From e0beb5a2f258757f64ef3c4d0f6928e67a1e5d5b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Tue, 27 Aug 2013 09:40:19 +0000
Subject: [PATCH] smbd: Correctly return INFO_LENGTH_MISMATCH for smb1

This is required if the client offered less buffer than the fixed portion
of the info level data requires

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10106
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 1b1935b876a14154ef74e447bf53eb7cd0a5dde9)
---
 source3/smbd/trans2.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 0f7e295c783..f23192e87f5 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -5651,6 +5651,10 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
 		reply_nterror(req, status);
 		return;
 	}
+	if (fixed_portion > max_data_bytes) {
+		reply_nterror(req, NT_STATUS_INFO_LENGTH_MISMATCH);
+		return;
+	}
 
 	send_trans2_replies(conn, req, NT_STATUS_OK, params, param_size, *ppdata, data_size,
 			    max_data_bytes);
-- 
2.11.4.GIT