[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Tue Jan 10 21:19:02 UTC 2023
The branch, master has been updated
via d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression
via ae6e76c082d lib/compression: Fix length check
via 5aafff0aab3 s4:rpc_server/dnsserver: Zero-initialise pointers
via cbe6fb38ec1 lib/tfork: Don't overwrite 'ret' in cleanup phase
via 01bd234f6af lib/talloc: Zero-initialise chunk pointers
from 8ee20346745 smbd: Use an idtree for local IDs
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d7bab36ad11eb4d67dcb6b12fc18d421074b9c5e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Dec 20 09:19:47 2022 +1300
tests/krb5: Use Python bindings for LZ77+Huffman compression
We can now remove our existing decompression implementation in Python.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 10 21:18:01 UTC 2023 on sn-devel-184
commit ae6e76c082d476c260f156ab1eb2501320b8a65e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Jan 9 15:00:14 2023 +1300
lib/compression: Fix length check
Put the division on the correct side of the inequality.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5aafff0aab3c284d2d5099e32c9064b741205ced
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Jan 10 13:06:31 2023 +1300
s4:rpc_server/dnsserver: Zero-initialise pointers
Ensuring pointers are always initialised simplifies the code and avoids
compilation errors with FORTIFY_SOURCE=2.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit cbe6fb38ec13adbe06667f16241d61d4e2a80545
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Jan 10 13:06:25 2023 +1300
lib/tfork: Don't overwrite 'ret' in cleanup phase
The cleanup phase of tfork_create() saves errno prior to calling
functions that might modify it, with the intention of restoring it
afterwards. However, the value of 'ret' is accidentally overwritten. It
will always be equal to 0, and hence errno will not be restored.
Fix this by introducing a new variable, ret2, for calling functions in
the cleanup phase.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 01bd234f6af37641017a00da0dec729928ad3060
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Jan 10 13:06:16 2023 +1300
lib/talloc: Zero-initialise chunk pointers
Ensuring pointers are always initialised avoids compilation errors with
FORTIFY_SOURCE=2.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/compression/pycompression.c | 2 +-
lib/talloc/talloc.c | 12 +--
lib/util/tfork.c | 11 +-
python/samba/tests/krb5/raw_testcase.py | 7 +-
python/samba/tests/krb5/xpress.py | 128 ------------------------
source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 35 ++-----
6 files changed, 23 insertions(+), 172 deletions(-)
delete mode 100644 python/samba/tests/krb5/xpress.py
Changeset truncated at 500 lines:
diff --git a/lib/compression/pycompression.c b/lib/compression/pycompression.c
index 00a207008fb..f67b0ddbe39 100644
--- a/lib/compression/pycompression.c
+++ b/lib/compression/pycompression.c
@@ -126,7 +126,7 @@ static PyObject *plain_decompress(PyObject *mod, PyObject *args)
*/
if (src_len <= 3333333) {
alloc_len = 10000000;
- } else if (src_len / 3 >= UINT32_MAX) {
+ } else if (src_len > UINT32_MAX / 3) {
alloc_len = UINT32_MAX;
} else {
alloc_len = src_len * 3;
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index 0189fa03be0..41fa45bc99b 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -831,7 +831,7 @@ static inline void *__talloc(const void *context,
static inline void *_talloc_pool(const void *context, size_t size)
{
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
struct talloc_pool_hdr *pool_hdr;
void *result;
@@ -977,7 +977,7 @@ static inline void _tc_set_name_const(struct talloc_chunk *tc,
static inline void *_talloc_named_const(const void *context, size_t size, const char *name)
{
void *ptr;
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
ptr = __talloc(context, size, &tc);
if (unlikely(ptr == NULL)) {
@@ -1537,7 +1537,7 @@ _PUBLIC_ void *talloc_named(const void *context, size_t size, const char *fmt, .
va_list ap;
void *ptr;
const char *name;
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
ptr = __talloc(context, size, &tc);
if (unlikely(ptr == NULL)) return NULL;
@@ -1633,7 +1633,7 @@ _PUBLIC_ void *talloc_init(const char *fmt, ...)
va_list ap;
void *ptr;
const char *name;
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
ptr = __talloc(NULL, 0, &tc);
if (unlikely(ptr == NULL)) return NULL;
@@ -2449,7 +2449,7 @@ _PUBLIC_ void *_talloc_memdup(const void *t, const void *p, size_t size, const c
static inline char *__talloc_strlendup(const void *t, const char *p, size_t len)
{
char *ret;
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
ret = (char *)__talloc(t, len + 1, &tc);
if (unlikely(!ret)) return NULL;
@@ -2595,7 +2595,7 @@ static struct talloc_chunk *_vasprintf_tc(const void *t,
size_t len;
char *ret;
va_list ap2;
- struct talloc_chunk *tc;
+ struct talloc_chunk *tc = NULL;
char buf[1024];
/* this call looks strange, but it makes it work on older solaris boxes */
diff --git a/lib/util/tfork.c b/lib/util/tfork.c
index 9867543702e..57a4e18638b 100644
--- a/lib/util/tfork.c
+++ b/lib/util/tfork.c
@@ -739,8 +739,9 @@ struct tfork *tfork_create(void)
struct tfork_state *state = NULL;
struct tfork *t = NULL;
pid_t pid;
- int saved_errno;
+ int saved_errno = 0;
int ret = 0;
+ int ret2;
#ifdef HAVE_PTHREAD
ret = pthread_once(&tfork_global_is_initialized,
@@ -816,16 +817,16 @@ cleanup:
close(t->event_fd);
}
- ret = tfork_create_reap_waiter(state->waiter_pid);
- assert(ret == 0);
+ ret2 = tfork_create_reap_waiter(state->waiter_pid);
+ assert(ret2 == 0);
free(t);
t = NULL;
}
}
- ret = tfork_uninstall_sigchld_handler();
- assert(ret == 0);
+ ret2 = tfork_uninstall_sigchld_handler();
+ assert(ret2 == 0);
tfork_global_free();
diff --git a/python/samba/tests/krb5/raw_testcase.py b/python/samba/tests/krb5/raw_testcase.py
index 354474fb5bb..a3fcc701ab0 100644
--- a/python/samba/tests/krb5/raw_testcase.py
+++ b/python/samba/tests/krb5/raw_testcase.py
@@ -37,6 +37,7 @@ from pyasn1.codec.ber.encoder import BitStringEncoder
from pyasn1.error import PyAsn1Error
+from samba.compression import huffman_decompress
from samba.credentials import Credentials
from samba.dcerpc import claims, krb5pac, netlogon, security
from samba.gensec import FEATURE_SEAL
@@ -109,7 +110,6 @@ from samba.tests.krb5.rfc4120_constants import (
PADATA_REQ_ENC_PA_REP
)
import samba.tests.krb5.kcrypto as kcrypto
-from samba.tests.krb5 import xpress
def BitStringEncoder_encodeValue32(
@@ -3545,9 +3545,8 @@ class RawKerberosTest(TestCaseInTempDir):
f'{claims_type} unexpectedly not compressed '
f'({uncompressed_size} bytes uncompressed)')
- claims_data = xpress.decompress(claims_data,
- compression_format,
- uncompressed_size)
+ claims_data = huffman_decompress(claims_data,
+ uncompressed_size)
claims_set = ndr_unpack(claims.CLAIMS_SET_NDR,
claims_data)
diff --git a/python/samba/tests/krb5/xpress.py b/python/samba/tests/krb5/xpress.py
deleted file mode 100644
index b0fbe26fafb..00000000000
--- a/python/samba/tests/krb5/xpress.py
+++ /dev/null
@@ -1,128 +0,0 @@
-# Unix SMB/CIFS implementation.
-# Copyright (C) Catalyst.Net Ltd 2022
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-
-from samba.dcerpc import claims
-
-
-def decompress(data, compression_type, uncompressed_size):
- if compression_type == claims.CLAIMS_COMPRESSION_FORMAT_NONE:
- return data
- elif compression_type == claims.CLAIMS_COMPRESSION_FORMAT_XPRESS_HUFF:
- return lz77_huffman_decompress(data, uncompressed_size)
- else:
- raise AssertionError(f'compression type {compression_type} '
- f'not supported')
-
-
-def lz77_huffman_decompress(data, decompressed_size):
- def get_16_bits(data, pos):
- return data[pos] + (data[pos + 1] << 8)
-
- output = []
-
- symbol_bit_lengths = []
- for pair in data[:256]:
- symbol_bit_lengths.append(pair & 0xf)
- symbol_bit_lengths.append(pair >> 4)
-
- # Loop until a decompression terminating condition.
- while True:
- # Build the decoding table.
- decoding_table = []
- for bit_len in range(1, 16):
- for symbol in range(0, 512):
- encoded_bit_length = symbol_bit_lengths[symbol]
- if encoded_bit_length == bit_len:
- count = (1 << (15 - bit_len))
- decoding_table.extend([symbol] * count)
-
- if len(decoding_table) != 2 ** 15:
- raise AssertionError(f'Error constructing decoding table (len = '
- f'{len(decoding_table)}')
-
- # Start at the end of the Huffman table.
- current_pos = 256
-
- next_bits = get_16_bits(data, current_pos)
- current_pos += 2
-
- next_bits <<= 16
- next_bits |= get_16_bits(data, current_pos)
- current_pos += 2
-
- extra_bit_count = 16
- block_end = len(output) + 65536
-
- # Loop until a block terminating condition.
- while len(output) < block_end:
- huffman_symbol = decoding_table[next_bits >> (32 - 15)]
-
- huffman_symbol_bit_len = symbol_bit_lengths[huffman_symbol]
- next_bits <<= huffman_symbol_bit_len
- next_bits &= 0xffffffff
- extra_bit_count -= huffman_symbol_bit_len
-
- if extra_bit_count < 0:
- next_bits |= get_16_bits(data, current_pos) << -extra_bit_count
- extra_bit_count += 16
- current_pos += 2
-
- if huffman_symbol < 256:
- output.append(huffman_symbol)
-
- elif (huffman_symbol == 256 and current_pos == len(data)
- and len(output) == decompressed_size):
- return bytes(output)
- else:
- huffman_symbol -= 256
-
- match_len = huffman_symbol & 0xf
- match_offset_bit_len = huffman_symbol >> 4
-
- if match_len == 15:
- match_len = data[current_pos]
- current_pos += 1
-
- if match_len == 255:
- match_len = get_16_bits(data, current_pos)
- current_pos += 2
-
- if match_len < 15:
- raise AssertionError(f'match_len is too small! '
- f'({match_len} < 15)')
- match_len -= 15
- match_len += 15
- match_len += 3
-
- match_offset = next_bits >> (32 - match_offset_bit_len)
- match_offset |= 1 << match_offset_bit_len
-
- next_bits <<= match_offset_bit_len
- next_bits &= 0xffffffff
-
- extra_bit_count -= match_offset_bit_len
- if extra_bit_count < 0:
- next_bits |= (
- get_16_bits(data, current_pos) << -extra_bit_count)
- extra_bit_count += 16
- current_pos += 2
-
- for i in range(len(output) - match_offset,
- len(output) - match_offset + match_len):
- output.append(output[i])
-
- raise AssertionError('Should not get here')
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index ea4d86d3c24..8a8ba4b4f22 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -200,10 +200,10 @@ static WERROR dnsserver_query_server(struct dnsserver_state *dsstate,
{
uint8_t is_integer, is_addresses, is_string, is_wstring, is_stringlist;
uint32_t answer_integer;
- struct IP4_ARRAY *answer_iparray;
- struct DNS_ADDR_ARRAY *answer_addrarray;
- char *answer_string;
- struct DNS_RPC_UTF8_STRING_LIST *answer_stringlist;
+ struct IP4_ARRAY *answer_iparray = NULL;
+ struct DNS_ADDR_ARRAY *answer_addrarray = NULL;
+ char *answer_string = NULL;
+ struct DNS_RPC_UTF8_STRING_LIST *answer_stringlist = NULL;
struct dnsserver_serverinfo *serverinfo;
serverinfo = dsstate->serverinfo;
@@ -729,18 +729,8 @@ static WERROR dnsserver_query_server(struct dnsserver_state *dsstate,
}
is_addresses = 1;
} else if (strcasecmp(operation, "BreakOnReceiveFrom") == 0) {
- if (client_version == DNS_CLIENT_VERSION_LONGHORN) {
- answer_addrarray = NULL;
- } else {
- answer_iparray = NULL;
- }
is_addresses = 1;
} else if (strcasecmp(operation, "BreakOnUpdateFrom") == 0) {
- if (client_version == DNS_CLIENT_VERSION_LONGHORN) {
- answer_addrarray = NULL;
- } else {
- answer_iparray = NULL;
- }
is_addresses = 1;
} else if (strcasecmp(operation, "LogIPFilterList") == 0) {
if (client_version == DNS_CLIENT_VERSION_LONGHORN) {
@@ -780,13 +770,10 @@ static WERROR dnsserver_query_server(struct dnsserver_state *dsstate,
answer_string = talloc_strdup(mem_ctx, serverinfo->pwszLogFilePath);
is_wstring = 1;
} else if (strcasecmp(operation, "ServerLevelPluginDll") == 0) {
- answer_string = NULL;
is_wstring = 1;
} else if (strcasecmp(operation, "DsBackgroundPauseName") == 0) {
- answer_string = NULL;
is_string = 1;
} else if (strcasecmp(operation, "DsNotRoundRobinTypes") == 0) {
- answer_string = NULL;
is_string = 1;
}
@@ -803,10 +790,8 @@ static WERROR dnsserver_query_server(struct dnsserver_state *dsstate,
is_stringlist = 0;
if (strcasecmp(operation, "GlobalQueryBlockList") == 0) {
- answer_stringlist = NULL;
is_stringlist = 1;
} else if (strcasecmp(operation, "SocketPoolExcludedPortRanges") == 0) {
- answer_stringlist = NULL;
is_stringlist = 1;
}
@@ -831,9 +816,9 @@ static WERROR dnsserver_query_zone(struct dnsserver_state *dsstate,
{
uint8_t is_integer, is_addresses, is_string;
uint32_t answer_integer = 0;
- struct IP4_ARRAY *answer_iparray;
- struct DNS_ADDR_ARRAY *answer_addrarray;
- char *answer_string;
+ struct IP4_ARRAY *answer_iparray = NULL;
+ struct DNS_ADDR_ARRAY *answer_addrarray = NULL;
+ char *answer_string = NULL;
struct dnsserver_zoneinfo *zoneinfo;
zoneinfo = z->zoneinfo;
@@ -1021,11 +1006,6 @@ static WERROR dnsserver_query_zone(struct dnsserver_state *dsstate,
is_addresses = 0;
if (strcasecmp(operation, "AllowNSRecordsAutoCreation") == 0) {
- if (client_version == DNS_CLIENT_VERSION_LONGHORN) {
- answer_addrarray = NULL;
- } else {
- answer_iparray = NULL;
- }
is_addresses = 1;
} else if (strcasecmp(operation, "ScavengeServers") == 0) {
if (client_version == DNS_CLIENT_VERSION_LONGHORN) {
@@ -1084,7 +1064,6 @@ static WERROR dnsserver_query_zone(struct dnsserver_state *dsstate,
answer_string = talloc_strdup(mem_ctx, z->partition->pszDpFqdn);
is_string = 1;
} else if (strcasecmp(operation, "BreakOnNameUpdate") == 0) {
- answer_string = NULL;
is_string = 1;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list