sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

r13971: Fix Coverity bugs #209 - #213 - it detected mistakes

Browse Source 
in the pointer aliasing once realloc could change
a pointer. This was in the bugzilla.samba.org database
as #687 but we never figured out what it was !
Jeremy.
(This used to be commit 8d18344140)
This commit is contained in:
Jeremy Allison 2006-03-07 18:00:21 +00:00 committed by Gerald (Jerry) Carter
parent 247bacf19b
commit a31c931804
1 changed files with 67 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
source3/lib/substitute.c
View File

@ -532,7 +532,9 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx, const char *smb_name, const char *st
{ {
char *a, *t; char *a, *t;
a = alloc_sub_basic(smb_name, str); a = alloc_sub_basic(smb_name, str);
if (!a) return NULL; if (!a) {
return NULL;
}
t = talloc_strdup(mem_ctx, a); t = talloc_strdup(mem_ctx, a);
SAFE_FREE(a); SAFE_FREE(a);
return t; return t;
@ -540,14 +542,14 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx, const char *smb_name, const char *st
char *alloc_sub_basic(const char *smb_name, const char *str) char *alloc_sub_basic(const char *smb_name, const char *str)
{ {
char *b, *p, *s, *t, *r, *a_string; char *b, *p, *s, *r, *a_string;
fstring pidstr; fstring pidstr;
struct passwd *pass; struct passwd *pass;
const char *local_machine_name = get_local_machine_name(); const char *local_machine_name = get_local_machine_name();
/* workaround to prevent a crash while lookinf at bug #687 */ /* workaround to prevent a crash while looking at bug #687 */
if ( !str ) { if (!str) {
DEBUG(0,("alloc_sub_basic: NULL source string! This should not happen\n")); DEBUG(0,("alloc_sub_basic: NULL source string! This should not happen\n"));
return NULL; return NULL;
} }
@ -561,68 +563,75 @@ char *alloc_sub_basic(const char *smb_name, const char *str)
for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) { for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
r = NULL; r = NULL;
b = t = a_string; b = a_string;
switch (*(p+1)) { switch (*(p+1)) {
case 'U' : case 'U' :
r = strdup_lower(smb_name); r = strdup_lower(smb_name);
if (r == NULL) goto error; if (r == NULL) {
t = realloc_string_sub(t, "%U", r); goto error;
}
a_string = realloc_string_sub(a_string, "%U", r);
break; break;
case 'G' : case 'G' :
r = SMB_STRDUP(smb_name); r = SMB_STRDUP(smb_name);
if (r == NULL) goto error; if (r == NULL) {
goto error;
}
if ((pass = Get_Pwnam(r))!=NULL) { if ((pass = Get_Pwnam(r))!=NULL) {
t = realloc_string_sub(t, "%G", gidtoname(pass->pw_gid)); a_string = realloc_string_sub(a_string, "%G", gidtoname(pass->pw_gid));
} }
break; break;
case 'D' : case 'D' :
r = strdup_upper(current_user_info.domain); r = strdup_upper(current_user_info.domain);
if (r == NULL) goto error; if (r == NULL) {
t = realloc_string_sub(t, "%D", r); goto error;
}
a_string = realloc_string_sub(a_string, "%D", r);
break; break;
case 'I' : case 'I' :
t = realloc_string_sub(t, "%I", client_addr()); a_string = realloc_string_sub(a_string, "%I", client_addr());
break; break;
case 'L' : case 'L' :
if (local_machine_name && *local_machine_name) if (local_machine_name && *local_machine_name) {
t = realloc_string_sub(t, "%L", local_machine_name); a_string = realloc_string_sub(a_string, "%L", local_machine_name);
else } else {
t = realloc_string_sub(t, "%L", global_myname()); a_string = realloc_string_sub(a_string, "%L", global_myname());
}
break; break;
case 'N': case 'N':
t = realloc_string_sub(t, "%N", automount_server(smb_name)); a_string = realloc_string_sub(a_string, "%N", automount_server(smb_name));
break; break;
case 'M' : case 'M' :
t = realloc_string_sub(t, "%M", client_name()); a_string = realloc_string_sub(a_string, "%M", client_name());
break; break;
case 'R' : case 'R' :
t = realloc_string_sub(t, "%R", remote_proto); a_string = realloc_string_sub(a_string, "%R", remote_proto);
break; break;
case 'T' : case 'T' :
t = realloc_string_sub(t, "%T", timestring(False)); a_string = realloc_string_sub(a_string, "%T", timestring(False));
break; break;
case 'a' : case 'a' :
t = realloc_string_sub(t, "%a", remote_arch); a_string = realloc_string_sub(a_string, "%a", remote_arch);
break; break;
case 'd' : case 'd' :
slprintf(pidstr,sizeof(pidstr)-1, "%d",(int)sys_getpid()); slprintf(pidstr,sizeof(pidstr)-1, "%d",(int)sys_getpid());
t = realloc_string_sub(t, "%d", pidstr); a_string = realloc_string_sub(a_string, "%d", pidstr);
break; break;
case 'h' : case 'h' :
t = realloc_string_sub(t, "%h", myhostname()); a_string = realloc_string_sub(a_string, "%h", myhostname());
break; break;
case 'm' : case 'm' :
t = realloc_string_sub(t, "%m", remote_machine); a_string = realloc_string_sub(a_string, "%m", remote_machine);
break; break;
case 'v' : case 'v' :
t = realloc_string_sub(t, "%v", SAMBA_VERSION_STRING); a_string = realloc_string_sub(a_string, "%v", SAMBA_VERSION_STRING);
break; break;
case 'w' : case 'w' :
t = realloc_string_sub(t, "%w", lp_winbind_separator()); a_string = realloc_string_sub(a_string, "%w", lp_winbind_separator());
break; break;
case '$' : case '$' :
t = realloc_expand_env_var(t, p); /* Expand environment variables */ a_string = realloc_expand_env_var(a_string, p); /* Expand environment variables */
break; break;
default: default:
@ -631,11 +640,13 @@ char *alloc_sub_basic(const char *smb_name, const char *str)
p++; p++;
SAFE_FREE(r); SAFE_FREE(r);
if (t == NULL) goto error; if (a_string == NULL) {
a_string = t; return NULL;
}
} }
return a_string; return a_string;
error: error:
SAFE_FREE(a_string); SAFE_FREE(a_string);
return NULL; return NULL;
@ -655,7 +666,9 @@ char *talloc_sub_specified(TALLOC_CTX *mem_ctx,
{ {
char *a, *t; char *a, *t;
a = alloc_sub_specified(input_string, username, domain, uid, gid); a = alloc_sub_specified(input_string, username, domain, uid, gid);
if (!a) return NULL; if (!a) {
return NULL;
}
t = talloc_strdup(mem_ctx, a); t = talloc_strdup(mem_ctx, a);
SAFE_FREE(a); SAFE_FREE(a);
return t; return t;
@ -668,7 +681,7 @@ char *alloc_sub_specified(const char *input_string,
gid_t gid) gid_t gid)
{ {
char *a_string, *ret_string; char *a_string, *ret_string;
char *b, *p, *s, *t; char *b, *p, *s;
a_string = SMB_STRDUP(input_string); a_string = SMB_STRDUP(input_string);
if (a_string == NULL) { if (a_string == NULL) {
@ -678,45 +691,43 @@ char *alloc_sub_specified(const char *input_string,
for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) { for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
b = t = a_string; b = a_string;
switch (*(p+1)) { switch (*(p+1)) {
case 'U' : case 'U' :
t = realloc_string_sub(t, "%U", username); a_string = realloc_string_sub(a_string, "%U", username);
break; break;
case 'u' : case 'u' :
t = realloc_string_sub(t, "%u", username); a_string = realloc_string_sub(a_string, "%u", username);
break; break;
case 'G' : case 'G' :
if (gid != -1) { if (gid != -1) {
t = realloc_string_sub(t, "%G", gidtoname(gid)); a_string = realloc_string_sub(a_string, "%G", gidtoname(gid));
} else { } else {
t = realloc_string_sub(t, "%G", "NO_GROUP"); a_string = realloc_string_sub(a_string, "%G", "NO_GROUP");
} }
break; break;
case 'g' : case 'g' :
if (gid != -1) { if (gid != -1) {
t = realloc_string_sub(t, "%g", gidtoname(gid)); a_string = realloc_string_sub(a_string, "%g", gidtoname(gid));
} else { } else {
t = realloc_string_sub(t, "%g", "NO_GROUP"); a_string = realloc_string_sub(a_string, "%g", "NO_GROUP");
} }
break; break;
case 'D' : case 'D' :
t = realloc_string_sub(t, "%D", domain); a_string = realloc_string_sub(a_string, "%D", domain);
break; break;
case 'N' : case 'N' :
t = realloc_string_sub(t, "%N", automount_server(username)); a_string = realloc_string_sub(a_string, "%N", automount_server(username));
break; break;
default: default:
break; break;
} }
p++; p++;
if (t == NULL) { if (a_string == NULL) {
SAFE_FREE(a_string);
return NULL; return NULL;
} }
a_string = t;
} }
ret_string = alloc_sub_basic(username, a_string); ret_string = alloc_sub_basic(username, a_string);
@ -734,7 +745,9 @@ char *talloc_sub_advanced(TALLOC_CTX *mem_ctx,
{ {
char *a, *t; char *a, *t;
a = alloc_sub_advanced(snum, user, connectpath, gid, smb_name, str); a = alloc_sub_advanced(snum, user, connectpath, gid, smb_name, str);
if (!a) return NULL; if (!a) {
return NULL;
}
t = talloc_strdup(mem_ctx, a); t = talloc_strdup(mem_ctx, a);
SAFE_FREE(a); SAFE_FREE(a);
return t; return t;
@ -745,7 +758,7 @@ char *alloc_sub_advanced(int snum, const char *user,
const char *smb_name, const char *str) const char *smb_name, const char *str)
{ {
char *a_string, *ret_string; char *a_string, *ret_string;
char *b, *p, *s, *t, *h; char *b, *p, *s, *h;
a_string = SMB_STRDUP(str); a_string = SMB_STRDUP(str);
if (a_string == NULL) { if (a_string == NULL) {
@ -755,27 +768,27 @@ char *alloc_sub_advanced(int snum, const char *user,
for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) { for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
b = t = a_string; b = a_string;
switch (*(p+1)) { switch (*(p+1)) {
case 'N' : case 'N' :
t = realloc_string_sub(t, "%N", automount_server(user)); a_string = realloc_string_sub(a_string, "%N", automount_server(user));
break; break;
case 'H': case 'H':
if ((h = get_user_home_dir(user))) if ((h = get_user_home_dir(user)))
t = realloc_string_sub(t, "%H", h); a_string = realloc_string_sub(a_string, "%H", h);
break; break;
case 'P': case 'P':
t = realloc_string_sub(t, "%P", connectpath); a_string = realloc_string_sub(a_string, "%P", connectpath);
break; break;
case 'S': case 'S':
t = realloc_string_sub(t, "%S", lp_servicename(snum)); a_string = realloc_string_sub(a_string, "%S", lp_servicename(snum));
break; break;
case 'g': case 'g':
t = realloc_string_sub(t, "%g", gidtoname(gid)); a_string = realloc_string_sub(a_string, "%g", gidtoname(gid));
break; break;
case 'u': case 'u':
t = realloc_string_sub(t, "%u", user); a_string = realloc_string_sub(a_string, "%u", user);
break; break;
/* Patch from jkf@soton.ac.uk Left the %N (NIS /* Patch from jkf@soton.ac.uk Left the %N (NIS
@ -786,7 +799,7 @@ char *alloc_sub_advanced(int snum, const char *user,
* "path =" string in [homes] and so needs the * "path =" string in [homes] and so needs the
* service name, not the username. */ * service name, not the username. */
case 'p': case 'p':
t = realloc_string_sub(t, "%p", automount_path(lp_servicename(snum))); a_string = realloc_string_sub(a_string, "%p", automount_path(lp_servicename(snum)));
break; break;
default: default:
@ -794,11 +807,9 @@ char *alloc_sub_advanced(int snum, const char *user,
} }
p++; p++;
if (t == NULL) { if (a_string == NULL) {
SAFE_FREE(a_string);
return NULL; return NULL;
} }
a_string = t;
} }
ret_string = alloc_sub_basic(smb_name, a_string); ret_string = alloc_sub_basic(smb_name, a_string);