ndr_size_struct() needs iconv parameter

Andrew Bartlett abartlet at samba.org
Sat Dec 20 03:46:15 GMT 2008 

Jelmer,

I've been recently testing NET-API-BECOMEDC, and it seems that the war
on global_iconv_convenience has had another casualty.

The functions ndr_size_union() and ndr_size_struct() from the common
librpc/ndr/ndr.c code both use global_iconv_convenience, which for some
reason it not initialised in this torture test.

I get a segfault:
Analyze and apply schema objects
==16448== 
==16448== Invalid read of size 8
==16448==    at 0xC84D261: get_conv_handle (charcnv.c:130)
==16448==    by 0xC84D709: convert_string_convenience (charcnv.c:254)
==16448==    by 0xC71DBA5: ndr_push_charset (ndr_string.c:674)
==16448==    by 0xC62B62B: ndr_push_repsFromTo1OtherInfo
(ndr_drsblobs.c:461)
==16448==    by 0xC62BACF: ndr_push_repsFromTo1 (ndr_drsblobs.c:519)
==16448==    by 0xC724F37: ndr_size_struct (ndr.c:939)
==16448==    by 0xC62C25D: ndr_size_repsFromTo1 (ndr_drsblobs.c:608)
==16448==    by 0xC62B822: ndr_push_repsFromTo1 (ndr_drsblobs.c:501)
==16448==    by 0xC62C2A6: ndr_push_repsFromTo (ndr_drsblobs.c:617)
==16448==    by 0xC62C56F: ndr_push_repsFromToBlob (ndr_drsblobs.c:687)
==16448==    by 0xC724D88: ndr_push_struct_blob (ndr.c:895)
==16448==    by 0xC47BA39: replmd_replicated_uptodate_modify
(repl_meta_data.c:1272)
==16448==  Address 0x58 is not stack'd, malloc'd or (recently) free'd
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INTERNAL ERROR: Signal 11 in pid 16448 (4.0.0alpha6-GIT-43d0a48)
Please read the file BUGS.txt in the distribution
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

As I know you have been working hard to ensure that the last remnants of
this global variable are removed, could you see about changing this
function?

Thanks,

BTW, the command I used to test was:

bin/smbtorture ncacn_np:win2k3-2.ad.naomi.abartlet.net -k yes
-Uadministrator%password NET-API-BECOME-DC -WAD
--realm=ad.naomi.abartlet.net -d1

Andrew Bartlett
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20081220/196da3d7/attachment.bin

More information about the samba-technical mailing list