Some very old, yet inconsistent, behavior of smb_hfield_add() could pretty

easily result in a message body being added to a message base with no accompanying message header: if the header data was 0-length, the hfield_dat was not actually allocated and the applicable smbmsg_t convenience pointer was not set accordingly. This had the side effect that if a message were to be imported with a blank recipient ("To" field), the header was not created at all (to support mutliple header, single body msgs, i.e. bulkmail). The other functions that set the convenience pointers do not treat 0-length header field data special, so this was inconsistent behavior. Most message types (e.g. networks) don't want 0-length "to" fields, but that shoudl be enforced somewhere else, not here.

Some very old, yet inconsistent, behavior of smb_hfield_add() could pretty
717b99ee · rswindell · 210e6901 · 717b99ee
Commit 717b99ee authored 5 years ago by rswindell
--- a/src/smblib/smblib.c
+++ b/src/smblib/smblib.c
@@ -1211,15 +1211,11 @@ int SMBCALL smb_hfield_add(smbmsg_t* msg, uint16_t type, size_t length, void* da
 	msg->total_hfields++;
 	msg->hfield[i].type=type;
 	msg->hfield[i].length=(uint16_t)length;
-	if(length) {
-		if((msg->hfield_dat[i]=(void* )malloc(length+1))==NULL) 
-			return(SMB_ERR_MEM);	/* Allocate 1 extra for ASCIIZ terminator */
-		memset(msg->hfield_dat[i],0,length+1);
-		memcpy(msg->hfield_dat[i],data,length); 
-		set_convenience_ptr(msg,type,msg->hfield_dat[i]);
-	}
-	else
-		msg->hfield_dat[i]=NULL;
+	if((msg->hfield_dat[i]=(void* )malloc(length+1))==NULL) 
+		return(SMB_ERR_MEM);	/* Allocate 1 extra for ASCIIZ terminator */
+	memset(msg->hfield_dat[i],0,length+1);
+	memcpy(msg->hfield_dat[i],data,length); 
+	set_convenience_ptr(msg,type,msg->hfield_dat[i]);

 	return(SMB_SUCCESS);
 }