? Thanks, Volker
Slava Leizerovich (vleizero)
2006-Dec-06 12:47 UTC
[Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba.
Thanks. I approached Jerry directly in parallel a couple of days ago and waiting for his answer on this. Will keep you updated on this issue. Slava. -----Original Message----- From: Volker Lendecke [mailto:vlendec@SerNet.DE] On Behalf Of Volker Lendecke Sent: Wednesday, December 06, 2006 1:22 PM To: Slava Leizerovich (vleizero) Cc: samba@lists.samba.org Subject: Re: [Samba] Incorrect pointers arithmetic in the PRINTER_ENUM_VALUES structure when calling Samba. On Wed, Dec 06, 2006 at 11:56:12AM +0100, Slava Leizerovich (vleizero) wrote:> Just to explain myself a bit more: > I can see in the trace all relevant data, but once it processed by > windows EnumPrinterDataEx, the resulting buffer (I inspect itscontents> in the MSDEV debugger) contains actual offset values for the pointers > variables instead of correct memory addresses. > If I do the pointers calculations by myself, the relevant data is in > place and valid in the buffer.Ok, I'll have to delegate this to Jerry (sorry), this is a bit beyond me at this moment. Jerry, I can send you the capture and screenshots if you need it. Volker
Possibly Parallel Threads
- Failure of user registration with XLITE
- R crashes while running a positive checked script (PR#11264)
- v2.3.3 rc1 - Error: sieve: !!BUG!!: Binary compiled from dovecot.sieve is still corrupt
- OH323 CONTROL PROTOCOL ERROR
- Need help in addressing this error - ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca