[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4866-g75fff60

Günther Deschner gd at samba.org
Sat Jan 24 01:17:48 GMT 2009


The branch, v3-3-test has been updated
       via  75fff603625e0259f187e0fa47efd85887092fae (commit)
       via  547c70e896b6890dd5f7b911e4e0ca107c8a3fa3 (commit)
      from  e1e3a0554fcaabacc5bec51c213622271a83ad04 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit 75fff603625e0259f187e0fa47efd85887092fae
Author: Günther Deschner <gd at samba.org>
Date:   Sat Jan 24 02:10:47 2009 +0100

    s3-eventlog: fix various invalid memcpy in read_package_entry().
    
    Guenther

commit 547c70e896b6890dd5f7b911e4e0ca107c8a3fa3
Author: Günther Deschner <gd at samba.org>
Date:   Sat Jan 24 02:07:40 2009 +0100

    s3-eventlog: fix buffer allocation in eventlog read call.
    
    This broke with f6fa3080fee1b20df9f1968500840a88cf0ee592 back in April 2007...
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/rpc_parse/parse_eventlog.c   |    4 +---
 source/rpc_server/srv_eventlog_nt.c |   10 +++++-----
 2 files changed, 6 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/rpc_parse/parse_eventlog.c b/source/rpc_parse/parse_eventlog.c
index 2ff217e..694615d 100644
--- a/source/rpc_parse/parse_eventlog.c
+++ b/source/rpc_parse/parse_eventlog.c
@@ -166,6 +166,7 @@ bool eventlog_io_r_read_eventlog(const char *desc,
 	/* Now pad with whitespace until the end of the response buffer */
 
 	if (q_u->max_read_size - r_u->num_bytes_in_resp) {
+		r_u->end_of_entries_padding = PRS_ALLOC_MEM(ps, uint8_t, q_u->max_read_size - r_u->num_bytes_in_resp);
 		if (!r_u->end_of_entries_padding) {
 			return False;
 		}
@@ -173,11 +174,8 @@ bool eventlog_io_r_read_eventlog(const char *desc,
 		if(!(prs_uint8s(False, "end of entries padding", ps, 
 				depth, r_u->end_of_entries_padding,
 				(q_u->max_read_size - r_u->num_bytes_in_resp)))) {
-			free(r_u->end_of_entries_padding);
 			return False;
 		}
-
-		free(r_u->end_of_entries_padding);
 	}
 
 	/* We had better be DWORD aligned here */
diff --git a/source/rpc_server/srv_eventlog_nt.c b/source/rpc_server/srv_eventlog_nt.c
index 54d9dae..7c7d53f 100644
--- a/source/rpc_server/srv_eventlog_nt.c
+++ b/source/rpc_server/srv_eventlog_nt.c
@@ -542,30 +542,30 @@ static Eventlog_entry *read_package_entry( prs_struct * ps,
 		return NULL;
 	}
 	offset = entry->data;
-	memcpy( offset, &( entry->data_record.source_name ),
+	memcpy( offset, entry->data_record.source_name,
 		entry->data_record.source_name_len );
 	offset += entry->data_record.source_name_len;
-	memcpy( offset, &( entry->data_record.computer_name ),
+	memcpy( offset, entry->data_record.computer_name,
 		entry->data_record.computer_name_len );
 	offset += entry->data_record.computer_name_len;
 	/* SID needs to be DWORD-aligned */
 	offset += entry->data_record.sid_padding;
 	entry->record.user_sid_offset =
 		sizeof( Eventlog_record ) + ( offset - entry->data );
-	memcpy( offset, &( entry->data_record.sid ),
+	memcpy( offset, entry->data_record.sid,
 		entry->record.user_sid_length );
 	offset += entry->record.user_sid_length;
 	/* Now do the strings */
 	entry->record.string_offset =
 		sizeof( Eventlog_record ) + ( offset - entry->data );
-	memcpy( offset, &( entry->data_record.strings ),
+	memcpy( offset, entry->data_record.strings,
 		entry->data_record.strings_len );
 	offset += entry->data_record.strings_len;
 	/* Now do the data */
 	entry->record.data_length = entry->data_record.user_data_len;
 	entry->record.data_offset =
 		sizeof( Eventlog_record ) + ( offset - entry->data );
-	memcpy( offset, &( entry->data_record.user_data ),
+	memcpy( offset, entry->data_record.user_data,
 		entry->data_record.user_data_len );
 	offset += entry->data_record.user_data_len;
 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list