13852 smbstat -r dumps core
Reviewed by: Evan Layton <elayton@tintri.com>
Reviewed by: Joyce McIntosh <jmcintosh@tintri.com>
Reviewed by: Matt Barden <mbarden@tintri.com>
Reviewed by: Andrew Stormont <andyjstormont@gmail.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
diff --git a/usr/src/cmd/smbsrv/smbstat/smbstat.c b/usr/src/cmd/smbsrv/smbstat/smbstat.c
index b881165..ebd4e9b 100644
--- a/usr/src/cmd/smbsrv/smbstat/smbstat.c
+++ b/usr/src/cmd/smbsrv/smbstat/smbstat.c
@@ -21,7 +21,7 @@
 
 /*
  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
+ * Copyright 2020 Nexenta by DDN, Inc.  All rights reserved.
  */
 
 /*
@@ -36,9 +36,9 @@
  * The flow of the code is the following:
  *
  *
- * 			+----------------+
- * 			| Initialization |
- * 			+----------------+
+ *			+----------------+
+ *			| Initialization |
+ *			+----------------+
  *				|
  *				|
  *				v
@@ -46,7 +46,7 @@
  *		  | Take a snapshot the data | <--------+
  *		  +--------------------------+		|
  *				|			|
- * 				|			|
+ *				|			|
  *				v			|
  *		    +----------------------+		|
  *		    | Process the snapshot |		|
@@ -62,16 +62,16 @@
  *				v			|
  *		Yes	---------------			|
  *	+------------ < interval == 0 ? >		|
- * 	|		---------------			|
+ *	|		---------------			|
  *	|		       |			|
- * 	|		       | No			|
- * 	|		       v			|
+ *	|		       | No			|
+ *	|		       v			|
  *	|	   +------------------------+		|
- * 	|	   | Sleep for the duration | ----------+
- * 	|	   |   of the interval.     |
- * 	|	   +------------------------+
- * 	|
- * 	+---------------------+
+ *	|	   | Sleep for the duration | ----------+
+ *	|	   |   of the interval.     |
+ *	|	   +------------------------+
+ *	|
+ *	+---------------------+
  *			      |
  *			      v
  *
@@ -1035,7 +1035,9 @@
 
 	for (i = 0; i < SMB_COM_NUM; i++) {
 		info = &smbstat_srv_info.si_reqs1[i];
-		idx = info[i].ri_opcode & 0xFF;
+		idx = info->ri_opcode;
+		if (idx >= SMB_COM_NUM)
+			continue;
 		curr_req = &curr->ss_data.ks_reqs1[idx];
 		prev_req = &prev->ss_data.ks_reqs1[idx];
 		smbstat_srv_process_one_req(
@@ -1044,8 +1046,11 @@
 
 	for (i = 0; i < SMB2__NCMDS; i++) {
 		info = &smbstat_srv_info.si_reqs2[i];
-		curr_req = &curr->ss_data.ks_reqs2[i];
-		prev_req = &prev->ss_data.ks_reqs2[i];
+		idx = info->ri_opcode;
+		if (idx >= SMB2__NCMDS)
+			continue;
+		curr_req = &curr->ss_data.ks_reqs2[idx];
+		prev_req = &prev->ss_data.ks_reqs2[idx];
 		smbstat_srv_process_one_req(
 		    info, curr_req, prev_req, firstcall);
 	}