svn commit: samba r22675 - in branches: SAMBA_3_0/source/modules
SAMBA_3_0/source/nsswitch SAMBA_3_0/source/rpc_client
SAMBA_3_0/source/rpc_server SAMBA_3_0_25/source/modules
SAMBA_3_0_25/source/nsswitch SAMBA_3_0_25/source/rpc_client
SAMBA_3_0_25/source/rpc_server SAMBA_3_0_26/source/modules
SAMBA_3_0_26/source/nsswitch SAMBA_3_0_26/source/rpc_client
SAMBA_3_0_26/source/rpc_server
jra at samba.org
jra at samba.org
Fri May 4 22:01:27 GMT 2007
Author: jra
Date: 2007-05-04 22:01:26 +0000 (Fri, 04 May 2007)
New Revision: 22675
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=22675
Log:
Simo's patch for 0 size allocation. Still need
to examine parse_misc.c fix.
Jeremy.
Modified:
branches/SAMBA_3_0/source/modules/vfs_afsacl.c
branches/SAMBA_3_0/source/nsswitch/idmap.c
branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
branches/SAMBA_3_0/source/rpc_client/cli_svcctl.c
branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c
branches/SAMBA_3_0_25/source/modules/vfs_afsacl.c
branches/SAMBA_3_0_25/source/nsswitch/idmap.c
branches/SAMBA_3_0_25/source/nsswitch/winbindd_async.c
branches/SAMBA_3_0_25/source/rpc_client/cli_svcctl.c
branches/SAMBA_3_0_25/source/rpc_server/srv_lsa_nt.c
branches/SAMBA_3_0_26/source/modules/vfs_afsacl.c
branches/SAMBA_3_0_26/source/nsswitch/idmap.c
branches/SAMBA_3_0_26/source/nsswitch/winbindd_async.c
branches/SAMBA_3_0_26/source/rpc_client/cli_svcctl.c
branches/SAMBA_3_0_26/source/rpc_server/srv_lsa_nt.c
Changeset:
Modified: branches/SAMBA_3_0/source/modules/vfs_afsacl.c
===================================================================
--- branches/SAMBA_3_0/source/modules/vfs_afsacl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0/source/modules/vfs_afsacl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -616,7 +616,7 @@
uid_to_sid(&owner_sid, sbuf.st_uid);
gid_to_sid(&group_sid, sbuf.st_gid);
- if (num_aces) {
+ if (afs_acl->num_aces) {
nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
if (nt_ace_list == NULL)
Modified: branches/SAMBA_3_0/source/nsswitch/idmap.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -1025,17 +1025,16 @@
DEBUG(10, ("Query backends to map sids->ids\n"));
/* split list per domain */
-
- if (num_domains) {
- dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
- IDMAP_CHECK_ALLOC(dom_ids);
- counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
- IDMAP_CHECK_ALLOC(counters);
- } else {
- dom_ids = NULL;
- counters = NULL;
+ if (num_domains == 0) {
+ DEBUG(1, ("No domains available?\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+ dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
+ IDMAP_CHECK_ALLOC(dom_ids);
+ counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
+ IDMAP_CHECK_ALLOC(counters);
+
/* partition the requests by domain */
for (i = 0; ids[i]; i++) {
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_async.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_async.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -273,6 +273,11 @@
DEBUG(3, ("[%5lu]: sids to unix ids\n", (unsigned long)state->pid));
+ if (state->request.extra_len == 0) {
+ DEBUG(0, ("Invalid buffer size!\n"));
+ return WINBINDD_ERROR;
+ }
+
sids = (DOM_SID *)state->request.extra_data.data;
num = state->request.extra_len / sizeof(DOM_SID);
Modified: branches/SAMBA_3_0/source/rpc_client/cli_svcctl.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_client/cli_svcctl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0/source/rpc_client/cli_svcctl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -209,8 +209,12 @@
return out.status;
/* pull out the data */
- if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
- return WERR_NOMEM;
+ if (out.returned) {
+ if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
+ return WERR_NOMEM;
+ } else {
+ services = NULL;
+ }
for ( i=0; i<out.returned; i++ ) {
svcctl_io_enum_services_status( "", &services[i], &out.buffer, 0 );
Modified: branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0/source/rpc_server/srv_lsa_nt.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -825,7 +825,11 @@
*pp_mapped_count = 0;
*pp_ref = NULL;
*pp_names = NULL;
-
+
+ if (num_sids == 0) {
+ return NT_STATUS_OK;
+ }
+
names = TALLOC_ZERO_P(p->mem_ctx, LSA_TRANS_NAME_ENUM2);
sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids);
ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
@@ -845,12 +849,10 @@
return status;
}
- if (num_sids > 0) {
- names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
- names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
- if ((names->name == NULL) || (names->uni_name == NULL)) {
- return NT_STATUS_NO_MEMORY;
- }
+ names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
+ names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
+ if ((names->name == NULL) || (names->uni_name == NULL)) {
+ return NT_STATUS_NO_MEMORY;
}
for (i=0; i<MAX_REF_DOMAINS; i++) {
Modified: branches/SAMBA_3_0_25/source/modules/vfs_afsacl.c
===================================================================
--- branches/SAMBA_3_0_25/source/modules/vfs_afsacl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_25/source/modules/vfs_afsacl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -616,7 +616,7 @@
uid_to_sid(&owner_sid, sbuf.st_uid);
gid_to_sid(&group_sid, sbuf.st_gid);
- if (num_aces) {
+ if (afs_acl->num_aces) {
nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
if (nt_ace_list == NULL)
Modified: branches/SAMBA_3_0_25/source/nsswitch/idmap.c
===================================================================
--- branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -1025,17 +1025,16 @@
DEBUG(10, ("Query backends to map sids->ids\n"));
/* split list per domain */
-
- if (num_domains) {
- dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
- IDMAP_CHECK_ALLOC(dom_ids);
- counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
- IDMAP_CHECK_ALLOC(counters);
- } else {
- dom_ids = NULL;
- counters = NULL;
+ if (num_domains == 0) {
+ DEBUG(1, ("No domains available?\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+ dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
+ IDMAP_CHECK_ALLOC(dom_ids);
+ counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
+ IDMAP_CHECK_ALLOC(counters);
+
/* partition the requests by domain */
for (i = 0; ids[i]; i++) {
Modified: branches/SAMBA_3_0_25/source/nsswitch/winbindd_async.c
===================================================================
--- branches/SAMBA_3_0_25/source/nsswitch/winbindd_async.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_25/source/nsswitch/winbindd_async.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -273,6 +273,11 @@
DEBUG(3, ("[%5lu]: sids to unix ids\n", (unsigned long)state->pid));
+ if (state->request.extra_len == 0) {
+ DEBUG(0, ("Invalid buffer size!\n"));
+ return WINBINDD_ERROR;
+ }
+
sids = (DOM_SID *)state->request.extra_data.data;
num = state->request.extra_len / sizeof(DOM_SID);
Modified: branches/SAMBA_3_0_25/source/rpc_client/cli_svcctl.c
===================================================================
--- branches/SAMBA_3_0_25/source/rpc_client/cli_svcctl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_25/source/rpc_client/cli_svcctl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -209,8 +209,12 @@
return out.status;
/* pull out the data */
- if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
- return WERR_NOMEM;
+ if (out.returned) {
+ if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
+ return WERR_NOMEM;
+ } else {
+ services = NULL;
+ }
for ( i=0; i<out.returned; i++ ) {
svcctl_io_enum_services_status( "", &services[i], &out.buffer, 0 );
Modified: branches/SAMBA_3_0_25/source/rpc_server/srv_lsa_nt.c
===================================================================
--- branches/SAMBA_3_0_25/source/rpc_server/srv_lsa_nt.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_25/source/rpc_server/srv_lsa_nt.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -826,7 +826,11 @@
*pp_mapped_count = 0;
*pp_ref = NULL;
*pp_names = NULL;
-
+
+ if (num_sids == 0) {
+ return NT_STATUS_OK;
+ }
+
names = TALLOC_ZERO_P(p->mem_ctx, LSA_TRANS_NAME_ENUM2);
sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids);
ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
@@ -846,12 +850,10 @@
return status;
}
- if (num_sids > 0) {
- names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
- names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
- if ((names->name == NULL) || (names->uni_name == NULL)) {
- return NT_STATUS_NO_MEMORY;
- }
+ names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
+ names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
+ if ((names->name == NULL) || (names->uni_name == NULL)) {
+ return NT_STATUS_NO_MEMORY;
}
for (i=0; i<MAX_REF_DOMAINS; i++) {
Modified: branches/SAMBA_3_0_26/source/modules/vfs_afsacl.c
===================================================================
--- branches/SAMBA_3_0_26/source/modules/vfs_afsacl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_26/source/modules/vfs_afsacl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -616,7 +616,7 @@
uid_to_sid(&owner_sid, sbuf.st_uid);
gid_to_sid(&group_sid, sbuf.st_gid);
- if (num_aces) {
+ if (afs_acl->num_aces) {
nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
if (nt_ace_list == NULL)
Modified: branches/SAMBA_3_0_26/source/nsswitch/idmap.c
===================================================================
--- branches/SAMBA_3_0_26/source/nsswitch/idmap.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_26/source/nsswitch/idmap.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -1025,17 +1025,16 @@
DEBUG(10, ("Query backends to map sids->ids\n"));
/* split list per domain */
-
- if (num_domains) {
- dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
- IDMAP_CHECK_ALLOC(dom_ids);
- counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
- IDMAP_CHECK_ALLOC(counters);
- } else {
- dom_ids = NULL;
- counters = NULL;
+ if (num_domains == 0) {
+ DEBUG(1, ("No domains available?\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
+ dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
+ IDMAP_CHECK_ALLOC(dom_ids);
+ counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
+ IDMAP_CHECK_ALLOC(counters);
+
/* partition the requests by domain */
for (i = 0; ids[i]; i++) {
Modified: branches/SAMBA_3_0_26/source/nsswitch/winbindd_async.c
===================================================================
--- branches/SAMBA_3_0_26/source/nsswitch/winbindd_async.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_26/source/nsswitch/winbindd_async.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -273,6 +273,11 @@
DEBUG(3, ("[%5lu]: sids to unix ids\n", (unsigned long)state->pid));
+ if (state->request.extra_len == 0) {
+ DEBUG(0, ("Invalid buffer size!\n"));
+ return WINBINDD_ERROR;
+ }
+
sids = (DOM_SID *)state->request.extra_data.data;
num = state->request.extra_len / sizeof(DOM_SID);
Modified: branches/SAMBA_3_0_26/source/rpc_client/cli_svcctl.c
===================================================================
--- branches/SAMBA_3_0_26/source/rpc_client/cli_svcctl.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_26/source/rpc_client/cli_svcctl.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -209,8 +209,12 @@
return out.status;
/* pull out the data */
- if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
- return WERR_NOMEM;
+ if (out.returned) {
+ if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) )
+ return WERR_NOMEM;
+ } else {
+ services = NULL;
+ }
for ( i=0; i<out.returned; i++ ) {
svcctl_io_enum_services_status( "", &services[i], &out.buffer, 0 );
Modified: branches/SAMBA_3_0_26/source/rpc_server/srv_lsa_nt.c
===================================================================
--- branches/SAMBA_3_0_26/source/rpc_server/srv_lsa_nt.c 2007-05-04 19:44:30 UTC (rev 22674)
+++ branches/SAMBA_3_0_26/source/rpc_server/srv_lsa_nt.c 2007-05-04 22:01:26 UTC (rev 22675)
@@ -826,7 +826,11 @@
*pp_mapped_count = 0;
*pp_ref = NULL;
*pp_names = NULL;
-
+
+ if (num_sids == 0) {
+ return NT_STATUS_OK;
+ }
+
names = TALLOC_ZERO_P(p->mem_ctx, LSA_TRANS_NAME_ENUM2);
sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids);
ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
@@ -846,12 +850,10 @@
return status;
}
- if (num_sids > 0) {
- names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
- names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
- if ((names->name == NULL) || (names->uni_name == NULL)) {
- return NT_STATUS_NO_MEMORY;
- }
+ names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
+ names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
+ if ((names->name == NULL) || (names->uni_name == NULL)) {
+ return NT_STATUS_NO_MEMORY;
}
for (i=0; i<MAX_REF_DOMAINS; i++) {
More information about the samba-cvs
mailing list