Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netsmb make sure sr_bcount, sr_rqtid and sr_rquid are wr...
details: https://anonhg.NetBSD.org/src/rev/bacc76388b52
branches: trunk
changeset: 543420:bacc76388b52
user: jdolecek <jdolecek%NetBSD.org@localhost>
date: Mon Feb 24 21:13:13 2003 +0000
description:
make sure sr_bcount, sr_rqtid and sr_rquid are wrote in alignment-safe way
problem pointed out by Martin Husemann
while here, turn some checks/SMBERROR()s to #ifdef DIAGNOSTIC panic()s
diffstat:
sys/netsmb/smb_iod.c | 8 +++++---
sys/netsmb/smb_rq.c | 37 ++++++++++++++++++-------------------
sys/netsmb/smb_rq.h | 14 +++++++++-----
3 files changed, 32 insertions(+), 27 deletions(-)
diffs (140 lines):
diff -r b336eb435e39 -r bacc76388b52 sys/netsmb/smb_iod.c
--- a/sys/netsmb/smb_iod.c Mon Feb 24 20:03:02 2003 +0000
+++ b/sys/netsmb/smb_iod.c Mon Feb 24 21:13:13 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: smb_iod.c,v 1.5 2003/02/18 10:18:53 jdolecek Exp $ */
+/* $NetBSD: smb_iod.c,v 1.6 2003/02/24 21:13:13 jdolecek Exp $ */
/*
* Copyright (c) 2000-2001 Boris Popov
@@ -230,12 +230,14 @@
break;
}
if (rqp->sr_sendcnt == 0) {
+ u_int16_t tid = ssp ? ssp->ss_tid : SMB_TID_UNKNOWN;
+ u_int16_t rquid = vcp ? vcp->vc_smbuid : 0;
#ifdef movedtoanotherplace
if (vcp->vc_maxmux != 0 && iod->iod_muxcnt >= vcp->vc_maxmux)
return 0;
#endif
- *rqp->sr_rqtid = htole16(ssp ? ssp->ss_tid : SMB_TID_UNKNOWN);
- *rqp->sr_rquid = htole16(vcp ? vcp->vc_smbuid : 0);
+ SMBRQ_PUTLE16(rqp->sr_rqtid, tid);
+ SMBRQ_PUTLE16(rqp->sr_rquid, rquid);
mb_fixhdr(&rqp->sr_rq);
}
if (rqp->sr_sendcnt++ > 5) {
diff -r b336eb435e39 -r bacc76388b52 sys/netsmb/smb_rq.c
--- a/sys/netsmb/smb_rq.c Mon Feb 24 20:03:02 2003 +0000
+++ b/sys/netsmb/smb_rq.c Mon Feb 24 21:13:13 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: smb_rq.c,v 1.8 2003/02/24 19:31:45 jdolecek Exp $ */
+/* $NetBSD: smb_rq.c,v 1.9 2003/02/24 21:13:13 jdolecek Exp $ */
/*
* Copyright (c) 2000-2001, Boris Popov
@@ -128,9 +128,9 @@
mb_put_uint8(mbp, vcp->vc_hflags);
mb_put_uint16le(mbp, vcp->vc_hflags2);
mb_put_mem(mbp, tzero, 12, MB_MSYSTEM);
- rqp->sr_rqtid = (u_int16_t*)mb_reserve(mbp, sizeof(u_int16_t));
+ rqp->sr_rqtid = mb_reserve(mbp, sizeof(u_int16_t));
mb_put_uint16le(mbp, 1 /*scred->sc_p->p_pid & 0xffff*/);
- rqp->sr_rquid = (u_int16_t*)mb_reserve(mbp, sizeof(u_int16_t));
+ rqp->sr_rquid = mb_reserve(mbp, sizeof(u_int16_t));
mb_put_uint16le(mbp, rqp->sr_mid);
return 0;
}
@@ -216,35 +216,34 @@
void
smb_rq_wend(struct smb_rq *rqp)
{
- if (rqp->sr_wcount == NULL) {
- SMBERROR("no wcount\n"); /* actually panic */
- return;
- }
+#ifdef DIAGNOSTIC
+ if (rqp->sr_wcount == NULL)
+ panic("smb_rq_wend: no wcount");
if (rqp->sr_rq.mb_count & 1)
- SMBERROR("odd word count\n");
- *rqp->sr_wcount = rqp->sr_rq.mb_count / 2;
+ panic("smb_rq_wend: odd word count");
+#endif
+ rqp->sr_wcount[0] = rqp->sr_rq.mb_count / 2;
}
void
smb_rq_bstart(struct smb_rq *rqp)
{
- rqp->sr_bcount = (u_short*)mb_reserve(&rqp->sr_rq, sizeof(u_short));
+ rqp->sr_bcount = mb_reserve(&rqp->sr_rq, sizeof(u_int16_t));
rqp->sr_rq.mb_count = 0;
}
void
smb_rq_bend(struct smb_rq *rqp)
{
- int bcnt;
+ u_int16_t bcnt = rqp->sr_rq.mb_count;
- if (rqp->sr_bcount == NULL) {
- SMBERROR("no bcount\n"); /* actually panic */
- return;
- }
- bcnt = rqp->sr_rq.mb_count;
- if (bcnt > 0xffff)
- SMBERROR("byte count too large (%d)\n", bcnt);
- *rqp->sr_bcount = htole16(bcnt);
+#ifdef DIAGNOSTIC
+ if (rqp->sr_bcount == NULL)
+ panic("smb_rq_bend: no bcount");
+ if (rqp->sr_rq.mb_count > 0xffff)
+ panic("smb_rq_bend: byte count too large (%d)", bcnt);
+#endif
+ SMBRQ_PUTLE16(rqp->sr_bcount, bcnt);
}
int
diff -r b336eb435e39 -r bacc76388b52 sys/netsmb/smb_rq.h
--- a/sys/netsmb/smb_rq.h Mon Feb 24 20:03:02 2003 +0000
+++ b/sys/netsmb/smb_rq.h Mon Feb 24 21:13:13 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: smb_rq.h,v 1.2 2002/01/04 02:39:44 deberg Exp $ */
+/* $NetBSD: smb_rq.h,v 1.3 2003/02/24 21:13:13 jdolecek Exp $ */
/*
* Copyright (c) 2000-2001, Boris Popov
@@ -61,6 +61,10 @@
#define SMBRQ_SUNLOCK(rqp) smb_sl_unlock(&(rqp)->sr_slock)
#define SMBRQ_SLOCKPTR(rqp) (&(rqp)->sr_slock)
+/* save 16bit 'what' to memory pointed out by 'where' in little-endian format */
+#define SMBRQ_PUTLE16(where, what) \
+ (where)[0] = (what) & 0xff; \
+ (where)[1] = (what) >> 8
enum smbrq_state {
SMBRQ_NOTSENT, /* rq have data to send */
@@ -80,8 +84,8 @@
struct mbchain sr_rq;
u_int8_t sr_rqflags;
u_int16_t sr_rqflags2;
- u_char * sr_wcount;
- u_short * sr_bcount;
+ u_int8_t * sr_wcount;
+ u_int8_t * sr_bcount;
struct mdchain sr_rp;
int sr_rpgen;
int sr_rplast;
@@ -93,8 +97,8 @@
int sr_sendcnt;
struct timeval sr_timesent;
int sr_lerror;
- u_int16_t * sr_rqtid;
- u_int16_t * sr_rquid;
+ u_int8_t * sr_rqtid;
+ u_int8_t * sr_rquid;
u_int8_t sr_errclass;
u_int16_t sr_serror;
u_int32_t sr_error;
Home |
Main Index |
Thread Index |
Old Index