From bcb7baf068642dc2117621dcae3811b074f67a23 Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Tue, 1 Jul 2003 03:24:16 +0000
Subject: [PATCH] Bugfix: smb_addcrc() no longer tries to malloc or read the
 CRC history file if the length is 0. smb_addcrc() now verifies the file is
 evenly divisible by 4 bytes (the size of a 32-bit CRC record).

---
 src/smblib/smblib.c | 66 +++++++++++++++++++++++----------------------
 1 file changed, 34 insertions(+), 32 deletions(-)

diff --git a/src/smblib/smblib.c b/src/smblib/smblib.c
index 801f1b2669..b2023b3619 100644
--- a/src/smblib/smblib.c
+++ b/src/smblib/smblib.c
@@ -1248,48 +1248,50 @@ int SMBCALL smb_addcrc(smb_t* smb, ulong crc)
 	}
 
 	length=filelength(file);
-	if(length<0L) {
+	if(length<0L || length%sizeof(long)) {
 		close(file);
 		sprintf(smb->last_error,"invalid file length: %ld", length);
 		return(SMB_ERR_FILE_LEN); 
 	}
 
-	if((buf=(ulong*)MALLOC(length))==NULL) {
-		close(file);
-		sprintf(smb->last_error
-			,"malloc failure of %ld bytes"
-			,length);
-		return(SMB_ERR_MEM); 
-	}
+	if(length!=0) {
+		if((buf=(ulong*)MALLOC(length))==NULL) {
+			close(file);
+			sprintf(smb->last_error
+				,"malloc failure of %ld bytes"
+				,length);
+			return(SMB_ERR_MEM); 
+		}
 
-	if(read(file,buf,length)!=length) {
-		close(file);
-		FREE(buf);
-		sprintf(smb->last_error
-			,"%d (%s) reading %ld bytes"
-			,errno,STRERROR(errno),length);
-		return(SMB_ERR_READ);
-	}
+		if(read(file,buf,length)!=length) {
+			close(file);
+			FREE(buf);
+			sprintf(smb->last_error
+				,"%d (%s) reading %ld bytes"
+				,errno,STRERROR(errno),length);
+			return(SMB_ERR_READ);
+		}
 
-	for(l=0;l<length/sizeof(long);l++)
-		if(crc==buf[l])
-			break;
-	if(l<length/sizeof(long)) {					/* Dupe CRC found */
-		close(file);
-		FREE(buf);
-		sprintf(smb->last_error
-			,"duplicate message detected");
-		return(SMB_DUPE_MSG);
-	} 
+		for(l=0;l<length/sizeof(long);l++)
+			if(crc==buf[l])
+				break;
+		if(l<length/sizeof(long)) {					/* Dupe CRC found */
+			close(file);
+			FREE(buf);
+			sprintf(smb->last_error
+				,"duplicate message detected");
+			return(SMB_DUPE_MSG);
+		} 
 
-	if(length>=(long)(smb->status.max_crcs*sizeof(long))) {
-		newlen=(smb->status.max_crcs-1)*sizeof(long);
-		chsize(file,0);	/* truncate it */
-		lseek(file,0L,SEEK_SET);
-		write(file,buf+(length-newlen),newlen); 
+		if(length>=(long)(smb->status.max_crcs*sizeof(long))) {
+			newlen=(smb->status.max_crcs-1)*sizeof(long);
+			chsize(file,0);	/* truncate it */
+			lseek(file,0L,SEEK_SET);
+			write(file,buf+(length-newlen),newlen); 
+		}
+		FREE(buf);
 	}
 	wr=write(file,&crc,sizeof(crc));	/* Write to the end */
-	FREE(buf);
 	close(file);
 
 	if(wr!=sizeof(crc)) {	
-- 
GitLab