[SCM] Samba Shared Repository - branch master updated

Günther Deschner gd at samba.org
Wed Jan 4 08:55:04 MST 2012


The branch, master has been updated
       via  bd5fe0a s3-perfcount: fix incorrect array length calculations
       via  a96a953 s3-perfcount: fix build for example perfcount daemon
      from  69a67a1 s3: Check for the packet size before accessing it

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit bd5fe0a3333e5db49e74c982bcfef9737b65cc78
Author: David Disseldorp <ddiss at suse.de>
Date:   Tue Jan 3 10:14:23 2012 +0100

    s3-perfcount: fix incorrect array length calculations
    
    As reported by Ismail Doenmez (idonmez at suse.com), sizeof() is
    incorrectly used by _reg_perfcount_init_data_block() in an attempt to
    determine the length of a talloced array.
    
    Signed-off-by: Günther Deschner <gd at samba.org>
    
    Autobuild-User: Günther Deschner <gd at samba.org>
    Autobuild-Date: Wed Jan  4 16:54:37 CET 2012 on sn-devel-104

commit a96a9534ab688626232240fcb689c82d8f4c1902
Author: David Disseldorp <ddiss at suse.de>
Date:   Tue Jan 3 10:13:02 2012 +0100

    s3-perfcount: fix build for example perfcount daemon
    
    Signed-off-by: Günther Deschner <gd at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 examples/perfcounter/Makefile    |    2 +-
 source3/registry/reg_perfcount.c |   26 +++++++++++++++++---------
 2 files changed, 18 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/examples/perfcounter/Makefile b/examples/perfcounter/Makefile
index bb7022e..86e2190 100644
--- a/examples/perfcounter/Makefile
+++ b/examples/perfcounter/Makefile
@@ -26,7 +26,7 @@ TDB_OBJ = $(TDB_SRC_DIR)/common/tdb.o $(TDB_SRC_DIR)/common/dump.o \
 	$(TDB_SRC_DIR)/common/error.o $(TDB_SRC_DIR)/common/freelist.o \
 	$(TDB_SRC_DIR)/common/io.o $(TDB_SRC_DIR)/common/lock.o \
 	$(TDB_SRC_DIR)/common/open.o $(TDB_SRC_DIR)/common/transaction.o \
-	$(TDB_SRC_DIR)/common/traverse.o
+	$(TDB_SRC_DIR)/common/traverse.o $(TDB_SRC_DIR)/common/hash.o
 PERF_WRITER_OBJ = perf_writer.o perf_writer_mem.o perf_writer_util.o perf_writer_cpu.o perf_writer_process.o perf_writer_disk.o
 
 default: $(PROGS)
diff --git a/source3/registry/reg_perfcount.c b/source3/registry/reg_perfcount.c
index 64e3cbe..3203e09 100644
--- a/source3/registry/reg_perfcount.c
+++ b/source3/registry/reg_perfcount.c
@@ -919,13 +919,13 @@ static bool _reg_perfcount_init_data_block(struct PERF_DATA_BLOCK *block,
 					   bool bigendian_data)
 {
 	smb_ucs2_t *temp = NULL;
+	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	time_t tm;
+	size_t sz;
 
-	if (rpcstr_push_talloc(mem_ctx, &temp, "PERF")==(size_t)-1) {
-		return false;
-	}
-	if (!temp) {
-		return false;
+	sz = rpcstr_push_talloc(tmp_ctx, &temp, "PERF");
+	if ((sz == -1) || (temp == NULL)) {
+		goto err_out;
 	}
 	memcpy(block->Signature, temp, strlen_w(temp) *2);
 
@@ -942,12 +942,15 @@ static bool _reg_perfcount_init_data_block(struct PERF_DATA_BLOCK *block,
 	tm = time(NULL);
 	make_systemtime(&(block->SystemTime), gmtime(&tm));
 	_reg_perfcount_init_data_block_perf(block, names);
-	memset(temp, 0, sizeof(temp));
-	rpcstr_push((void *)temp, lp_netbios_name(), sizeof(temp), STR_TERMINATE);
+
+	sz = rpcstr_push_talloc(tmp_ctx, &temp, lp_netbios_name());
+	if ((sz == -1) || (temp == NULL)) {
+		goto err_out;
+	}
 	block->SystemNameLength = (strlen_w(temp) * 2) + 2;
 	block->data = talloc_zero_array(mem_ctx, uint8, block->SystemNameLength + (8 - (block->SystemNameLength % 8)));
 	if (block->data == NULL) {
-		return False;
+		goto err_out;
 	}
 	memcpy(block->data, temp, block->SystemNameLength);
 	block->SystemNameOffset = sizeof(struct PERF_DATA_BLOCK) - sizeof(block->objects) - sizeof(block->data);
@@ -955,8 +958,13 @@ static bool _reg_perfcount_init_data_block(struct PERF_DATA_BLOCK *block,
 	/* Make sure to adjust for 64-bit alignment for when we finish writing the system name,
 	   so that the PERF_OBJECT_TYPE struct comes out 64-bit aligned */
 	block->HeaderLength += 8 - (block->HeaderLength % 8);
+	talloc_free(tmp_ctx);
 
-	return True;
+	return true;
+
+err_out:
+	talloc_free(tmp_ctx);
+	return false;
 }
 
 /*********************************************************************


-- 
Samba Shared Repository


More information about the samba-cvs mailing list