svn commit: samba r17918 - in branches/SAMBA_3_0_RELEASE/source:
nmbd rpc_parse rpc_server torture utils web
jerry at samba.org
jerry at samba.org
Tue Aug 29 16:07:13 GMT 2006
Author: jerry
Date: 2006-08-29 16:07:10 +0000 (Tue, 29 Aug 2006)
New Revision: 17918
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17918
Log:
* NULL deref fixes
* time fixes for tortore
* nmbd crash fix
Modified:
branches/SAMBA_3_0_RELEASE/source/nmbd/nmbd_namequery.c
branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_samr.c
branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_srvsvc_nt.c
branches/SAMBA_3_0_RELEASE/source/torture/torture.c
branches/SAMBA_3_0_RELEASE/source/utils/ntlm_auth.c
branches/SAMBA_3_0_RELEASE/source/web/cgi.c
Changeset:
Modified: branches/SAMBA_3_0_RELEASE/source/nmbd/nmbd_namequery.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/nmbd/nmbd_namequery.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/nmbd/nmbd_namequery.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -59,7 +59,15 @@
rrec->repeat_count = 0;
/* How long we should wait for. */
- rrec->repeat_time = p->timestamp + nmb->answers->ttl;
+ if (nmb->answers) {
+ rrec->repeat_time = p->timestamp + nmb->answers->ttl;
+ } else {
+ /* No answer - this is probably a corrupt
+ packet.... */
+ DEBUG(0,("query_name_response: missing answer record in "
+ "NMB_WACK_OPCODE response.\n"));
+ rrec->repeat_time = p->timestamp + 10;
+ }
rrec->num_msgs--;
return;
} else if(nmb->header.rcode != 0) {
Modified: branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_samr.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_samr.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/rpc_parse/parse_samr.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -6895,8 +6895,7 @@
q_u->switch_value = switch_value;
q_u->ctr = ctr;
- if (q_u->ctr != NULL)
- q_u->ctr->switch_value = switch_value;
+ q_u->ctr->switch_value = switch_value;
switch (switch_value) {
case 18:
Modified: branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_srvsvc_nt.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_srvsvc_nt.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/rpc_server/srv_srvsvc_nt.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -653,7 +653,9 @@
(*stot) = list_sessions(&session_list);
if (ss0 == NULL) {
- (*snum) = 0;
+ if (snum) {
+ (*snum) = 0;
+ }
SAFE_FREE(session_list);
return;
}
Modified: branches/SAMBA_3_0_RELEASE/source/torture/torture.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/torture/torture.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/torture/torture.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -2433,8 +2433,8 @@
fnum = cli_open(cli, fname,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
cli_close(cli, fnum);
- if (!cli_qpathinfo2(cli, fname, &c_time, &a_time, &m_time,
- &w_time, &size, NULL, NULL)) {
+ if (!cli_qpathinfo2(cli, fname, &c_time, &a_time, &w_time,
+ &m_time, &size, NULL, NULL)) {
printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
correct = False;
} else {
@@ -2455,8 +2455,8 @@
correct = False;
}
sleep(3);
- if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time,
- &w_time, &size, NULL, NULL)) {
+ if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &w_time,
+ &m_time, &size, NULL, NULL)) {
printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
correct = False;
}
@@ -2465,8 +2465,8 @@
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
cli_write(cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum));
cli_close(cli, fnum);
- if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &m_time2,
- &w_time, &size, NULL, NULL)) {
+ if (!cli_qpathinfo2(cli, "\\trans2\\", &c_time, &a_time, &w_time,
+ &m_time2, &size, NULL, NULL)) {
printf("ERROR: qpathinfo2 failed (%s)\n", cli_errstr(cli));
correct = False;
} else {
Modified: branches/SAMBA_3_0_RELEASE/source/utils/ntlm_auth.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/utils/ntlm_auth.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/utils/ntlm_auth.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -1097,7 +1097,6 @@
if (client_ntlmssp_state == NULL) {
DEBUG(1, ("Got NTLMSSP tArg without a client state\n"));
x_fprintf(x_stdout, "BH\n");
- ntlmssp_end(&client_ntlmssp_state);
return;
}
Modified: branches/SAMBA_3_0_RELEASE/source/web/cgi.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/web/cgi.c 2006-08-29 16:05:28 UTC (rev 17917)
+++ branches/SAMBA_3_0_RELEASE/source/web/cgi.c 2006-08-29 16:07:10 UTC (rev 17918)
@@ -80,8 +80,9 @@
}
-
- ret[i] = 0;
+ if (ret) {
+ ret[i] = 0;
+ }
return ret;
}
More information about the samba-cvs
mailing list