Memory allocation without check
andreas.moroder@inwind.it
andreas.moroder at inwind.it
Sat Dec 28 18:46:59 GMT 2002
Hello,
in libads of samba 3.0 I have found the following lines where memory is
allocated, but there is no check if the allocation failed.
Bye and a happy new year
Andreas
ldap.c" line 328
value = talloc_zero(ctx, sizeof(struct berval));
if (in_val->bv_len == 0) return value;
value->bv_len = in_val->bv_len;
ldap.c" line 1545,
ret = talloc(mem_ctx, sizeof(char *) * (n+1));
for (i=0;i<n;i++) {
if (pull_utf8_talloc(mem_ctx, &ret[i], values[i]) == -1) {
return NULL;
}
}
ret[i] = NULL;
ldap.c" line 1658,
(*sids) = talloc(mem_ctx, sizeof(DOM_SID) * i);
count = 0;
for (i=0; values[i]; i++) {
ret = sid_parse(values[i]->bv_val, values[i]->bv_len,
&(*sids)[count]);
if (ret) count++;
}
ads_struct.c line 44
ret = malloc(len);
strlcpy(ret,field, len);
krb5_setpw.c line 141
packet->data = (char *)malloc(ap_req->length + cipherpw.length + 6);
/* see the RFC for details */
p = packet->data + 2;
RSSVAL(p, 0, 0xff80); p += 2;
krb5_setpw.c line 403
chpw_rep.data = (char *) malloc(chpw_rep.length);
ret = read(sock, chpw_rep.data, chpw_rep.length)
More information about the samba-technical
mailing list