BUG in smbw_dir.c
andreas moroder
claudiamoroder at st-ulrich.suedtirol.net
Tue Oct 9 12:49:02 GMT 2001
Hello,
in smbwrapper/smbw_dir.c at smbw_dir_add there is a big bug.
static void smbw_dir_add(struct file_info *finfo, const char *mask,
void *state)
{
struct file_info *cdl;
DEBUG(5,("%s\n", finfo->name));
if (cur_dir->malloced == cur_dir->count) {
#### Here the result of realloc is assigned to cdl
cdl = (struct file_info *)Realloc(cur_dir->list,
sizeof(cur_dir->list[0])*
(cur_dir->count+100));
#### here cur_dir->list is tested
#### cdl is never tested
if (!cur_dir->list) {
/* oops */
return;
}
cur_dir->list = cdl;
cur_dir->malloced += 100;
}
cur_dir->list[cur_dir->count] = *finfo;
cur_dir->count++;
}
There are also two memory leaks in smbwrapper/shared.c
in the lines 114 and 169 the result of Realloc is assigned to the same
variable passed to Realloc
variable=Realloc(variables )
There are also realloc ( lowercase ) around in the code that should be
changed to Realloc.
Bye
Andreas Moroder
More information about the samba-technical
mailing list