[SCM] Samba Shared Repository - branch master updated
Douglas Bagnall
dbagnall at samba.org
Mon Aug 24 00:22:02 UTC 2020
The branch, master has been updated
via df98e7db04c s4/dns: do not crash when additional data not found
via 7afe449e720 s4: dns: Ensure variable initialization with NULL.
from ccaf661f7c7 tldap: Receiving "msgid == 0" means the connection is dead
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit df98e7db04c901259dd089e20cd557bdbdeaf379
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Fri Aug 21 17:23:17 2020 +1200
s4/dns: do not crash when additional data not found
Found by Francis Brosnan Blázquez <francis at aspl.es>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Mon Aug 24 00:21:41 UTC 2020 on sn-devel-184
commit 7afe449e7201be92bed8e53cbb37b74af720ef4e
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Fri Aug 21 17:10:22 2020 +1200
s4: dns: Ensure variable initialization with NULL.
Ensure no use after free.
Based on patches from Francis Brosnan Blázquez <francis at aspl.es>
and Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 31 ++++++++++++++-----------
1 file changed, 17 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index b6389f2328a..88efc01f154 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -1759,15 +1759,17 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
TALLOC_CTX *tmp_ctx;
char *name;
const char * const attrs[] = { "name", "dnsRecord", NULL };
- struct ldb_result *res;
- struct DNS_RPC_RECORDS_ARRAY *recs;
+ struct ldb_result *res = NULL;
+ struct DNS_RPC_RECORDS_ARRAY *recs = NULL;
char **add_names = NULL;
- char *rname;
+ char *rname = NULL;
const char *preference_name = NULL;
int add_count = 0;
int i, ret, len;
WERROR status;
- struct dns_tree *tree, *base, *node;
+ struct dns_tree *tree = NULL;
+ struct dns_tree *base = NULL;
+ struct dns_tree *node = NULL;
tmp_ctx = talloc_new(mem_ctx);
W_ERROR_HAVE_NO_MEMORY(tmp_ctx);
@@ -1850,15 +1852,15 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
}
}
- talloc_free(res);
- talloc_free(tree);
- talloc_free(name);
+ TALLOC_FREE(res);
+ TALLOC_FREE(tree);
+ TALLOC_FREE(name);
/* Add any additional records */
if (select_flag & DNS_RPC_VIEW_ADDITIONAL_DATA) {
for (i=0; i<add_count; i++) {
- struct dnsserver_zone *z2;
-
+ struct dnsserver_zone *z2 = NULL;
+ struct ldb_message *msg = NULL;
/* Search all the available zones for additional name */
for (z2 = dsstate->zones; z2; z2 = z2->next) {
char *encoded_name;
@@ -1870,14 +1872,15 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))",
encoded_name);
- talloc_free(name);
+ TALLOC_FREE(name);
if (ret != LDB_SUCCESS) {
continue;
}
if (res->count == 1) {
+ msg = res->msgs[0];
break;
} else {
- talloc_free(res);
+ TALLOC_FREE(res);
continue;
}
}
@@ -1890,10 +1893,10 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate,
}
status = dns_fill_records_array(tmp_ctx, NULL, DNS_TYPE_A,
select_flag, rname,
- res->msgs[0], 0, recs,
+ msg, 0, recs,
NULL, NULL);
- talloc_free(rname);
- talloc_free(res);
+ TALLOC_FREE(rname);
+ TALLOC_FREE(res);
if (!W_ERROR_IS_OK(status)) {
talloc_free(tmp_ctx);
return status;
--
Samba Shared Repository
More information about the samba-cvs
mailing list