[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed May 16 23:10:03 UTC 2018
The branch, master has been updated
via cb9796f ctdb: Check return values of tevent_req_set_endtime()
via 76d5f78 s3:smbd: Fix converity warning with _smb_setlen_large()
via 25c4f8c libcli: Fix coverity warning in smb2cli_notify_send()
via 3f1da75 s4:torture: Make sure variable is initialized in oplock test
via e7e4362 s3:modules: Initialize pointers in vfs_virusfilter
via 228ef49 s3:winbind: Initialize validation_level in winbind_dual_SamLogon()
via 9b8f561 s4:dsdb:tests: Add return code check
from 010cdda Convert affected by previous commit lines from DEBUG(10,..) to DBG_DEBUG().
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit cb9796ffc071c1aa9cd5f1b3ade983978910b29a
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 12:05:40 2018 +0200
ctdb: Check return values of tevent_req_set_endtime()
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 17 01:09:46 CEST 2018 on sn-devel-144
commit 76d5f78bb8de7ed8dfbc0d6b237c6d63ea15678f
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 17:05:38 2018 +0200
s3:smbd: Fix converity warning with _smb_setlen_large()
result_independent_of_operands: "(outsize - 4 & 0xffffff) >> 16 >> 8" is
0 regardless of the values of its operands. This occurs as the bitwise
first operand of "&".
So we should just pass a variable to silence the warning. However for
this, we should calculate it correctly and use size_t for it.
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 25c4f8c561edb83054218d1eba9f92e41a6573c5
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 16:54:47 2018 +0200
libcli: Fix coverity warning in smb2cli_notify_send()
result_independent_of_operands: "(uint16_t)(recursive ? 1 : 0) >> 8" is
0 regardless of the values of its operands. This occurs as the operand
of assignment.
Found by Coverity.
Pair-Programmed-With: Ralph Boehme <slow at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 3f1da75f3a0cf0d5c1cce1b987dda6e0115ca8dc
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 15:06:02 2018 +0200
s4:torture: Make sure variable is initialized in oplock test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e7e4362ba24fe0300b2b649949e097c062a58756
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 12:11:30 2018 +0200
s3:modules: Initialize pointers in vfs_virusfilter
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 228ef49324eba83c045be0f4fef323eba977bf6c
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 12:10:29 2018 +0200
s3:winbind: Initialize validation_level in winbind_dual_SamLogon()
Found by Covertiy.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9b8f5616dbdd7fa593156e000398c00b16dcc84c
Author: Andreas Schneider <asn at samba.org>
Date: Wed May 16 11:53:05 2018 +0200
s4:dsdb:tests: Add return code check
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
ctdb/client/client_control.c | 4 +++-
ctdb/client/client_tunnel.c | 8 ++++++--
ctdb/common/sock_client.c | 4 +++-
libcli/smb/smb2cli_notify.c | 5 ++++-
source3/modules/vfs_virusfilter_sophos.c | 2 +-
source3/smbd/aio.c | 12 ++++++++++--
source3/smbd/error.c | 4 ++--
source3/smbd/process.c | 8 ++++----
source3/smbd/proto.h | 17 +++++++++++------
source3/smbd/reply.c | 4 ++--
source3/winbindd/winbindd_pam.c | 2 +-
.../samdb/ldb_modules/tests/test_unique_object_sids.c | 3 ++-
source4/torture/smb2/oplock.c | 3 ++-
13 files changed, 51 insertions(+), 25 deletions(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/client/client_control.c b/ctdb/client/client_control.c
index 1755ecc..ab0aac8 100644
--- a/ctdb/client/client_control.c
+++ b/ctdb/client/client_control.c
@@ -112,7 +112,9 @@ struct tevent_req *ctdb_client_control_send(TALLOC_CTX *mem_ctx,
}
if (!tevent_timeval_is_zero(&timeout)) {
- tevent_req_set_endtime(req, ev, timeout);
+ if (!tevent_req_set_endtime(req, ev, timeout)) {
+ return tevent_req_post(req, ev);
+ }
}
subreq = comm_write_send(state, ev, client->comm, buf, buflen);
diff --git a/ctdb/client/client_tunnel.c b/ctdb/client/client_tunnel.c
index 17b6546..0bd7a3a 100644
--- a/ctdb/client/client_tunnel.c
+++ b/ctdb/client/client_tunnel.c
@@ -457,7 +457,9 @@ struct tevent_req *ctdb_tunnel_request_send(TALLOC_CTX *mem_ctx,
}
if (!tevent_timeval_is_zero(&timeout)) {
- tevent_req_set_endtime(req, ev, timeout);
+ if (!tevent_req_set_endtime(req, ev, timeout)) {
+ return tevent_req_post(req, ev);
+ }
}
subreq = comm_write_send(state, ev, tctx->client->comm,
@@ -619,7 +621,9 @@ struct tevent_req *ctdb_tunnel_reply_send(TALLOC_CTX *mem_ctx,
}
if (!tevent_timeval_is_zero(&timeout)) {
- tevent_req_set_endtime(req, ev, timeout);
+ if (!tevent_req_set_endtime(req, ev, timeout)) {
+ return tevent_req_post(req, ev);
+ }
}
subreq = comm_write_send(state, ev, tctx->client->comm, pkt, pkt_len);
diff --git a/ctdb/common/sock_client.c b/ctdb/common/sock_client.c
index ced7050..75f471f 100644
--- a/ctdb/common/sock_client.c
+++ b/ctdb/common/sock_client.c
@@ -247,7 +247,9 @@ struct tevent_req *sock_client_msg_send(TALLOC_CTX *mem_ctx,
tevent_req_set_callback(subreq, sock_client_msg_done, req);
if (! timeval_is_zero(&timeout)) {
- tevent_req_set_endtime(req, ev, timeout);
+ if (!tevent_req_set_endtime(req, ev, timeout)) {
+ return tevent_req_post(req, ev);
+ }
}
return req;
diff --git a/libcli/smb/smb2cli_notify.c b/libcli/smb/smb2cli_notify.c
index 34329ba..1a2a279 100644
--- a/libcli/smb/smb2cli_notify.c
+++ b/libcli/smb/smb2cli_notify.c
@@ -52,15 +52,18 @@ struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx,
struct tevent_req *req, *subreq;
struct smb2cli_notify_state *state;
uint8_t *fixed;
+ uint16_t watch_tree;
req = tevent_req_create(mem_ctx, &state,
struct smb2cli_notify_state);
if (req == NULL) {
return NULL;
}
+
+ watch_tree = recursive ? SMB2_WATCH_TREE : 0;
fixed = state->fixed;
SSVAL(fixed, 0, 32);
- SSVAL(fixed, 2, recursive ? SMB2_WATCH_TREE : 0);
+ SSVAL(fixed, 2, watch_tree);
SIVAL(fixed, 4, output_buffer_length);
SBVAL(fixed, 8, fid_persistent);
SBVAL(fixed, 16, fid_volatile);
diff --git a/source3/modules/vfs_virusfilter_sophos.c b/source3/modules/vfs_virusfilter_sophos.c
index 72051cd..82f9cbc 100644
--- a/source3/modules/vfs_virusfilter_sophos.c
+++ b/source3/modules/vfs_virusfilter_sophos.c
@@ -234,7 +234,7 @@ static virusfilter_result virusfilter_sophos_scan(
virusfilter_result result = VIRUSFILTER_RESULT_ERROR;
char *report = NULL;
char *reply = NULL;
- char *reply_token, *reply_saveptr;
+ char *reply_token = NULL, *reply_saveptr = NULL;
int ret;
bool ok;
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c
index abf8858..b984036 100644
--- a/source3/smbd/aio.c
+++ b/source3/smbd/aio.c
@@ -239,7 +239,7 @@ static void aio_pread_smb1_done(struct tevent_req *req)
struct aio_extra *aio_ex = tevent_req_callback_data(
req, struct aio_extra);
files_struct *fsp = aio_ex->fsp;
- int outsize;
+ size_t outsize;
char *outbuf = (char *)aio_ex->outbuf.data;
ssize_t nread;
struct vfs_aio_state vfs_aio_state;
@@ -276,7 +276,15 @@ static void aio_pread_smb1_done(struct tevent_req *req)
(int)aio_ex->nbyte, (int)nread ) );
}
- _smb_setlen_large(outbuf, outsize - 4);
+
+ if (outsize <= 4) {
+ DBG_INFO("Invalid outsize (%zu)\n", outsize);
+ TALLOC_FREE(aio_ex);
+ return;
+ }
+ outsize -= 4;
+ _smb_setlen_large(outbuf, outsize);
+
show_msg(outbuf);
if (!srv_send_smb(aio_ex->smbreq->xconn, outbuf,
true, aio_ex->smbreq->seqnum+1,
diff --git a/source3/smbd/error.c b/source3/smbd/error.c
index c91f5b0..3f9ecaa 100644
--- a/source3/smbd/error.c
+++ b/source3/smbd/error.c
@@ -105,9 +105,9 @@ void error_packet_set(char *outbuf, uint8_t eclass, uint32_t ecode, NTSTATUS nts
}
}
-int error_packet(char *outbuf, uint8_t eclass, uint32_t ecode, NTSTATUS ntstatus, int line, const char *file)
+size_t error_packet(char *outbuf, uint8_t eclass, uint32_t ecode, NTSTATUS ntstatus, int line, const char *file)
{
- int outsize = srv_set_message(outbuf,0,0,True);
+ size_t outsize = srv_set_message(outbuf,0,0,True);
error_packet_set(outbuf, eclass, ecode, ntstatus, line, file);
return outsize;
}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 6a3395c..936b535 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -274,10 +274,10 @@ out:
Setup the word count and byte count for a smb message.
********************************************************************/
-int srv_set_message(char *buf,
- int num_words,
- int num_bytes,
- bool zero)
+size_t srv_set_message(char *buf,
+ size_t num_words,
+ size_t num_bytes,
+ bool zero)
{
if (zero && (num_words || num_bytes)) {
memset(buf + smb_size,'\0',num_words*2 + num_bytes);
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 778561c..bee7aca 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -293,7 +293,12 @@ struct timespec get_change_timespec(connection_struct *conn,
bool use_nt_status(void);
void error_packet_set(char *outbuf, uint8_t eclass, uint32_t ecode, NTSTATUS ntstatus, int line, const char *file);
-int error_packet(char *outbuf, uint8_t eclass, uint32_t ecode, NTSTATUS ntstatus, int line, const char *file);
+size_t error_packet(char *outbuf,
+ uint8_t eclass,
+ uint32_t ecode,
+ NTSTATUS ntstatus,
+ int line,
+ const char *file);
void reply_nt_error(struct smb_request *req, NTSTATUS ntstatus,
int line, const char *file);
void reply_force_dos_error(struct smb_request *req, uint8_t eclass, uint32_t ecode,
@@ -825,10 +830,10 @@ bool srv_send_smb(struct smbXsrv_connection *xconn, char *buffer,
bool no_signing, uint32_t seqnum,
bool do_encrypt,
struct smb_perfcount_data *pcd);
-int srv_set_message(char *buf,
- int num_words,
- int num_bytes,
- bool zero);
+size_t srv_set_message(char *buf,
+ size_t num_words,
+ size_t num_bytes,
+ bool zero);
void remove_deferred_open_message_smb(struct smbXsrv_connection *xconn,
uint64_t mid);
bool schedule_deferred_open_message_smb(struct smbXsrv_connection *xconn,
@@ -955,7 +960,7 @@ ssize_t sendfile_short_send(struct smbXsrv_connection *xconn,
size_t smb_maxcnt);
void reply_readbraw(struct smb_request *req);
void reply_lockread(struct smb_request *req);
-int setup_readX_header(char *outbuf, size_t smb_maxcnt);
+size_t setup_readX_header(char *outbuf, size_t smb_maxcnt);
void reply_read(struct smb_request *req);
void reply_read_and_X(struct smb_request *req);
void error_to_writebrawerr(struct smb_request *req);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 92a65f5..fc56e32 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3926,9 +3926,9 @@ out:
Setup readX header.
****************************************************************************/
-int setup_readX_header(char *outbuf, size_t smb_maxcnt)
+size_t setup_readX_header(char *outbuf, size_t smb_maxcnt)
{
- int outsize;
+ size_t outsize;
outsize = srv_set_message(outbuf,12,smb_maxcnt + 1 /* padding byte */,
False);
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index a7e1681..2556427 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -2247,7 +2247,7 @@ NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain,
uint16_t *_validation_level,
union netr_Validation **_validation)
{
- uint16_t validation_level;
+ uint16_t validation_level = 0;
union netr_Validation *validation = NULL;
NTSTATUS result;
diff --git a/source4/dsdb/samdb/ldb_modules/tests/test_unique_object_sids.c b/source4/dsdb/samdb/ldb_modules/tests/test_unique_object_sids.c
index dfc6d49..f9065e4 100644
--- a/source4/dsdb/samdb/ldb_modules/tests/test_unique_object_sids.c
+++ b/source4/dsdb/samdb/ldb_modules/tests/test_unique_object_sids.c
@@ -405,11 +405,12 @@ static void test_modify_of_objectSID_replicated(void **state)
assert_non_null(request);
original_request = request;
- ldb_request_add_control(
+ rc = ldb_request_add_control(
request,
DSDB_CONTROL_REPLICATED_UPDATE_OID,
false,
NULL);
+ assert_int_equal(rc, LDB_SUCCESS);
rc = unique_object_sids_modify(test_ctx->module, request);
diff --git a/source4/torture/smb2/oplock.c b/source4/torture/smb2/oplock.c
index cb1b5ed..6e53007 100644
--- a/source4/torture/smb2/oplock.c
+++ b/source4/torture/smb2/oplock.c
@@ -4976,7 +4976,8 @@ static void child_sig_term_handler(struct tevent_context *ev,
void *private_data)
{
int *pstatus = (int *)private_data;
- int status;
+ int status = 0;
+
wait(&status);
if (WIFEXITED(status)) {
*pstatus = WEXITSTATUS(status);
--
Samba Shared Repository
More information about the samba-cvs
mailing list