sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code

Patch by Metze to ensure that we always at least initialize our output string

Browse Source 
for rpc_pull_string.  If we had a NULL or zero-length string, we would use
uninitialised data in the result string.

Andrew Bartlett
(This used to be commit df10aee451b431a8a056a949a98393da256185da)
This commit is contained in:
Andrew Bartlett 2003-04-23 14:07:33 +00:00
parent 11c453951a
commit 66468d2315
3 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source3/lib/charcnv.c
View File

@ -420,6 +420,8 @@ size_t pull_ascii(char *dest, const void *src, size_t dest_len, size_t src_len,
if (dest_len)
dest[MIN(ret, dest_len-1)] = 0;
else
dest[0] = 0;
return src_len;
}
@ -629,6 +631,8 @@ size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_
ret = convert_string(CH_UCS2, CH_UNIX, src, src_len, dest, dest_len);
if (dest_len)
dest[MIN(ret, dest_len-1)] = 0;
else
dest[0] = 0;
return src_len;
}

5
source3/lib/util_unistr.c
View File

@ -229,7 +229,10 @@ char *skip_unibuf(char *src, size_t len)
*/
int rpcstr_pull(char* dest, void *src, int dest_len, int src_len, int flags)
{
if (!src) return 0;
if (!src) {
dest[0] = 0;
return 0;
}
if(dest_len==-1) dest_len=MAXUNI-3;
return pull_ucs2(NULL, dest, src, dest_len, src_len, flags|STR_UNICODE|STR_NOALIGN);
}

6
source3/rpc_server/srv_samr_nt.c
View File

@ -1473,13 +1473,14 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO
for (i = 0; i < num_rids; i++) {
fstring name;
DOM_SID sid;
int ret;
r_u->status = NT_STATUS_NONE_MAPPED;
rid [i] = 0xffffffff;
type[i] = SID_NAME_UNKNOWN;
rpcstr_pull(name, q_u->uni_name[i].buffer, sizeof(name), q_u->uni_name[i].uni_str_len*2, 0);
ret = rpcstr_pull(name, q_u->uni_name[i].buffer, sizeof(name), q_u->uni_name[i].uni_str_len*2, 0);
/*
* we are only looking for a name
@ -1492,7 +1493,8 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO
* a cleaner code is to add the sid of the domain we're looking in
* to the local_lookup_name function.
*/
if(local_lookup_name(name, &sid, &local_type)) {
if ((ret > 0) && local_lookup_name(name, &sid, &local_type)) {
sid_split_rid(&sid, &local_rid);
if (sid_equal(&sid, &pol_sid)) {