From ac5f0785c83d971a043cc99369dd491bee2be302 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 2 Jun 2004 23:19:36 +0000 Subject: [PATCH] r984: Ensure memmove & memcpy aren't called with len == 0. Jeremy. (This used to be commit 40c77dddc65e18b879d922379d562ffb8be80ab5) --- source3/locking/locking.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/source3/locking/locking.c b/source3/locking/locking.c index 42036cc70cf..2a27d7d4cdc 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -454,8 +454,10 @@ int get_share_modes(connection_struct *conn, i++; } else { DEBUG(10,("get_share_modes: deleted %s\n", share_mode_str(i, entry_p) )); - memcpy( &shares[i], &shares[i+1], - sizeof(share_mode_entry) * (num_share_modes - i - 1)); + if (num_share_modes - i - 1 > 0) { + memcpy( &shares[i], &shares[i+1], + sizeof(share_mode_entry) * (num_share_modes - i - 1)); + } num_share_modes--; del_count++; } @@ -575,8 +577,10 @@ ssize_t del_share_entry( SMB_DEV_T dev, SMB_INO_T inode, if (ppse) *ppse = memdup(&shares[i], sizeof(*shares)); data->u.num_share_mode_entries--; - memmove(&shares[i], &shares[i+1], - dbuf.dsize - (sizeof(*data) + (i+1)*sizeof(*shares))); + if ((dbuf.dsize - (sizeof(*data) + (i+1)*sizeof(*shares))) > 0) { + memmove(&shares[i], &shares[i+1], + dbuf.dsize - (sizeof(*data) + (i+1)*sizeof(*shares))); + } del_count++; DEBUG(10,("del_share_entry: deleting entry %d\n", i ));