sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-02 00:22:11 +03:00
Code Activity

removed the prs_align in spoolss_smb_io_unistr() (JF, please check)

Browse Source 
as it was throwing things off when parsing buffers passed in SPOOLSS
RPCs

fixed the unmarshalling of UNISTR arrays to be double NULL terminated




jerry
(This used to be commit 236f19659c)
This commit is contained in:
Gerald Carter
2000-08-12 14:51:36 +00:00
parent 2ca88a0f2d
commit 13913e2c97
1 changed files with 36 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
source3/rpc_parse/parse_spoolss.c
View File

@ -1475,6 +1475,32 @@ static uint32 size_of_systemtime(SYSTEMTIME *systime)
return (sizeof(SYSTEMTIME) +4);
}
/*******************************************************************
* write a UNICODE string.
* used by all the RPC structs passing a buffer
********************************************************************/
static BOOL spoolss_smb_io_unistr(char *desc, UNISTR *uni, prs_struct *ps, int depth)
{
if (uni == NULL)
return False;
prs_debug(ps, depth, desc, "spoolss_smb_io_unistr");
depth++;
/* there should be no align here as it can mess up
parsing a NEW_BUFFER->prs */
#if 0 /* JERRY */
if (!prs_align(ps))
return False;
#endif
if (!prs_unistr("unistr", ps, depth, uni))
return False;
return True;
}
/*******************************************************************
* write a UNICODE string and its relative pointer.
* used by all the RPC structs passing a buffer
@ -1627,16 +1653,23 @@ static BOOL new_smb_io_relarraystr(char *desc, NEW_BUFFER *buffer, int depth, ui
return False;
l_chaine=str_len_uni(&chaine);
if((chaine2=(uint16 *)Realloc(chaine2, (l_chaine2+l_chaine+1)*sizeof(uint16))) == NULL)
return False;
/* we're going to add two more bytes here in case this
is the last string in the array and we need to add
an extra NULL for termination */
if (l_chaine > 0)
{
if((chaine2=(uint16 *)Realloc(chaine2, (l_chaine2+l_chaine+2)*sizeof(uint16))) == NULL)
return False;
memcpy(chaine2+l_chaine2, chaine.buffer, (l_chaine+1)*sizeof(uint16));
l_chaine2+=l_chaine+1;
}
} while(l_chaine!=0);
/* the end should be bould NULL terminated so add
the second one here */
chaine2[l_chaine2] = '\0';
*string=chaine2;
if(!prs_set_offset(ps, old_offset))
@ -2968,7 +3001,7 @@ BOOL make_spoolss_q_enumprinters(SPOOL_Q_ENUMPRINTERS *q_u, uint32 flags,
q_u->flags=flags;
q_u->servername_ptr = (servername != NULL) ? 1 : 0;
init_unistr2(&q_u->servername, servername, strlen(servername));
init_buf_unistr2(&q_u->servername, &q_u->servername_ptr, servername);
q_u->level=level;
q_u->buffer=buffer;