Fix bug #8686 - Packet validation checks can be done before length validation causing uninitialized memory read.

(cherry picked from commit 24ac26ddfd9ee8841d1984e710a4dfe535b9abcf)
author: Volker Lendecke <Volker.Lendecke@SerNet.DE> 2012-01-04 11:09:54 -0800
committer: Karolin Seeger <kseeger@samba.org> 2012-01-23 21:29:34 +0100
commit: cc2ba64e2182d6e8ff27e3c459574e8055356b6e (patch)
tree: 07811f650be5245c84fd0f702069f59b4f3b7d83
parent: 9d0ef461015d52012e64ca769e71661957d5dd02 (diff)
download: samba-cc2ba64e2182d6e8ff27e3c459574e8055356b6e.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index b3704233ad8..5aa19cbee0d 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1442,8 +1442,8 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
 
 	/* Make sure this is an SMB packet. smb_size contains NetBIOS header
 	 * so subtract 4 from it. */
-	if (!valid_smb_header(req->inbuf)
-	    || (size < (smb_size - 4))) {
+	if ((size < (smb_size - 4)) ||
+	    !valid_smb_header(req->inbuf)) {
 		DEBUG(2,("Non-SMB packet of length %d. Terminating server\n",
 			 smb_len(req->inbuf)));
 		exit_server_cleanly("Non-SMB packet");
author	Volker Lendecke <Volker.Lendecke@SerNet.DE>	2012-01-04 11:09:54 -0800
committer	Karolin Seeger <kseeger@samba.org>	2012-01-23 21:29:34 +0100
commit	cc2ba64e2182d6e8ff27e3c459574e8055356b6e (patch)
tree	07811f650be5245c84fd0f702069f59b4f3b7d83
parent	9d0ef461015d52012e64ca769e71661957d5dd02 (diff)
download	samba-cc2ba64e2182d6e8ff27e3c459574e8055356b6e.tar.gz