svn commit: samba r15260 - in branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4: .

jelmer at samba.org jelmer at samba.org
Wed Apr 26 00:08:40 GMT 2006


Author: jelmer
Date: 2006-04-26 00:08:39 +0000 (Wed, 26 Apr 2006)
New Revision: 15260

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15260

Log:
Don't dereference NULL pointers to obtain array lengths - found by 
the IBM checker

Modified:
   branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm


Changeset:
Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm
===================================================================
--- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm	2006-04-25 23:46:41 UTC (rev 15259)
+++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm	2006-04-26 00:08:39 UTC (rev 15260)
@@ -117,6 +117,18 @@
 }
 
 #####################################################################
+# check that a variable we get from ParseExpr isn't a null pointer
+sub check_null_pointer($)
+{
+	my $size = shift;
+	if ($size =~ /^\*/) {
+		my $size2 = substr($size, 1);
+		pidl "if ($size2 == NULL) return NT_STATUS_INVALID_PARAMETER_MIX;";
+	}
+}
+
+
+#####################################################################
 # work out is a parse function should be declared static or not
 sub fn_declare($$)
 {
@@ -196,6 +208,7 @@
 		if (!$l->{IS_FIXED}) {
 			pidl "EJS_ALLOC_N(ejs, $var, $size);";
 		}
+		check_null_pointer($length);
 		pidl "ejs_pull_array_uint8(ejs, v, $name, $var, $length);";
 		return;
 	}
@@ -492,6 +505,7 @@
 	}
 	# uint8 arrays are treated as data blobs
 	if ($nl->{TYPE} eq 'DATA' && $e->{TYPE} eq 'uint8') {
+		check_null_pointer($length);
 		pidl "ejs_push_array_uint8(ejs, v, $name, $var, $length);";
 		return;
 	}



More information about the samba-cvs mailing list