svn commit: samba r15260 - in
branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4: .
jelmer at samba.org
jelmer at samba.org
Wed Apr 26 00:08:40 GMT 2006
Author: jelmer
Date: 2006-04-26 00:08:39 +0000 (Wed, 26 Apr 2006)
New Revision: 15260
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15260
Log:
Don't dereference NULL pointers to obtain array lengths - found by
the IBM checker
Modified:
branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm
Changeset:
Modified: branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm
===================================================================
--- branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm 2006-04-25 23:46:41 UTC (rev 15259)
+++ branches/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba4/EJS.pm 2006-04-26 00:08:39 UTC (rev 15260)
@@ -117,6 +117,18 @@
}
#####################################################################
+# check that a variable we get from ParseExpr isn't a null pointer
+sub check_null_pointer($)
+{
+ my $size = shift;
+ if ($size =~ /^\*/) {
+ my $size2 = substr($size, 1);
+ pidl "if ($size2 == NULL) return NT_STATUS_INVALID_PARAMETER_MIX;";
+ }
+}
+
+
+#####################################################################
# work out is a parse function should be declared static or not
sub fn_declare($$)
{
@@ -196,6 +208,7 @@
if (!$l->{IS_FIXED}) {
pidl "EJS_ALLOC_N(ejs, $var, $size);";
}
+ check_null_pointer($length);
pidl "ejs_pull_array_uint8(ejs, v, $name, $var, $length);";
return;
}
@@ -492,6 +505,7 @@
}
# uint8 arrays are treated as data blobs
if ($nl->{TYPE} eq 'DATA' && $e->{TYPE} eq 'uint8') {
+ check_null_pointer($length);
pidl "ejs_push_array_uint8(ejs, v, $name, $var, $length);";
return;
}
More information about the samba-cvs
mailing list