svn commit: samba r14044 - in trunk/source: rpc_parse smbd
jra at samba.org
jra at samba.org
Wed Mar 8 17:50:58 GMT 2006
Author: jra
Date: 2006-03-08 17:50:57 +0000 (Wed, 08 Mar 2006)
New Revision: 14044
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14044
Log:
After discussion with Jerry revert part of the
Coverity null-ref patch - put prs_rpcbuffer_p
back to the way it was (with an additional
coverity paranoia check) - move the real test
into rpcbuf_alloc_size instead.
Jeremy.
Modified:
trunk/source/rpc_parse/parse_buffer.c
trunk/source/smbd/trans2.c
Changeset:
Modified: trunk/source/rpc_parse/parse_buffer.c
===================================================================
--- trunk/source/rpc_parse/parse_buffer.c 2006-03-08 17:50:44 UTC (rev 14043)
+++ trunk/source/rpc_parse/parse_buffer.c 2006-03-08 17:50:57 UTC (rev 14044)
@@ -108,37 +108,22 @@
data_p = *buffer ? 0xf000baaa : 0;
- if ( !prs_uint32("ptr", ps, depth, &data_p )) {
+ if ( !prs_uint32("ptr", ps, depth, &data_p ))
return False;
- }
- /* We must always return a valid buffer pointer even if the
- client didn't send one - just leave it initialized to null. */
- if ( UNMARSHALLING(ps) ) {
- if ( !(*buffer = PRS_ALLOC_MEM(ps, RPC_BUFFER, 1)) ) {
- return False;
- }
- }
-
/* we're done if there is no data */
- if (!data_p) {
- if (UNMARSHALLING(ps)) {
- RPC_BUFFER *pbuffer = *buffer;
- /* On unmarshalling we must return a valid,
- but zero size value RPC_BUFFER. */
- pbuffer->size = 0;
- pbuffer->string_at_end = 0;
- if (!prs_init(&pbuffer->prs, 0, prs_get_mem_context(ps), UNMARSHALL)) {
- return False;
- }
- }
+ if ( !data_p )
return True;
- }
- /* Coverity paranoia. Buffer must be valid. */
- if (!*buffer) {
- return False;
+ if ( UNMARSHALLING(ps) ) {
+ if ( !(*buffer = PRS_ALLOC_MEM(ps, RPC_BUFFER, 1)) )
+ return False;
+ } else {
+ /* Marshalling case. - coverity paranoia - should already be ok if data_p != 0 */
+ if (!*buffer) {
+ return True;
+ }
}
return prs_rpcbuffer( desc, ps, depth, *buffer);
@@ -158,7 +143,11 @@
if ( buffer_size == 0x0 )
return True;
-
+
+ if (!buffer) {
+ return False;
+ }
+
ps= &buffer->prs;
/* damn, I'm doing the reverse operation of prs_grow() :) */
Modified: trunk/source/smbd/trans2.c
===================================================================
--- trunk/source/smbd/trans2.c 2006-03-08 17:50:44 UTC (rev 14043)
+++ trunk/source/smbd/trans2.c 2006-03-08 17:50:57 UTC (rev 14044)
@@ -2778,7 +2778,7 @@
char *fullpathname;
char *base_name;
char *p;
- char *lock_data;
+ char *lock_data = NULL;
SMB_OFF_T pos = 0;
BOOL bad_path = False;
BOOL delete_pending = False;
More information about the samba-cvs
mailing list