libsmb: Use smb2 tcon if conn_protocol >= SMB2_02

When the connection protocol is SMB2 the tid from the smb1 member is used instead of smb2 in cli_state_set_tid which often results in a null deref. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310 Signed-off-by: Dan Robertson <[email protected]> Reviewed-by: Jeremy Allison <[email protected]> Reviewed-by: Andreas Schneider <[email protected]>
17500mph · Mar 1, 2018 · b67ffaf · b67ffaf
1 parent 426e4a5
commit b67ffaf
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
@@ -371,7 +371,7 @@ uint32_t cli_state_set_tid(struct cli_state *cli, uint32_t tid)
 	uint32_t ret;
 	if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
 		ret = smb2cli_tcon_current_id(cli->smb2.tcon);
-		smb2cli_tcon_set_id(cli->smb1.tcon, tid);
+		smb2cli_tcon_set_id(cli->smb2.tcon, tid);
 	} else {
 		ret = smb1cli_tcon_current_id(cli->smb1.tcon);
 		smb1cli_tcon_set_id(cli->smb1.tcon, tid);