severe (?) error in tdb.c
andreas moroder
claudiamoroder at st-ulrich.suedtirol.net
Sat Sep 22 07:30:03 GMT 2001
Hello,
in tdb.c the function tdb_next_lock is defined to retunr int.
static int tdb_next_lock(TDB_CONTEXT *tdb, struct tdb_traverse_lock *tlock,
struct list_struct *rec)
{
at line 1113
if (!TDB_DEAD(rec)) {
/* Woohoo: we found one! */
lock_record(tdb, tlock->off);
return tlock->off;
}
tlock->off is returned, but off is defined as UNSIGNED int
at line 1153 tdb_next_lock is used in this statement
while ((ret = tdb_next_lock(tdb, &tl, &rec)) > 0) {
and 1180 ret is used in a test
if (ret < 0)
return -1;
but tlock->off may be bigger than 0x7fff, so the return value can be , after
being converted, <0, and thats wrong.
Bye
Andreas Moroder
More information about the samba-technical
mailing list