bug in HEAD: init_unistr2_from_unistr

Gerald Carter gcarter at valinux.com
Sat Aug 5 19:08:12 GMT 2000

Elrond wrote:
> Hi,
> since I haven't asked, wether I may modify HEAD:
> in rpc_parse/parse_misc.c:init_unistr2_from_unistr
>         if ((from->buffer)[i]=='\0' && (from->buffer)[(2*i)+1]=='\0')
> should only be:
>         if (from->buffer[i]==0)
> the buffer is already a "uint16 *", 

Doh!?!  This is mine.  Had a brain lapse and was thinking
of UNISTR as double byte char's.  Probably from staring 
at packet dumps in hex.  You're absolutetly ocorrect.

btw...this is only used in rpcclient at the moment if you
are wondering about the repercussions of the bug.


> and accessing 2*i+1 is
> likely to be out of allocated memory.
>     Elrond
> p.s.: Or where should I post this?

   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com  VA Linux Systems    gcarter at valinux.com
       http://www.samba.org       SAMBA Team           jerry at samba.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list