[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Jan 8 04:45:03 UTC 2016
The branch, master has been updated
via 657610a smbd: Fix 240393 Uninitialized pointer read
via fc4c2dc bind_dlz: Fix CID 1347318 Unchecked return value
via 0cb8b9d ctdb: Fix CID 1347319 Unchecked return value
via 4a3ad42 samdb: Fix CID 1347320 Dereference null return value
from 78e9f1e build: Add space before -D option
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 657610a0e423aa0cd17f9137845a335b02217884
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 7 21:33:18 2016 +0100
smbd: Fix 240393 Uninitialized pointer read
If we run into the "This is a stream on the root of the share" case,
in old line 409 (new line 417) we "goto done;". If then in old line 1027
(new line 1035) "build_stream_path" fails, "start" is uninitialized.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 8 05:44:15 CET 2016 on sn-devel-144
commit fc4c2dcd526851fa938f6d8edb15b58fbb644a45
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 7 21:17:43 2016 +0100
bind_dlz: Fix CID 1347318 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 0cb8b9d113b322f784100365669d2be8b7fa635a
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 7 21:14:05 2016 +0100
ctdb: Fix CID 1347319 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4a3ad425b92122f5b5e61b140eb52d3fe06b724e
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 7 21:10:24 2016 +0100
samdb: Fix CID 1347320 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
ctdb/common/system_linux.c | 8 +++++++-
source3/smbd/filename.c | 10 +++++++++-
source4/dns_server/dlz_bind9.c | 16 +++++++++++++---
source4/dsdb/samdb/ldb_modules/samldb.c | 6 ++++++
4 files changed, 35 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c
index 6447f56..55c22c5 100644
--- a/ctdb/common/system_linux.c
+++ b/ctdb/common/system_linux.c
@@ -247,7 +247,13 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface)
ip6->ip6_hlim = 255;
ip6->ip6_src = addr->ip6.sin6_addr;
/* all-nodes multicast */
- inet_pton(AF_INET6, "ff02::1", &ip6->ip6_dst);
+
+ ret = inet_pton(AF_INET6, "ff02::1", &ip6->ip6_dst);
+ if (ret != 1) {
+ close(s);
+ DEBUG(DEBUG_CRIT,(__location__ " failed inet_pton\n"));
+ return -1;
+ }
nd_na = (struct nd_neighbor_advert *)(ip6+1);
nd_na->nd_na_type = ND_NEIGHBOR_ADVERT;
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index c2ed1fc..f2c9184 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -235,7 +235,15 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx,
uint32_t ucf_flags)
{
struct smb_filename *smb_fname = NULL;
- char *start, *end;
+
+ /*
+ * This looks strange. But we need "start" initialized to "" here but
+ * it can't be a const char *, so 'char *start = "";' does not work.
+ */
+ char cnull = '\0';
+ char *start = &cnull;
+
+ char *end;
char *dirpath = NULL;
char *stream = NULL;
bool component_was_mangled = False;
diff --git a/source4/dns_server/dlz_bind9.c b/source4/dns_server/dlz_bind9.c
index 7a76fe5..4c21a5e 100644
--- a/source4/dns_server/dlz_bind9.c
+++ b/source4/dns_server/dlz_bind9.c
@@ -1438,10 +1438,20 @@ static bool b9_record_match(struct dlz_bind9_data *state,
switch (rec1->wType) {
case DNS_TYPE_A:
return strcmp(rec1->data.ipv4, rec2->data.ipv4) == 0;
- case DNS_TYPE_AAAA:
- inet_pton(AF_INET6, rec1->data.ipv6, &rec1_in_addr6);
- inet_pton(AF_INET6, rec2->data.ipv6, &rec2_in_addr6);
+ case DNS_TYPE_AAAA: {
+ int ret;
+
+ ret = inet_pton(AF_INET6, rec1->data.ipv6, &rec1_in_addr6);
+ if (ret != 1) {
+ return false;
+ }
+ ret = inet_pton(AF_INET6, rec2->data.ipv6, &rec2_in_addr6);
+ if (ret != 1) {
+ return false;
+ }
+
return memcmp(&rec1_in_addr6, &rec2_in_addr6, sizeof(rec1_in_addr6)) == 0;
+ }
case DNS_TYPE_CNAME:
return dns_name_equal(rec1->data.cname, rec2->data.cname);
case DNS_TYPE_TXT:
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index b9b57db..2394bd9 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -2886,6 +2886,12 @@ static int samldb_verify_subnet(struct samldb_ctx *ac)
const struct ldb_val *rdn_value = NULL;
rdn_value = ldb_dn_get_rdn_val(ac->msg->dn);
+ if (rdn_value == NULL) {
+ ldb_set_errstring(ldb, "samldb: ldb_dn_get_rdn_val "
+ "failed");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
cidr = ldb_dn_escape_value(ac, *rdn_value);
DBG_INFO("looking at cidr '%s'\n", cidr);
if (cidr == NULL) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list