[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-445-gb6b5f92

Jeremy Allison jra at samba.org
Mon Dec 3 22:10:29 GMT 2007


The branch, v3-2-test has been updated
       via  b6b5f92bc9457220df384bdb13530c393d294ce7 (commit)
      from  de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit b6b5f92bc9457220df384bdb13530c393d294ce7
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Dec 3 14:09:48 2007 -0800

    Remove pstring from clirap2 by completely rewriting the damn
    thing :-). Now with added paranoia.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source/libsmb/clirap2.c | 3895 +++++++++++++++++++++++++++--------------------
 source/utils/net_rpc.c  |    8 +-
 2 files changed, 2216 insertions(+), 1687 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/libsmb/clirap2.c b/source/libsmb/clirap2.c
index f522e13..d579564 100644
--- a/source/libsmb/clirap2.c
+++ b/source/libsmb/clirap2.c
@@ -3,6 +3,7 @@
    More client RAP (SMB Remote Procedure Calls) functions
    Copyright (C) 2001 Steve French (sfrench at us.ibm.com)
    Copyright (C) 2001 Jim McDonough (jmcd at us.ibm.com)
+   Copyright (C) 2007 Jeremy Allison. jra at samba.org
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -80,916 +81,1140 @@
 #define DWORDSIZE 4
 
 #define PUTBYTE(p,b) do {SCVAL(p,0,b); p++;} while(0)
-#define GETBYTE(p,b) do {b = CVAL(p,0); p++;} while(0)
+
+#define GETBYTE(p,b,endp) \
+	do {\
+		if (p+1 < endp) {\
+			b = CVAL(p,0);\
+		}\
+		p++;\
+	} while(0)
+
 #define PUTWORD(p,w) do {SSVAL(p,0,w); p += WORDSIZE;} while(0)
-#define GETWORD(p,w) do {w = SVAL(p,0); p += WORDSIZE;} while(0)
+
+#define GETWORD(p,w,endp) \
+	do {\
+		if (p+WORDSIZE < endp) {\
+			w = SVAL(p,0);\
+		}\
+		p += WORDSIZE;\
+	} while(0)
+
 #define PUTDWORD(p,d) do {SIVAL(p,0,d); p += DWORDSIZE;} while(0)
-#define GETDWORD(p,d) do {d = IVAL(p,0); p += DWORDSIZE;} while(0)
-#define GETRES(p) p ? SVAL(p,0) : -1
+
+#define GETDWORD(p,d,endp) \
+	do {\
+		if (p+DWORDSIZE < endp) {\
+			d = IVAL(p,0);\
+		}\
+		p += DWORDSIZE;\
+	} while(0)
+
+#define GETRES(p,endp) ((p && p+2 < endp) ? SVAL(p,0) : -1)
+
 /* put string s at p with max len n and increment p past string */
-#define PUTSTRING(p,s,n) do {\
-  push_ascii(p,s?s:"",n?n:256,STR_TERMINATE);\
-  p = push_skip_string(p);\
-  } while(0)
+#define PUTSTRING(p,s,n) \
+	do {\
+		push_ascii(p,s?s:"",n?n:256,STR_TERMINATE);\
+		p = push_skip_string(p);\
+	} while(0)
+
 /* put string s and p, using fixed len l, and increment p by l */
-#define PUTSTRINGF(p,s,l) do {\
-  push_ascii(p,s?s:"",l,STR_TERMINATE);\
-  p += l;\
-  } while (0)
+#define PUTSTRINGF(p,s,l) \
+	do {\
+		push_ascii(p,s?s:"",l,STR_TERMINATE);\
+		p += l;\
+	} while (0)
+
 /* put string pointer at p, supplying offset o from rdata r, store   */
 /* dword offset at p, increment p by 4 and o by length of s.  This   */
 /* means on the first call, you must calc the offset yourself!       */
-#define PUTSTRINGP(p,s,r,o) do {\
-  if (s) {\
-    push_ascii(r+o,s,strlen(s)+1,STR_TERMINATE);\
-    PUTDWORD(p,o);\
-    o += strlen(s) + 1;\
-  } else PUTDWORD(p,0);\
-  }while(0);
-/* get asciiz string s from p, increment p past string */
-#define GETSTRING(p,s) do {\
-  pull_ascii_pstring(s,p);\
-  p = push_skip_string(p);\
-  } while(0)
-/* get fixed length l string s from p, increment p by l */
-#define GETSTRINGF(p,s,l) do {\
-  pull_ascii_pstring(s,p);\
-  p += l;\
-  } while(0)
-/* get string s from offset (obtained at p) from rdata r - converter c */
-#define GETSTRINGP(p,s,r,c) do {\
-  uint32 off;\
-  GETDWORD(p,off);\
-  off &= 0x0000FFFF; /* mask the obsolete segment number from the offset */ \
-  pull_ascii_pstring(s, off?(r+off-c):"");\
-  } while(0)
+
+#define PUTSTRINGP(p,s,r,o) \
+	do {\
+		if (s) {\
+			push_ascii(r+o,s,strlen(s)+1,STR_TERMINATE);\
+			PUTDWORD(p,o);\
+			o += strlen(s) + 1;\
+		} else {\
+			PUTDWORD(p,0);\
+		}\
+	}while(0);
+
+/* get asciiz string dest from src, return increment past string */
+
+static size_t rap_getstring(TALLOC_CTX *ctx, char *src, char **dest, const char *endp)
+{
+	char *p1;
+	size_t len;
+
+	*dest = NULL;
+	for (p1 = src, len = 0; *p1 && p1 < endp; len++)
+		p1++;
+	if (!*p1) {
+		len++;
+	}
+	pull_string_talloc(ctx,src,0,dest,src,len,STR_ASCII);
+	return len;
+}
+
+/* get fixed length l string dest from src, return increment for src */
+
+static size_t rap_getstringf(char *src, char *dest, size_t l, size_t dlen, char *endp)
+{
+	char *p1;
+	size_t len;
+
+	if (dlen) {
+		dest[0] = '\0';
+	}
+	for (p1 = src, len = 0; *p1 && p1 < endp; len++) {
+		p1++;
+	}
+	if (!*p1) {
+		len++;
+	}
+	if (len > l) {
+		len = l;
+	}
+	if (len) {
+	 	pull_ascii(dest,src,len,len,STR_ASCII);
+	}
+	return l;
+}
+
+/* get string dest from offset (obtained at p) from rdata r - converter c */
+static size_t rap_getstringp(TALLOC_CTX *ctx, char *p, char **dest, char *r, uint16_t c, char *endp)
+{
+	uint32_t off = 0;
+	const char *src;
+	size_t len=0;
+
+	*dest = NULL;
+	if (p+4 < endp) {
+		GETDWORD(p,off,endp);
+		off &= 0x0000FFFF; /* mask the obsolete segment number from the offset */
+		off -= c;
+	}
+	if (r+off > endp || r+off < r) {
+		src="";
+		len=1;
+	} else {
+		const char *p1;
+		src=r+off;
+		for (p1 = src, len = 0; *p1 && p1 < endp; len++) {
+			p1++;
+		}
+		if (!*p1) {
+			len++;
+		}
+	}
+	pull_string_talloc(ctx,src,0,dest,src,len,STR_ASCII);
+	return len;
+}
 
 static char *make_header(char *param, uint16 apinum, const char *reqfmt, const char *datafmt)
 {
-  PUTWORD(param,apinum);
-  if (reqfmt)
-    PUTSTRING(param,reqfmt,0);
-  else
-    *param++ = (char) 0;
-
-  if (datafmt)
-    PUTSTRING(param,datafmt,0);
-  else
-    *param++ = (char) 0;
-
-  return param;
+	PUTWORD(param,apinum);
+	if (reqfmt)
+		PUTSTRING(param,reqfmt,0);
+	else
+		*param++ = (char) 0;
+
+	if (datafmt)
+		PUTSTRING(param,datafmt,0);
+	else
+		*param++ = (char) 0;
+
+	return param;
 }
 
 /****************************************************************************
  call a NetGroupDelete - delete user group from remote server
 ****************************************************************************/
-int cli_NetGroupDelete(struct cli_state *cli, const char *group_name )
+
+int cli_NetGroupDelete(struct cli_state *cli, const char *group_name)
 {
-  char *rparam = NULL;
-  char *rdata = NULL;
-  char *p;
-  unsigned int rdrcnt,rprcnt;
-  int res;
-  char param[WORDSIZE                    /* api number    */
+	char *rparam = NULL;
+	char *rdata = NULL;
+	char *p;
+	unsigned int rdrcnt,rprcnt;
+	int res = -1;
+	char param[WORDSIZE                    /* api number    */
 	    +sizeof(RAP_NetGroupDel_REQ) /* parm string   */
 	    +1                           /* no ret string */
 	    +RAP_GROUPNAME_LEN           /* group to del  */
 	    +WORDSIZE];                  /* reserved word */
 
-  /* now send a SMBtrans command with api GroupDel */
-  p = make_header(param, RAP_WGroupDel, RAP_NetGroupDel_REQ, NULL);
-  PUTSTRING(p, group_name, RAP_GROUPNAME_LEN);
-  PUTWORD(p,0);  /* reserved word MBZ on input */
+	/* now send a SMBtrans command with api GroupDel */
+	p = make_header(param, RAP_WGroupDel, RAP_NetGroupDel_REQ, NULL);
+	PUTSTRING(p, group_name, RAP_GROUPNAME_LEN);
+	PUTWORD(p,0);  /* reserved word MBZ on input */
 
-  if (cli_api(cli,
+	if (cli_api(cli,
 	      param, PTR_DIFF(p,param), 1024, /* Param, length, maxlen */
 	      NULL, 0, 200,       /* data, length, maxlen */
 	      &rparam, &rprcnt,   /* return params, length */
 	      &rdata, &rdrcnt))   /* return data, length */
-    {
-      res = GETRES(rparam);
-
-      if (res == 0) {
-	/* nothing to do */
-      }
-      else if ((res == 5) || (res == 65)) {
-          DEBUG(1, ("Access Denied\n"));
-      }
-      else if (res == 2220) {
-         DEBUG (1, ("Group does not exist\n"));
-      }
-      else {
-	DEBUG(4,("NetGroupDelete res=%d\n", res));
-      }
-    } else {
-      res = -1;
-      DEBUG(4,("NetGroupDelete failed\n"));
-    }
-
-  SAFE_FREE(rparam);
-  SAFE_FREE(rdata);
-
-  return res;
+	{
+		char *endp = rparam + rprcnt;
+		res = GETRES(rparam,endp);
+
+		if (res == 0) {
+			/* nothing to do */
+		} else if ((res == 5) || (res == 65)) {
+			DEBUG(1, ("Access Denied\n"));
+		} else if (res == 2220) {
+			DEBUG (1, ("Group does not exist\n"));
+		} else {
+			DEBUG(4,("NetGroupDelete res=%d\n", res));
+		}
+	} else {
+		res = -1;
+		DEBUG(4,("NetGroupDelete failed\n"));
+	}
+
+	SAFE_FREE(rparam);
+	SAFE_FREE(rdata);
+
+	return res;
 }
 
 /****************************************************************************
  call a NetGroupAdd - add user group to remote server
 ****************************************************************************/
-int cli_NetGroupAdd(struct cli_state *cli, RAP_GROUP_INFO_1 * grinfo )
+
+int cli_NetGroupAdd(struct cli_state *cli, RAP_GROUP_INFO_1 *grinfo)
 {
-  char *rparam = NULL;
-  char *rdata = NULL;
-  char *p;
-  unsigned int rdrcnt,rprcnt;
-  int res;
-  char param[WORDSIZE                    /* api number    */
+	char *rparam = NULL;
+	char *rdata = NULL;
+	char *p;
+	unsigned int rdrcnt,rprcnt;
+	int res = -1;
+	char param[WORDSIZE                    /* api number    */
 	    +sizeof(RAP_NetGroupAdd_REQ) /* req string    */
 	    +sizeof(RAP_GROUP_INFO_L1)   /* return string */
 	    +WORDSIZE                    /* info level    */
 	    +WORDSIZE];                  /* reserved word */
 
-  /* offset into data of free format strings.  Will be updated */
-  /* by PUTSTRINGP macro and end up with total data length.    */
-  int soffset = RAP_GROUPNAME_LEN + 1 + DWORDSIZE;
-  char *data;
-  size_t data_size;
+	/* offset into data of free format strings.  Will be updated */
+	/* by PUTSTRINGP macro and end up with total data length.    */
+	int soffset = RAP_GROUPNAME_LEN + 1 + DWORDSIZE;
+	char *data;
+	size_t data_size;
 
-  /* Allocate data. */
-  data_size = MAX(soffset + strlen(grinfo->comment) + 1, 1024);
+	/* Allocate data. */
+	data_size = MAX(soffset + strlen(grinfo->comment) + 1, 1024);
 
-  data = SMB_MALLOC_ARRAY(char, data_size);
-  if (!data) {
-    DEBUG (1, ("Malloc fail\n"));
-    return -1;
-  }
+	data = SMB_MALLOC_ARRAY(char, data_size);
+	if (!data) {
+		DEBUG (1, ("Malloc fail\n"));
+		return -1;
+	}
 
-  /* now send a SMBtrans command with api WGroupAdd */
+	/* now send a SMBtrans command with api WGroupAdd */
 
-  p = make_header(param, RAP_WGroupAdd,
-		  RAP_NetGroupAdd_REQ, RAP_GROUP_INFO_L1);
-  PUTWORD(p, 1); /* info level */
-  PUTWORD(p, 0); /* reserved word 0 */
+	p = make_header(param, RAP_WGroupAdd,
+			RAP_NetGroupAdd_REQ, RAP_GROUP_INFO_L1);
+	PUTWORD(p, 1); /* info level */
+	PUTWORD(p, 0); /* reserved word 0 */
 
-  p = data;
-  PUTSTRINGF(p, grinfo->group_name, RAP_GROUPNAME_LEN);
-  PUTBYTE(p, 0); /* pad byte 0 */
-  PUTSTRINGP(p, grinfo->comment, data, soffset);
+	p = data;
+	PUTSTRINGF(p, grinfo->group_name, RAP_GROUPNAME_LEN);
+	PUTBYTE(p, 0); /* pad byte 0 */
+	PUTSTRINGP(p, grinfo->comment, data, soffset);
 
-  if (cli_api(cli,
+	if (cli_api(cli,
 	      param, sizeof(param), 1024, /* Param, length, maxlen */
 	      data, soffset, sizeof(data), /* data, length, maxlen */
 	      &rparam, &rprcnt,   /* return params, length */
 	      &rdata, &rdrcnt))   /* return data, length */
-    {
-      res = GETRES(rparam);
-
-      if (res == 0) {
-	/* nothing to do */
-      } else if ((res == 5) || (res == 65)) {
-        DEBUG(1, ("Access Denied\n"));
-      }
-      else if (res == 2223) {
-        DEBUG (1, ("Group already exists\n"));
-      }
-      else {
-    	DEBUG(4,("NetGroupAdd res=%d\n", res));
-      }
-    } else {
-      res = -1;
-      DEBUG(4,("NetGroupAdd failed\n"));
-    }
-
-  SAFE_FREE(data);
-  SAFE_FREE(rparam);
-  SAFE_FREE(rdata);
-
-  return res;
+	{
+		char *endp = rparam + rprcnt;
+		res = GETRES(rparam, endp);
+
+		if (res == 0) {
+			/* nothing to do */
+		} else if ((res == 5) || (res == 65)) {
+			DEBUG(1, ("Access Denied\n"));
+		} else if (res == 2223) {
+			DEBUG (1, ("Group already exists\n"));
+		} else {
+			DEBUG(4,("NetGroupAdd res=%d\n", res));
+		}
+	} else {
+		res = -1;
+		DEBUG(4,("NetGroupAdd failed\n"));
+	}
+
+	SAFE_FREE(data);
+	SAFE_FREE(rparam);
+	SAFE_FREE(rdata);
+
+	return res;
 }
 
 /****************************************************************************
-call a NetGroupEnum - try and list user groups on a different host
+ Call a NetGroupEnum - try and list user groups on a different host.
 ****************************************************************************/
+
 int cli_RNetGroupEnum(struct cli_state *cli, void (*fn)(const char *, const char *, void *), void *state)
 {
-  char param[WORDSIZE                     /* api number    */
+	char param[WORDSIZE                     /* api number    */
 	    +sizeof(RAP_NetGroupEnum_REQ) /* parm string   */
 	    +sizeof(RAP_GROUP_INFO_L1)    /* return string */
 	    +WORDSIZE                     /* info level    */
 	    +WORDSIZE];                   /* buffer size   */
-  char *p;
-  char *rparam = NULL;
-  char *rdata = NULL;
-  unsigned int rprcnt, rdrcnt;
-  int res = -1;
-
+	char *p;
+	char *rparam = NULL;
+	char *rdata = NULL;
+	unsigned int rprcnt, rdrcnt;
+	int res = -1;
 
-  memset(param, '\0', sizeof(param));
-  p = make_header(param, RAP_WGroupEnum,
+	memset(param, '\0', sizeof(param));
+	p = make_header(param, RAP_WGroupEnum,
 		  RAP_NetGroupEnum_REQ, RAP_GROUP_INFO_L1);
-  PUTWORD(p,1); /* Info level 1 */  /* add level 0 */
-  PUTWORD(p,0xFFE0); /* Return buffer size */
+	PUTWORD(p,1); /* Info level 1 */  /* add level 0 */
+	PUTWORD(p,0xFFE0); /* Return buffer size */
 
-  if (cli_api(cli,
+	if (cli_api(cli,
 	      param, PTR_DIFF(p,param),8,
 	      NULL, 0, 0xFFE0 /* data area size */,
 	      &rparam, &rprcnt,
 	      &rdata, &rdrcnt)) {
-    res = GETRES(rparam);
-    cli->rap_error = res;
-    if(cli->rap_error == 234)
-        DEBUG(1,("Not all group names were returned (such as those longer than 21 characters)\n"));
-    else if (cli->rap_error != 0) {
-      DEBUG(1,("NetGroupEnum gave error %d\n", cli->rap_error));
-    }
-  }
-
-  if (rdata) {
-    if (res == 0 || res == ERRmoredata) {
-      int i, converter, count;
-
-      p = rparam + WORDSIZE; /* skip result */
-      GETWORD(p, converter);
-      GETWORD(p, count);
-
-      for (i=0,p=rdata;i<count;i++) {
-	    pstring comment;
-	    char groupname[RAP_GROUPNAME_LEN];
-
-	    GETSTRINGF(p, groupname, RAP_GROUPNAME_LEN);
-	    p++; /* pad byte */
-	    GETSTRINGP(p, comment, rdata, converter);
-
-	    fn(groupname, comment, cli);
-      }
-    } else {
-      DEBUG(4,("NetGroupEnum res=%d\n", res));
-    }
-  } else {
-    DEBUG(4,("NetGroupEnum no data returned\n"));
-  }


-- 
Samba Shared Repository


More information about the samba-cvs mailing list