mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
r12853: Fix segfault in "net rpc vampire|samdump" (Bugzilla #3390).
The session key, after beeing set, was zeroed later on by the prs_init
in the CLI_DO_RPC macro.
Guenther
(This used to be commit eaaeaa767e
)
This commit is contained in:
parent
673c356488
commit
54b1c585bb
@ -23,8 +23,8 @@
|
|||||||
|
|
||||||
/* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */
|
/* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */
|
||||||
|
|
||||||
#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
#define CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
|
q_ps, r_ps, q_io_fn, r_io_fn, default_error, copy_sess_key ) \
|
||||||
{\
|
{\
|
||||||
SMB_ASSERT(pcli->pipe_idx == p_idx); \
|
SMB_ASSERT(pcli->pipe_idx == p_idx); \
|
||||||
if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
|
if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
|
||||||
@ -34,6 +34,7 @@
|
|||||||
prs_mem_free( &q_ps );\
|
prs_mem_free( &q_ps );\
|
||||||
return NT_STATUS_NO_MEMORY;\
|
return NT_STATUS_NO_MEMORY;\
|
||||||
}\
|
}\
|
||||||
|
if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\
|
||||||
if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
|
if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
|
||||||
NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
|
NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
|
||||||
if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\
|
if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\
|
||||||
@ -41,6 +42,7 @@
|
|||||||
prs_mem_free( &r_ps );\
|
prs_mem_free( &r_ps );\
|
||||||
return _smb_pipe_stat_;\
|
return _smb_pipe_stat_;\
|
||||||
}\
|
}\
|
||||||
|
if ( copy_sess_key ) prs_set_session_key(&r_ps, (const char *)pcli->dc->sess_key);\
|
||||||
if (!r_io_fn("", &r_out, &r_ps, 0)) {\
|
if (!r_io_fn("", &r_out, &r_ps, 0)) {\
|
||||||
prs_mem_free( &q_ps );\
|
prs_mem_free( &q_ps );\
|
||||||
prs_mem_free( &r_ps );\
|
prs_mem_free( &r_ps );\
|
||||||
@ -55,6 +57,21 @@
|
|||||||
prs_mem_free( &r_ps );\
|
prs_mem_free( &r_ps );\
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define CLI_DO_RPC_COPY_SESS_KEY( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
|
q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
|
||||||
|
{\
|
||||||
|
CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
|
q_ps, r_ps, q_io_fn, r_io_fn, default_error, True ); \
|
||||||
|
}
|
||||||
|
|
||||||
|
#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
|
q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \
|
||||||
|
{\
|
||||||
|
CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
|
q_ps, r_ps, q_io_fn, r_io_fn, default_error, False ); \
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Arrrgg. Same but with WERRORS. Needed for registry code. */
|
/* Arrrgg. Same but with WERRORS. Needed for registry code. */
|
||||||
|
|
||||||
#define CLI_DO_RPC_WERR( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
#define CLI_DO_RPC_WERR( pcli, ctx, p_idx, opnum, q_in, r_out, \
|
||||||
|
@ -604,15 +604,12 @@ NTSTATUS rpccli_netlogon_sam_sync(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
|
|||||||
|
|
||||||
creds_client_step(cli->dc, &clnt_creds);
|
creds_client_step(cli->dc, &clnt_creds);
|
||||||
|
|
||||||
prs_set_session_key(&qbuf, (const char *)cli->dc->sess_key);
|
|
||||||
prs_set_session_key(&rbuf, (const char *)cli->dc->sess_key);
|
|
||||||
|
|
||||||
init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
|
init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
|
||||||
&clnt_creds, &ret_creds, database_id, next_rid);
|
&clnt_creds, &ret_creds, database_id, next_rid);
|
||||||
|
|
||||||
/* Marshall data and send request */
|
/* Marshall data and send request */
|
||||||
|
|
||||||
CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
|
CLI_DO_RPC_COPY_SESS_KEY(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
|
||||||
q, r,
|
q, r,
|
||||||
qbuf, rbuf,
|
qbuf, rbuf,
|
||||||
net_io_q_sam_sync,
|
net_io_q_sam_sync,
|
||||||
|
Loading…
Reference in New Issue
Block a user