[PATCH] dfs_server: get_dcs: fix pointer list termination
Arvid Requate
requate at univention.de
Mon Mar 31 10:45:07 MDT 2014
Should fix a potential SEGV e.g. in case searched_site == NULL and no
objects with objectClass=site are found.
Signed-off-by: Arvid Requate <requate at univention.de>
---
dfs_server/dfs_server_ad.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index 5e2634f..3d93e19 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -366,7 +366,11 @@ static NTSTATUS get_dcs(TALLOC_CTX *ctx, struct ldb_context *ldb,
/* All of this was to get the DN of the searched_site */
sitedn = r->msgs[0]->dn;
- set_list = talloc_realloc(subctx, set_list, struct dc_set *, current_pos+1);
+ /*
+ * We will realloc + 2 because we will need one additional place
+ * for element at current_pos + 1 for the NULL element
+ */
+ set_list = talloc_realloc(subctx, set_list, struct dc_set *, current_pos+2);
if (set_list == NULL) {
TALLOC_FREE(subctx);
return NT_STATUS_NO_MEMORY;
@@ -380,6 +384,9 @@ static NTSTATUS get_dcs(TALLOC_CTX *ctx, struct ldb_context *ldb,
set_list[current_pos]->names = NULL;
set_list[current_pos]->count = 0;
+
+ set_list[current_pos+1] = NULL;
+
status = get_dcs_insite(subctx, ldb, sitedn,
set_list[current_pos], need_fqdn);
if (!NT_STATUS_IS_OK(status)) {
@@ -468,8 +475,6 @@ static NTSTATUS get_dcs(TALLOC_CTX *ctx, struct ldb_context *ldb,
}
}
}
- current_pos++;
- set_list[current_pos] = NULL;
*pset_list = talloc_move(ctx, &set_list);
talloc_free(subctx);
--
1.8.5.3
More information about the samba-technical
mailing list