[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-1001-gd0ee90a

Volker Lendecke vlendec at samba.org
Thu Feb 19 13:21:12 GMT 2009 

The branch, master has been updated
       via  d0ee90ace9e63fd83c997503a694e4c87f8a7e0f (commit)
      from  7d44cd50e8b420c6981ff93f42085ff664b686c5 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit d0ee90ace9e63fd83c997503a694e4c87f8a7e0f
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Feb 19 14:16:44 2009 +0100

    Fix a buffer handling bug when adding lots of registry keys
    
    This is *ancient*... From 2002, and nobody noticed until someone added lots of
    shares using net conf... :-)

-----------------------------------------------------------------------

Summary of changes:
 source3/registry/reg_backend_db.c |   33 ++++++++++++++++++++++++---------
 1 files changed, 24 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c
index a9bb7b1..612b448 100644
--- a/source3/registry/reg_backend_db.c
+++ b/source3/registry/reg_backend_db.c
@@ -536,21 +536,36 @@ static bool regdb_store_keys_internal(const char *key, REGSUBKEY_CTR *ctr)
 	/* pack all the strings */
 
 	for (i=0; i<num_subkeys; i++) {
-		len += tdb_pack(buffer+len, buflen-len, "f",
-				regsubkey_ctr_specific_key(ctr, i));
-		if (len > buflen) {
-			/* allocate some extra space */
-			buffer = (uint8 *)SMB_REALLOC(buffer, len*2);
+		size_t thistime;
+
+		thistime = tdb_pack(buffer+len, buflen-len, "f",
+				    regsubkey_ctr_specific_key(ctr, i));
+		if (len+thistime > buflen) {
+			size_t thistime2;
+			/*
+			 * tdb_pack hasn't done anything because of the short
+			 * buffer, allocate extra space.
+			 */
+			buffer = SMB_REALLOC_ARRAY(buffer, uint8_t,
+						   (len+thistime)*2);
 			if(buffer == NULL) {
 				DEBUG(0, ("regdb_store_keys: Failed to realloc "
-					  "memory of size [%d]\n", len*2));
+					  "memory of size [%d]\n",
+					  (len+thistime)*2));
+				ret = false;
+				goto done;
+			}
+			buflen = (len+thistime)*2;
+			thistime2 = tdb_pack(
+				buffer+len, buflen-len, "f",
+				regsubkey_ctr_specific_key(ctr, i));
+			if (thistime2 != thistime) {
+				DEBUG(0, ("tdb_pack failed\n"));
 				ret = false;
 				goto done;
 			}
-			buflen = len*2;
-			len = tdb_pack(buffer+len, buflen-len, "f",
-				       regsubkey_ctr_specific_key(ctr, i));
 		}
+		len += thistime;
 	}
 
 	/* finally write out the data */


-- 
Samba Shared Repository

More information about the samba-cvs mailing list