[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Thu Feb 9 11:45:03 MST 2012
The branch, master has been updated
via 744ed53 gensec: Fix a memory corruption in gensec_use_kerberos_mechs
from 5ec1273 s3-printing: Add new printers to registry.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 744ed53a62037a659133ccd4de2065491208ae7d
Author: Volker Lendecke <vl at samba.org>
Date: Thu Feb 9 16:07:12 2012 +0100
gensec: Fix a memory corruption in gensec_use_kerberos_mechs
Without this I get the following valgrind error:
==27740== Invalid write of size 8
==27740== at 0x62C53E: gensec_use_kerberos_mechs (gensec_start.c:112)
==27740== by 0x62C623: gensec_security_mechs (gensec_start.c:141)
==27740== by 0x62C777: gensec_security_by_oid (gensec_start.c:181)
==27740== by 0x62DD6E: gensec_start_mech_by_oid (gensec_start.c:735)
==27740== by 0x50D6FD: negprot_spnego (negprot.c:210)
==27740== by 0x5B0DEA: smbd_smb2_request_process_negprot (smb2_negprot.c:209)
==27740== by 0x5AD036: smbd_smb2_request_dispatch (smb2_server.c:1417)
==27740== by 0x5AFB77: smbd_smb2_first_negprot (smb2_server.c:2643)
==27740== by 0x585C00: process_smb (process.c:1641)
==27740== by 0x587F78: smbd_server_connection_read_handler (process.c:2314)
==27740== by 0x587FD6: smbd_server_connection_handler (process.c:2331)
==27740== by 0x99E05B: run_events_poll (events.c:286)
==27740== by 0x584AFF: smbd_server_connection_loop_once (process.c:984)
==27740== by 0x58B2D9: smbd_process (process.c:3389)
==27740== by 0xDE4CA8: smbd_accept_connection (server.c:469)
==27740== by 0x99E05B: run_events_poll (events.c:286)
==27740== by 0x99E2D5: s3_event_loop_once (events.c:349)
==27740== by 0x99F990: _tevent_loop_once (tevent.c:504)
==27740== by 0xDE5A9B: smbd_parent_loop (server.c:869)
==27740== by 0xDE6DD8: main (server.c:1413)
==27740== Address 0x9ff3538 is 4,232 bytes inside a block of size 8,288 alloc'd
==27740== at 0x4C261D7: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==27740== by 0x6926965: __talloc (talloc.c:560)
==27740== by 0x6926771: talloc_pool (talloc.c:598)
==27740== by 0x93B927: talloc_stackframe_internal (talloc_stack.c:145)
==27740== by 0x93B9D6: talloc_stackframe_pool (talloc_stack.c:171)
==27740== by 0x58B2B7: smbd_process (process.c:3385)
==27740== by 0xDE4CA8: smbd_accept_connection (server.c:469)
==27740== by 0x99E05B: run_events_poll (events.c:286)
==27740== by 0x99E2D5: s3_event_loop_once (events.c:349)
==27740== by 0x99F990: _tevent_loop_once (tevent.c:504)
==27740== by 0xDE5A9B: smbd_parent_loop (server.c:869)
==27740== by 0xDE6DD8: main (server.c:1413)
In the for-loop we can increment j twice, so we need twice as many output array
elements as input array elements.
Autobuild-User: Volker Lendecke <vl at samba.org>
Autobuild-Date: Thu Feb 9 19:44:47 CET 2012 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/gensec_start.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c
index 08b2fb6..ab092a7 100644
--- a/auth/gensec/gensec_start.c
+++ b/auth/gensec/gensec_start.c
@@ -75,7 +75,8 @@ _PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_
/* noop */
}
- new_gensec_list = talloc_array(mem_ctx, struct gensec_security_ops *, num_mechs_in + 1);
+ new_gensec_list = talloc_array(mem_ctx, struct gensec_security_ops *,
+ num_mechs_in*2 + 1);
if (!new_gensec_list) {
return NULL;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list