svn commit: samba r12853 - branches/SAMBA_3_0/source/include branches/SAMBA_3_0/source/rpc_client trunk/source/include trunk/source/rpc_client

gd at samba.org gd at samba.org
Wed Jan 11 19:18:41 GMT 2006 

Author: gd
Date: 2006-01-11 19:18:40 +0000 (Wed, 11 Jan 2006)
New Revision: 12853

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12853

Log:
Fix segfault in "net rpc vampire|samdump" (Bugzilla #3390).

The session key, after beeing set, was zeroed later on by the prs_init
in the CLI_DO_RPC macro.

Guenther

Modified:
   branches/SAMBA_3_0/source/include/rpc_client.h
   branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c
   trunk/source/include/rpc_client.h
   trunk/source/rpc_client/cli_netlogon.c


Changeset:
Modified: branches/SAMBA_3_0/source/include/rpc_client.h
===================================================================
--- branches/SAMBA_3_0/source/include/rpc_client.h	2006-01-11 18:22:06 UTC (rev 12852)
+++ branches/SAMBA_3_0/source/include/rpc_client.h	2006-01-11 19:18:40 UTC (rev 12853)
@@ -23,8 +23,8 @@
 
 /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */
 
-#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
-                             q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+#define CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+                             q_ps, r_ps, q_io_fn, r_io_fn, default_error, copy_sess_key ) \
 {\
 	SMB_ASSERT(pcli->pipe_idx == p_idx); \
 	if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
@@ -34,6 +34,7 @@
 		prs_mem_free( &q_ps );\
 		return NT_STATUS_NO_MEMORY;\
 	}\
+	if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\
 	if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
 		NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
 		if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\
@@ -41,6 +42,7 @@
 			prs_mem_free( &r_ps );\
 			return _smb_pipe_stat_;\
 		}\
+		if ( copy_sess_key ) prs_set_session_key(&r_ps, (const char *)pcli->dc->sess_key);\
 		if (!r_io_fn("", &r_out, &r_ps, 0)) {\
 			prs_mem_free( &q_ps );\
 			prs_mem_free( &r_ps );\
@@ -55,6 +57,21 @@
 	prs_mem_free( &r_ps );\
 }
 
+#define CLI_DO_RPC_COPY_SESS_KEY( pcli, ctx, p_idx, opnum, q_in, r_out, \
+				  q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+{\
+	CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+			     q_ps, r_ps, q_io_fn, r_io_fn, default_error, True ); \
+}
+
+#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
+                    q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+{\
+	CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+			     q_ps, r_ps, q_io_fn, r_io_fn, default_error, False ); \
+}
+
+
 /* Arrrgg. Same but with WERRORS. Needed for registry code. */
 
 #define CLI_DO_RPC_WERR( pcli, ctx, p_idx, opnum, q_in, r_out, \

Modified: branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c	2006-01-11 18:22:06 UTC (rev 12852)
+++ branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c	2006-01-11 19:18:40 UTC (rev 12853)
@@ -604,15 +604,12 @@
 
 	creds_client_step(cli->dc, &clnt_creds);
 
-	prs_set_session_key(&qbuf, (const char *)cli->dc->sess_key);
-	prs_set_session_key(&rbuf, (const char *)cli->dc->sess_key);
-
 	init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
                             &clnt_creds, &ret_creds, database_id, next_rid);
 
 	/* Marshall data and send request */
 
-	CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
+	CLI_DO_RPC_COPY_SESS_KEY(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
 		q, r,
 		qbuf, rbuf,
 		net_io_q_sam_sync,

Modified: trunk/source/include/rpc_client.h
===================================================================
--- trunk/source/include/rpc_client.h	2006-01-11 18:22:06 UTC (rev 12852)
+++ trunk/source/include/rpc_client.h	2006-01-11 19:18:40 UTC (rev 12853)
@@ -23,8 +23,8 @@
 
 /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */
 
-#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
-                             q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+#define CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+                             q_ps, r_ps, q_io_fn, r_io_fn, default_error, copy_sess_key ) \
 {\
 	SMB_ASSERT(pcli->pipe_idx == p_idx); \
 	if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
@@ -34,6 +34,7 @@
 		prs_mem_free( &q_ps );\
 		return NT_STATUS_NO_MEMORY;\
 	}\
+	if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\
 	if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
 		NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
 		if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\
@@ -41,6 +42,7 @@
 			prs_mem_free( &r_ps );\
 			return _smb_pipe_stat_;\
 		}\
+		if ( copy_sess_key ) prs_set_session_key(&r_ps, (const char *)pcli->dc->sess_key);\
 		if (!r_io_fn("", &r_out, &r_ps, 0)) {\
 			prs_mem_free( &q_ps );\
 			prs_mem_free( &r_ps );\
@@ -55,6 +57,21 @@
 	prs_mem_free( &r_ps );\
 }
 
+#define CLI_DO_RPC_COPY_SESS_KEY( pcli, ctx, p_idx, opnum, q_in, r_out, \
+				  q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+{\
+	CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+			     q_ps, r_ps, q_io_fn, r_io_fn, default_error, True ); \
+}
+
+#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
+                    q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
+{\
+	CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
+			     q_ps, r_ps, q_io_fn, r_io_fn, default_error, False ); \
+}
+
+
 /* Arrrgg. Same but with WERRORS. Needed for registry code. */
 
 #define CLI_DO_RPC_WERR( pcli, ctx, p_idx, opnum, q_in, r_out, \

Modified: trunk/source/rpc_client/cli_netlogon.c
===================================================================
--- trunk/source/rpc_client/cli_netlogon.c	2006-01-11 18:22:06 UTC (rev 12852)
+++ trunk/source/rpc_client/cli_netlogon.c	2006-01-11 19:18:40 UTC (rev 12853)
@@ -604,15 +604,12 @@
 
 	creds_client_step(cli->dc, &clnt_creds);
 
-	prs_set_session_key(&qbuf, (const char *)cli->dc->sess_key);
-	prs_set_session_key(&rbuf, (const char *)cli->dc->sess_key);
-
 	init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
                             &clnt_creds, &ret_creds, database_id, next_rid);
 
 	/* Marshall data and send request */
 
-	CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
+	CLI_DO_RPC_COPY_SESS_KEY(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
 		q, r,
 		qbuf, rbuf,
 		net_io_q_sam_sync,

More information about the samba-cvs mailing list