1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

this is a big global fix for the ptr = Realloc(ptr, size) bug.

many possible mem leaks, and segfaults fixed.

someone should port this fix to 2.2 also.
This commit is contained in:
Simo Sorce 0001-01-01 00:00:00 +00:00
parent 895d1cd317
commit fa8e55b8b4
30 changed files with 363 additions and 136 deletions

View File

@ -460,8 +460,12 @@ realloc some memory for a parse structure
********************************************************************/
BOOL io_realloc(char *name, io_struct *ps, void **ptr, unsigned size)
{
(*ptr) = (void *)Realloc(*ptr, size);
if (*ptr) return True;
return False;
BOOL ret = True;
void *tp;
tp = (void *)Realloc(*ptr, size);
if (tp) *ptr = tp;
else ret = False;
return ret;
}

View File

@ -415,20 +415,22 @@ static void adjust_do_list_queue(void)
static void add_to_do_list_queue(const char* entry)
{
char *dlq;
long new_end = do_list_queue_end + ((long)strlen(entry)) + 1;
while (new_end > do_list_queue_size)
{
do_list_queue_size *= 2;
DEBUG(4,("enlarging do_list_queue to %d\n",
(int)do_list_queue_size));
do_list_queue = Realloc(do_list_queue, do_list_queue_size);
if (! do_list_queue) {
dlq = Realloc(do_list_queue, do_list_queue_size);
if (! dlq) {
DEBUG(0,("failure enlarging do_list_queue to %d bytes\n",
(int)do_list_queue_size));
reset_do_list_queue();
}
else
{
do_list_queue = dlq;
memset(do_list_queue + do_list_queue_size / 2,
0, do_list_queue_size / 2);
}

View File

@ -1569,14 +1569,16 @@ static int read_inclusion_file(char *filename)
}
if ((strlen(buf) + 1 + inclusion_buffer_sofar) >= inclusion_buffer_size) {
char *ib;
inclusion_buffer_size *= 2;
inclusion_buffer = Realloc(inclusion_buffer,inclusion_buffer_size);
if (! inclusion_buffer) {
ib = Realloc(inclusion_buffer,inclusion_buffer_size);
if (! ib) {
DEBUG(0,("failure enlarging inclusion buffer to %d bytes\n",
inclusion_buffer_size));
error = 1;
break;
}
else inclusion_buffer = ib;
}
safe_strcpy(inclusion_buffer + inclusion_buffer_sofar, buf, inclusion_buffer_size - inclusion_buffer_sofar);

View File

@ -140,16 +140,19 @@ LOCAL_GRP *iterate_getaliasnam(char *name, LOCAL_GRP_MEMBER **mem, int *num_mem)
*************************************************************************/
BOOL add_domain_alias(LOCAL_GRP **alss, int *num_alss, LOCAL_GRP *als)
{
LOCAL_GRP *talss;
if (alss == NULL || num_alss == NULL || als == NULL)
{
return False;
}
(*alss) = Realloc((*alss), ((*num_alss)+1) * sizeof(LOCAL_GRP));
if ((*alss) == NULL)
talss = Realloc((*alss), ((*num_alss)+1) * sizeof(LOCAL_GRP));
if (talss == NULL)
{
return False;
}
else (*alss) = talss;
DEBUG(10,("adding alias %s(%s)\n", als->name, als->comment));

View File

@ -128,12 +128,13 @@ static char *get_alias_members(char *p, int *num_mem, LOCAL_GRP_MEMBER **members
while (next_token(&p, name, ",", sizeof(fstring)))
{
LOCAL_GRP_MEMBER *mbrs;
DOM_SID sid;
uint8 type;
if (lookup_sid(name, &sid, &type))
{
(*members) = Realloc((*members), ((*num_mem)+1) * sizeof(LOCAL_GRP_MEMBER));
mbrs = Realloc((*members), ((*num_mem)+1) * sizeof(LOCAL_GRP_MEMBER));
(*num_mem)++;
}
else
@ -141,10 +142,12 @@ static char *get_alias_members(char *p, int *num_mem, LOCAL_GRP_MEMBER **members
DEBUG(0,("alias database: could not resolve alias named %s\n", name));
continue;
}
if ((*members) == NULL)
if (mbrs == NULL)
{
return NULL;
}
else (*members) = mbrs;
fstrcpy((*members)[(*num_mem)-1].name, name);
(*members)[(*num_mem)-1].sid_use = type;
sid_copy(&(*members)[(*num_mem)-1].sid, &sid);

View File

@ -138,16 +138,19 @@ DOMAIN_GRP *iterate_getgroupnam(char *name, DOMAIN_GRP_MEMBER **mem, int *num_me
*************************************************************************/
BOOL add_domain_group(DOMAIN_GRP **grps, int *num_grps, DOMAIN_GRP *grp)
{
DOMAIN_GRP *tgrps;
if (grps == NULL || num_grps == NULL || grp == NULL)
{
return False;
}
(*grps) = Realloc((*grps), ((*num_grps)+1) * sizeof(DOMAIN_GRP));
if ((*grps) == NULL)
tgrps = Realloc((*grps), ((*num_grps)+1) * sizeof(DOMAIN_GRP));
if (tgrps == NULL)
{
return False;
}
else (*grps) = tgrps;
DEBUG(10,("adding group %s(%s)\n", grp->name, grp->comment));

View File

@ -128,11 +128,14 @@ static char *get_group_members(char *p, int *num_mem, DOMAIN_GRP_MEMBER **member
while (next_token(&p, name, ",", sizeof(fstring)))
{
(*members) = Realloc((*members), ((*num_mem)+1) * sizeof(DOMAIN_GRP_MEMBER));
if ((*members) == NULL)
DOMAIN_GRP_MEMBER *mbrs;
mbrs = Realloc((*members), ((*num_mem)+1) * sizeof(DOMAIN_GRP_MEMBER));
if (mbrs == NULL)
{
return NULL;
}
else (*members) = mbrs;
fstrcpy((*members)[(*num_mem)].name, name);
(*members)[(*num_mem)].attr = 0x07;
(*num_mem)++;

View File

@ -395,7 +395,7 @@ BOOL enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
fstring string_sid;
fstring group_type;
GROUP_MAP map;
GROUP_MAP *mapt=NULL;
GROUP_MAP *mapt;
int ret;
int entries=0;
@ -433,7 +433,14 @@ BOOL enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
decode_sid_name_use(group_type, map.sid_name_use);
mapt=(GROUP_MAP *)Realloc(mapt, (entries+1)*sizeof(GROUP_MAP));
mapt=(GROUP_MAP *)Realloc((*rmap), (entries+1)*sizeof(GROUP_MAP));
if (!mapt) {
DEBUG(0,("enum_group_mapping: Unable to enlarge group map!\n"));
if (*rmap) free(*rmap);
*rmap=NULL;
return False;
}
else (*rmap) = mapt;
mapt[entries].gid = map.gid;
sid_copy( &mapt[entries].sid, &map.sid);
@ -445,7 +452,6 @@ BOOL enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
entries++;
}
*rmap=mapt;
*num_entries=entries;
return True;
}
@ -661,6 +667,7 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
struct passwd *pwd;
int i=0;
char *gr;
uid_t *u;
*num_uids = 0;
*uid=NULL;
@ -672,7 +679,12 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
DEBUG(10, ("getting members\n"));
while (gr && (*gr != (char)'\0')) {
(*uid)=Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
u = Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
if (!u) {
DEBUG(0,("get_uid_list_of_group: unable to enlarge uid list!\n"));
return False;
}
else (*uid) = u;
if( (pwd=getpwnam(gr)) !=NULL) {
(*uid)[*num_uids]=pwd->pw_uid;
@ -685,7 +697,12 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
setpwent();
while ((pwd=getpwent()) != NULL) {
if (pwd->pw_gid==gid) {
(*uid)=Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
u = Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
if (!u) {
DEBUG(0,("get_uid_list_of_group: unable to enlarge uid list!\n"));
return False;
}
else (*uid) = u;
(*uid)[*num_uids]=pwd->pw_uid;
(*num_uids)++;

View File

@ -121,7 +121,7 @@ Updated by Paul Eggert <eggert@twinsun.com>
********************************************************************/
static int TimeZoneFaster(time_t t)
{
static struct dst_table {time_t start,end; int zone;} *dst_table = NULL;
static struct dst_table {time_t start,end; int zone;} *tdt, *dst_table = NULL;
static int table_size = 0;
int i;
int zone = 0;
@ -141,11 +141,14 @@ static int TimeZoneFaster(time_t t)
time_t low,high;
zone = TimeZone(t);
dst_table = (struct dst_table *)Realloc(dst_table,
tdt = (struct dst_table *)Realloc(dst_table,
sizeof(dst_table[0])*(i+1));
if (!dst_table) {
if (!tdt) {
DEBUG(0,("TimeZoneFaster: out of memory!\n"));
if (dst_table) free (dst_table);
table_size = 0;
} else {
dst_table = tdt;
table_size++;
dst_table[i].zone = zone;

View File

@ -166,11 +166,15 @@ char *get_numlist(char *p, uint32 **num, int *count)
while ((p = Atoic(p, &val, ":,")) != NULL && (*p) != ':')
{
(*num) = Realloc((*num), ((*count)+1) * sizeof(uint32));
if ((*num) == NULL)
uint32 *tn;
tn = Realloc((*num), ((*count)+1) * sizeof(uint32));
if (tn == NULL)
{
if (*num) free(*num);
return NULL;
}
else (*num) = tn;
(*num)[(*count)] = val;
(*count)++;
p++;

View File

@ -58,15 +58,18 @@ void* add_copy_to_array(uint32 *len, void ***array, const void *item,
void* add_item_to_array(uint32 *len, void ***array, void *item)
{
void **tary;
if (len == NULL || array == NULL)
{
return NULL;
}
(*array) = (void**)Realloc((*array), ((*len)+1)*sizeof((*array)[0]));
tary = (void**)Realloc((*array), ((*len)+1)*sizeof((*array)[0]));
if ((*array) != NULL)
if (tary != NULL)
{
(*array) = tary;
(*array)[(*len)] = item;
(*len)++;
return item;

View File

@ -287,7 +287,7 @@ char *fgets_slash(char *s2,int maxlen,FILE *f)
if (!s2)
{
maxlen = MIN(maxlen,8);
s = (char *)Realloc(s,maxlen);
s = (char *)malloc(maxlen);
}
if (!s) return(NULL);
@ -327,9 +327,15 @@ char *fgets_slash(char *s2,int maxlen,FILE *f)
}
if (!s2 && len > maxlen-3)
{
char *t;
maxlen *= 2;
s = (char *)Realloc(s,maxlen);
if (!s) return(NULL);
t = (char *)Realloc(s,maxlen);
if (!t) {
DEBUG(0,("fgets_slash: failed to expand buffer!\n"));
if (s) free(s);
return(NULL);
} else s = t;
}
}
return(s);
@ -342,7 +348,7 @@ load from a pipe into memory
char *file_pload(char *syscmd, size_t *size)
{
int fd, n;
char *p;
char *p, *tp;
pstring buf;
size_t total;
@ -353,11 +359,13 @@ char *file_pload(char *syscmd, size_t *size)
total = 0;
while ((n = read(fd, buf, sizeof(buf))) > 0) {
p = Realloc(p, total + n + 1);
if (!p) {
tp = Realloc(p, total + n + 1);
if (!tp) {
DEBUG(0,("file_pload: failed to exand buffer!\n"));
close(fd);
if (p) free(p);
return NULL;
}
} else p = tp;
memcpy(p+total, buf, n);
total += n;
}

View File

@ -141,7 +141,7 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
pstring mask;
file_info finfo;
int i;
char *dirlist = NULL;
char *tdl, *dirlist = NULL;
int dirlist_len = 0;
int total_received = -1;
BOOL First = True;
@ -259,12 +259,13 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
}
/* and add them to the dirlist pool */
dirlist = Realloc(dirlist,dirlist_len + data_len);
tdl = Realloc(dirlist,dirlist_len + data_len);
if (!dirlist) {
DEBUG(0,("Failed to expand dirlist\n"));
if (!tdl) {
DEBUG(0,("cli_list_new: Failed to expand dirlist\n"));
break;
}
else dirlist = tdl;
/* put in a length for the last entry, to ensure we can chain entries
into the next packet */
@ -340,7 +341,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute,
int num_asked = (cli->max_xmit - 100)/DIR_STRUCT_SIZE;
int num_received = 0;
int i;
char *dirlist = NULL;
char *tdl, *dirlist = NULL;
pstring mask;
ZERO_ARRAY(status);
@ -385,10 +386,14 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute,
first = False;
dirlist = Realloc(dirlist,(num_received + received)*DIR_STRUCT_SIZE);
tdl = Realloc(dirlist,(num_received + received)*DIR_STRUCT_SIZE);
if (!dirlist)
if (!tdl) {
DEBUG(0,("cli_list_old: failed to expand dirlist"));
if (dirlist) free(dirlist);
return 0;
}
else dirlist = tdl;
p = smb_buf(cli->inbuf) + 3;

View File

@ -147,6 +147,7 @@ BOOL cli_receive_trans(struct cli_state *cli,int trans,
int this_data,this_param;
uint8 eclass;
uint32 ecode;
char *tdata;
*data_len = *param_len = 0;
@ -187,8 +188,18 @@ BOOL cli_receive_trans(struct cli_state *cli,int trans,
total_param = SVAL(cli->inbuf,smb_tprcnt);
/* allocate it */
*data = Realloc(*data,total_data);
*param = Realloc(*param,total_param);
tdata = Realloc(*data,total_data);
if (!tdata) {
DEBUG(0,("cli_receive_trans: failed to enlarge buffer"));
return False;
}
else *data = tdata;
tdata = Realloc(*param,total_param);
if (!tdata) {
DEBUG(0,("cli_receive_trans: failed to enlarge buffer"));
return False;
}
else *param = tdata;
while (1) {
this_data = SVAL(cli->inbuf,smb_drcnt);
@ -358,6 +369,7 @@ BOOL cli_receive_nt_trans(struct cli_state *cli,
int this_data,this_param;
uint8 eclass;
uint32 ecode;
char *tdata;
*data_len = *param_len = 0;
@ -389,8 +401,18 @@ BOOL cli_receive_nt_trans(struct cli_state *cli,
total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount);
/* allocate it */
*data = Realloc(*data,total_data);
*param = Realloc(*param,total_param);
tdata = Realloc(*data,total_data);
if (!tdata) {
DEBUG(0,("cli_receive_nt_trans: failed to enlarge buffer"));
return False;
}
else *data = tdata;
tdata = Realloc(*param,total_param);
if (!tdata) {
DEBUG(0,("cli_receive_nt_trans: failed to enlarge buffer"));
return False;
}
else *param = tdata;
while (1) {
this_data = SVAL(cli->inbuf,smb_ntr_DataCount);

View File

@ -218,6 +218,7 @@ BOOL brl_lock(SMB_DEV_T dev, SMB_INO_T ino, int fnum,
TDB_DATA kbuf, dbuf;
int count, i;
struct lock_struct lock, *locks;
char *tp;
kbuf = locking_key(dev,ino);
@ -246,8 +247,9 @@ BOOL brl_lock(SMB_DEV_T dev, SMB_INO_T ino, int fnum,
}
/* no conflicts - add it to the list of locks */
dbuf.dptr = Realloc(dbuf.dptr, dbuf.dsize + sizeof(*locks));
if (!dbuf.dptr) goto fail;
tp = Realloc(dbuf.dptr, dbuf.dsize + sizeof(*locks));
if (!tp) goto fail;
else dbuf.dptr = tp;
memcpy(dbuf.dptr + dbuf.dsize, &lock, sizeof(lock));
dbuf.dsize += sizeof(lock);
tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);

View File

@ -98,16 +98,19 @@ static BOOL add_fd_to_close_entry(files_struct *fsp)
{
TDB_DATA kbuf = locking_key_fsp(fsp);
TDB_DATA dbuf;
char *tp;
dbuf.dptr = NULL;
dbuf = tdb_fetch(posix_pending_close_tdb, kbuf);
dbuf.dptr = Realloc(dbuf.dptr, dbuf.dsize + sizeof(int));
if (!dbuf.dptr) {
tp = Realloc(dbuf.dptr, dbuf.dsize + sizeof(int));
if (!tp) {
DEBUG(0,("add_fd_to_close_entry: Realloc fail !\n"));
if (dbuf.dptr) free(dbuf.dptr);
return False;
}
else dbuf.dptr = tp;
memcpy(dbuf.dptr + dbuf.dsize, &fsp->fd, sizeof(int));
dbuf.dsize += sizeof(int);
@ -354,6 +357,7 @@ static BOOL add_posix_lock_entry(files_struct *fsp, SMB_OFF_T start, SMB_OFF_T s
TDB_DATA kbuf = locking_key_fsp(fsp);
TDB_DATA dbuf;
struct posix_lock pl;
char *tp;
dbuf.dptr = NULL;
@ -370,11 +374,12 @@ static BOOL add_posix_lock_entry(files_struct *fsp, SMB_OFF_T start, SMB_OFF_T s
pl.size = size;
pl.lock_type = lock_type;
dbuf.dptr = Realloc(dbuf.dptr, dbuf.dsize + sizeof(pl));
if (!dbuf.dptr) {
tp = Realloc(dbuf.dptr, dbuf.dsize + sizeof(pl));
if (!tp) {
DEBUG(0,("add_posix_lock_entry: Realloc fail !\n"));
goto fail;
}
else dbuf.dptr = tp;
memcpy(dbuf.dptr + dbuf.dsize, &pl, sizeof(pl));
dbuf.dsize += sizeof(pl);

View File

@ -398,11 +398,12 @@ static int setup_ver2_dfs_referral(char* pathname, char** ppdata,
/* add the unexplained 0x16 bytes */
reply_size += 0x16;
pdata = *ppdata = Realloc(pdata,reply_size);
pdata = Realloc(pdata,reply_size);
if(pdata == NULL) {
DEBUG(0,("malloc failed for Realloc!\n"));
return -1;
}
else *ppdata = pdata;
/* copy in the dfs requested paths.. required for offset calculations */
memcpy(pdata+uni_reqpathoffset1,uni_requestedpath,requestedpathlen);
@ -476,11 +477,12 @@ static int setup_ver3_dfs_referral(char* pathname, char** ppdata,
reply_size += (strlen(junction->referral_list[i].alternate_path)+1)*2;
}
pdata = *ppdata = Realloc(pdata,reply_size);
pdata = Realloc(pdata,reply_size);
if(pdata == NULL) {
DEBUG(0,("version3 referral setup: malloc failed for Realloc!\n"));
return -1;
}
else *ppdata = pdata;
/* create the header */
SSVAL(pdata,0,reqpathlen-2); /* path consumed */

View File

@ -278,7 +278,7 @@ static int wb_getgroups(char *user, gid_t **groups)
int winbind_initgroups(char *user, gid_t gid)
{
gid_t *groups = NULL;
gid_t *tgr, *groups = NULL;
int result;
char *sep;
@ -310,13 +310,14 @@ int winbind_initgroups(char *user, gid_t gid)
/* Add group to list if necessary */
if (!is_member) {
groups = Realloc(groups, sizeof(gid_t) * ngroups + 1);
tgr = Realloc(groups, sizeof(gid_t) * ngroups + 1);
if (!groups) {
if (!tgr) {
errno = ENOMEM;
result = -1;
goto done;
}
else groups = tgr;
groups[ngroups] = gid;
ngroups++;

View File

@ -764,7 +764,7 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state)
uint32 total_entries = 0;
struct winbindd_domain *domain;
struct getent_state groups;
char *extra_data = NULL;
char *ted, *extra_data = NULL;
int extra_data_len = 0, i;
DEBUG(3, ("[%5d]: list groups\n", state->pid));
@ -794,12 +794,15 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state)
account names to sizeof(fstring) = 128 characters. */
total_entries += groups.num_sam_entries;
extra_data = Realloc(extra_data,
ted = Realloc(extra_data,
sizeof(fstring) * total_entries);
if (!extra_data) {
if (!ted) {
DEBUG(0,("winbindd_list_groups: failed to enlarge buffer!\n"));
if (extra_data) free(extra_data);
return WINBINDD_ERROR;
}
else extra_data = ted;
/* Pack group list into extra data fields */

View File

@ -136,7 +136,7 @@ enum winbindd_result winbindd_list_trusted_domains(struct winbindd_cli_state
{
struct winbindd_domain *domain;
int total_entries = 0, extra_data_len = 0;
char *extra_data = NULL;
char *ted, *extra_data = NULL;
DEBUG(3, ("[%5d]: list trusted domains\n", state->pid));
@ -149,10 +149,15 @@ enum winbindd_result winbindd_list_trusted_domains(struct winbindd_cli_state
/* Add domain to list */
total_entries++;
extra_data = Realloc(extra_data, sizeof(fstring) *
ted = Realloc(extra_data, sizeof(fstring) *
total_entries);
if (!extra_data) return WINBINDD_ERROR;
if (!ted) {
DEBUG(0,("winbindd_list_trusted_domains: failed to enlarge buffer!\n"));
if (extra_data) free(extra_data);
return WINBINDD_ERROR;
}
else extra_data = ted;
memcpy(&extra_data[extra_data_len], domain->name,
strlen(domain->name));

View File

@ -594,7 +594,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state)
SAM_DISPINFO_CTR ctr;
SAM_DISPINFO_1 info1;
uint32 num_entries = 0, total_entries = 0;
char *extra_data = NULL;
char *ted, *extra_data = NULL;
int extra_data_len = 0;
DEBUG(3, ("[%5d]: list users\n", state->pid));
@ -635,12 +635,15 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state)
total_entries += num_entries;
extra_data = Realloc(extra_data, sizeof(fstring) *
ted = Realloc(extra_data, sizeof(fstring) *
total_entries);
if (!extra_data) {
if (!ted) {
DEBUG(0,("winbindd_list_users: failed to enlarge buffer!\n"));
if (extra_data) free(extra_data);
return WINBINDD_ERROR;
}
else extra_data = ted;
/* Pack user list into extra data fields */

View File

@ -1782,16 +1782,25 @@ static int add_a_service(service * pservice, char *name)
/* if not, then create one */
if (i == iNumServices)
{
ServicePtrs =
(service **) Realloc(ServicePtrs,
sizeof(service *) *
num_to_alloc);
if (ServicePtrs)
service **tsp;
tsp = (service **) Realloc(ServicePtrs,
sizeof(service *) *
num_to_alloc);
if (!tsp) {
DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
return (-1);
}
else {
ServicePtrs = tsp;
ServicePtrs[iNumServices] =
(service *) malloc(sizeof(service));
if (!ServicePtrs || !ServicePtrs[iNumServices])
}
if (!ServicePtrs[iNumServices]) {
DEBUG(0,("add_a_service: out of memory!\n"));
return (-1);
}
iNumServices++;
}

View File

@ -238,13 +238,16 @@ static BOOL Section( myFILE *InFile, BOOL (*sfunc)(char *) )
/* Check that the buffer is big enough for the next character. */
if( i > (bSize - 2) )
{
bSize += BUFR_INC;
bufr = Realloc( bufr, bSize );
if( NULL == bufr )
char *tb;
tb = Realloc( bufr, bSize +BUFR_INC );
if( NULL == tb )
{
DEBUG(0, ("%s Memory re-allocation failure.", func) );
return( False );
}
bufr = tb;
bSize += BUFR_INC;
}
/* Handle a single character. */
@ -332,13 +335,16 @@ static BOOL Parameter( myFILE *InFile, BOOL (*pfunc)(char *, char *), int c )
if( i > (bSize - 2) ) /* Ensure there's space for next char. */
{
bSize += BUFR_INC;
bufr = Realloc( bufr, bSize );
if( NULL == bufr )
char *tb;
tb = Realloc( bufr, bSize + BUFR_INC );
if( NULL == tb )
{
DEBUG(0, ("%s Memory re-allocation failure.", func) );
return( False );
}
bufr = tb;
bSize += BUFR_INC;
}
switch( c )
@ -397,13 +403,16 @@ static BOOL Parameter( myFILE *InFile, BOOL (*pfunc)(char *, char *), int c )
if( i > (bSize - 2) ) /* Make sure there's enough room. */
{
bSize += BUFR_INC;
bufr = Realloc( bufr, bSize );
if( NULL == bufr )
char *tb;
tb = Realloc( bufr, bSize + BUFR_INC );
if( NULL == tb )
{
DEBUG(0, ("%s Memory re-allocation failure.", func) );
return( False );
}
bufr = tb;
bSize += BUFR_INC;
}
switch( c )

View File

@ -378,7 +378,7 @@ static void ldap_get_sam_passwd(LDAP *ldap_struct, LDAPMessage *entry,
************************************************************************/
static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *value)
{
LDAPMod **mods;
LDAPMod **mods, **tmods;
int i;
int j;
@ -386,12 +386,13 @@ static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *valu
if (mods == NULL)
{
mods = (LDAPMod **)malloc( sizeof(LDAPMod *) );
if (mods == NULL)
tmods = (LDAPMod **)malloc( sizeof(LDAPMod *) );
if (tmods == NULL)
{
DEBUG(0,("make_a_mod: out of memory!\n"));
return;
}
mods = tmods;
mods[0] = NULL;
}
@ -406,12 +407,13 @@ static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *valu
if (mods[i] == NULL)
{
mods = (LDAPMod **)Realloc( mods, (i+2) * sizeof( LDAPMod * ) );
if (mods == NULL)
tmods = (LDAPMod **)Realloc( mods, (i+2) * sizeof( LDAPMod * ) );
if (tmods == NULL)
{
DEBUG(0,("make_a_mod: out of memory!\n"));
return;
}
mods = tmods;
mods[i] = (LDAPMod *)malloc( sizeof( LDAPMod ) );
if (mods[i] == NULL)
{
@ -426,18 +428,21 @@ static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *valu
if (value ! = NULL )
{
char **tmval;
j = 0;
if ( mods[ i ]->mod_values ! = NULL )
{
for ( ; mods[ i ]->mod_values[ j ] ! = NULL; j++ );
}
mods[ i ]->mod_values = (char **)Realloc(mods[ i ]->mod_values,
tmval = (char **)Realloc(mods[ i ]->mod_values,
(j+2) * sizeof( char * ));
if ( mods[ i ]->mod_values == NULL)
if ( tmval == NULL)
{
DEBUG(0, "make_a_mod: Memory allocation failure!\n");
return;
}
mods[ i ]->mod_values = tmval;
mods[ i ]->mod_values[ j ] = strdup(value);
mods[ i ]->mod_values[ j + 1 ] = NULL;
}

View File

@ -316,6 +316,7 @@ get a form struct list
int get_ntforms(nt_forms_struct **list)
{
TDB_DATA kbuf, newkey, dbuf;
nt_forms_struct *tl;
nt_forms_struct form;
int ret;
int i;
@ -336,11 +337,12 @@ int get_ntforms(nt_forms_struct **list)
safe_free(dbuf.dptr);
if (ret != dbuf.dsize) continue;
*list = Realloc(*list, sizeof(nt_forms_struct)*(n+1));
if (!*list) {
tl = Realloc(*list, sizeof(nt_forms_struct)*(n+1));
if (!tl) {
DEBUG(0,("get_ntforms: Realloc fail.\n"));
return 0;
}
*list = tl;
(*list)[n] = form;
n++;
}
@ -385,6 +387,7 @@ BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count)
int n=0;
BOOL update;
fstring form_name;
nt_forms_struct *tl;
/*
* NT tries to add forms even when
@ -404,8 +407,11 @@ BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count)
}
if (update==False) {
if((*list=Realloc(*list, (n+1)*sizeof(nt_forms_struct))) == NULL)
if((tl=Realloc(*list, (n+1)*sizeof(nt_forms_struct))) == NULL) {
DEBUG(0,("add_a_form: failed to enlarge forms list!\n"));
return False;
}
*list = tl;
unistr2_to_ascii((*list)[n].name, &form->name, sizeof((*list)[n].name)-1);
(*count)++;
}
@ -496,6 +502,7 @@ int get_ntdrivers(fstring **list, char *architecture, uint32 version)
{
int total=0;
fstring short_archi;
fstring *fl;
pstring key;
TDB_DATA kbuf, newkey;
@ -507,8 +514,11 @@ int get_ntdrivers(fstring **list, char *architecture, uint32 version)
newkey = tdb_nextkey(tdb_drivers, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
if (strncmp(kbuf.dptr, key, strlen(key)) != 0) continue;
if((*list = Realloc(*list, sizeof(fstring)*(total+1))) == NULL)
if((fl = Realloc(*list, sizeof(fstring)*(total+1))) == NULL) {
DEBUG(0,("get_ntdrivers: failed to enlarge list!\n"));
return -1;
}
else *list = fl;
fstrcpy((*list)[total], kbuf.dptr+strlen(key));
total++;
@ -1520,7 +1530,15 @@ static uint32 add_a_printer_driver_3(NT_PRINTER_DRIVER_INFO_LEVEL_3 *driver)
}
if (len != buflen) {
buf = (char *)Realloc(buf, len);
char *tb;
tb = (char *)Realloc(buf, len);
if (!tb) {
DEBUG(0,("add_a_printer_driver_3: failed to enlarge buffer\n!"));
ret = -1;
goto done;
}
else buf = tb;
buflen = len;
goto again;
}
@ -1533,6 +1551,7 @@ static uint32 add_a_printer_driver_3(NT_PRINTER_DRIVER_INFO_LEVEL_3 *driver)
ret = tdb_store(tdb_drivers, kbuf, dbuf, TDB_REPLACE);
done:
if (ret)
DEBUG(0,("add_a_printer_driver_3: Adding driver with key %s failed.\n", key ));
@ -1630,10 +1649,15 @@ static uint32 get_a_printer_driver_3(NT_PRINTER_DRIVER_INFO_LEVEL_3 **info_ptr,
i=0;
while (len < dbuf.dsize) {
driver.dependentfiles = (fstring *)Realloc(driver.dependentfiles,
fstring *tddfs;
tddfs = (fstring *)Realloc(driver.dependentfiles,
sizeof(fstring)*(i+2));
if (driver.dependentfiles == NULL)
if (tddfs == NULL) {
DEBUG(0,("get_a_printer_driver_3: failed to enlarge buffer!\n"));
break;
}
else driver.dependentfiles = tddfs;
len += tdb_unpack(dbuf.dptr+len, dbuf.dsize-len, "f",
&driver.dependentfiles[i]);
@ -1936,7 +1960,15 @@ static uint32 update_a_printer_2(NT_PRINTER_INFO_LEVEL_2 *info)
len += pack_specifics(info->specific, buf+len, buflen-len);
if (buflen != len) {
buf = (char *)Realloc(buf, len);
char *tb;
tb = (char *)Realloc(buf, len);
if (!tb) {
DEBUG(0,("update_a_printer_2: failed to enlarge buffer!\n"));
ret = -1;
goto done;
}
else buf = tb;
buflen = len;
goto again;
}
@ -1951,6 +1983,7 @@ static uint32 update_a_printer_2(NT_PRINTER_INFO_LEVEL_2 *info)
ret = tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE);
done:
if (ret == -1)
DEBUG(8, ("error updating printer to tdb on disk\n"));
@ -2793,7 +2826,15 @@ static uint32 update_driver_init_2(NT_PRINTER_INFO_LEVEL_2 *info)
len += pack_specifics(info->specific, buf+len, buflen-len);
if (buflen != len) {
buf = (char *)Realloc(buf, len);
char *tb;
tb = (char *)Realloc(buf, len);
if (!tb) {
DEBUG(0, ("update_driver_init_2: failed to enlarge buffer!\n"));
ret = -1;
goto done;
}
else buf = tb;
buflen = len;
goto again;
}
@ -2807,6 +2848,7 @@ static uint32 update_driver_init_2(NT_PRINTER_INFO_LEVEL_2 *info)
ret = tdb_store(tdb_drivers, kbuf, dbuf, TDB_REPLACE);
done:
if (ret == -1)
DEBUG(8, ("update_driver_init_2: error updating printer init to tdb on disk\n"));

View File

@ -90,8 +90,7 @@ BOOL make_creds_unix_sec(CREDS_UNIX_SEC *r_u,
r_u->uid = uid;
r_u->gid = gid;
r_u->num_grps = num_grps;
r_u->grps = (uint32*)Realloc(NULL, sizeof(r_u->grps[0]) *
r_u->num_grps);
r_u->grps = (uint32*)malloc(sizeof(r_u->grps[0]) * r_u->num_grps);
if (r_u->grps == NULL && num_grps != 0)
{
return False;
@ -123,14 +122,17 @@ BOOL creds_io_unix_sec(char *desc, CREDS_UNIX_SEC *r_u, prs_struct *ps, int dept
prs_uint32("num_grps", ps, depth, (uint32 *)&(r_u->num_grps));
if (r_u->num_grps != 0)
{
r_u->grps = (uint32*)Realloc(r_u->grps,
uint32 *tgr;
tgr = (uint32*)Realloc(r_u->grps,
sizeof(r_u->grps[0]) *
r_u->num_grps);
if (r_u->grps == NULL)
if (tgr == NULL)
{
creds_free_unix_sec(r_u);
return False;
}
else r_u->grps = tgr;
}
for (i = 0; i < r_u->num_grps; i++)
{
@ -165,8 +167,7 @@ BOOL make_creds_nt_sec(CREDS_NT_SEC *r_u,
sid_copy(&r_u->sid, sid);
r_u->num_grps = num_grps;
r_u->grp_rids = (uint32*)Realloc(NULL, sizeof(r_u->grp_rids[0]) *
r_u->num_grps);
r_u->grp_rids = (uint32*)malloc(sizeof(r_u->grp_rids[0]) * r_u->num_grps);
if (r_u->grp_rids == NULL && num_grps != 0)
{
@ -199,14 +200,17 @@ BOOL creds_io_nt_sec(char *desc, CREDS_NT_SEC *r_u, prs_struct *ps, int depth)
prs_uint32("num_grps", ps, depth, &(r_u->num_grps));
if (r_u->num_grps != 0)
{
r_u->grp_rids = (uint32*)Realloc(r_u->grp_rids,
uint32 *tgrid;
tgrid = (uint32*)Realloc(r_u->grp_rids,
sizeof(r_u->grp_rids[0]) *
r_u->num_grps);
if (r_u->grp_rids == NULL)
if (tgrid == NULL)
{
creds_free_nt_sec(r_u);
return False;
}
else r_u->grp_rids = tgrid;
}
for (i = 0; i < r_u->num_grps; i++)
{

View File

@ -1861,12 +1861,17 @@ static BOOL smb_io_relarraystr(char *desc, NEW_BUFFER *buffer, int depth, uint16
an extra NULL for termination */
if (l_chaine > 0)
{
uint16 *tc2;
realloc_size = (l_chaine2+l_chaine+2)*sizeof(uint16);
/* Yes this should be realloc - it's freed below. JRA */
if((chaine2=(uint16 *)Realloc(chaine2, realloc_size)) == NULL)
if((tc2=(uint16 *)Realloc(chaine2, realloc_size)) == NULL) {
if (chaine2) free(chaine2);
return False;
}
else chaine2 = tc2;
memcpy(chaine2+l_chaine2, chaine.buffer, (l_chaine+1)*sizeof(uint16));
l_chaine2+=l_chaine+1;
}
@ -4703,7 +4708,7 @@ BOOL spool_io_printer_driver_info_level_6(char *desc, SPOOL_PRINTER_DRIVER_INFO_
********************************************************************/
static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
{
fstring f;
fstring f, *tar;
int n = 0;
char *src;
@ -4715,7 +4720,9 @@ static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
while (src < ((char *)buf5->buffer) + buf5->buf_len*2) {
rpcstr_pull(f, src, sizeof(f)-1, -1, 0);
src = skip_unibuf(src, 2*buf5->buf_len - PTR_DIFF(src,buf5->buffer));
*ar = (fstring *)Realloc(*ar, sizeof(fstring)*(n+2));
tar = (fstring *)Realloc(*ar, sizeof(fstring)*(n+2));
if (!tar) return False;
else *ar = tar;
fstrcpy((*ar)[n], f);
n++;
}
@ -4993,9 +5000,11 @@ BOOL uni_2_asc_printer_driver_3(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *uni,
DEBUGADD(8,( "monitorname: %s\n", d->monitorname));
DEBUGADD(8,( "defaultdatatype: %s\n", d->defaultdatatype));
uniarray_2_dosarray(&uni->dependentfiles, &d->dependentfiles );
return True;
if (uniarray_2_dosarray(&uni->dependentfiles, &d->dependentfiles ))
return True;
free(*asc);
return False;
}
/*******************************************************************
@ -5038,10 +5047,16 @@ BOOL uni_2_asc_printer_driver_6(SPOOL_PRINTER_DRIVER_INFO_LEVEL_6 *uni,
DEBUGADD(8,( "monitorname: %s\n", d->monitorname));
DEBUGADD(8,( "defaultdatatype: %s\n", d->defaultdatatype));
uniarray_2_dosarray(&uni->dependentfiles, &d->dependentfiles );
uniarray_2_dosarray(&uni->previousnames, &d->previousnames );
if (!uniarray_2_dosarray(&uni->dependentfiles, &d->dependentfiles ))
goto error;
if (!uniarray_2_dosarray(&uni->previousnames, &d->previousnames ))
goto error;
return True;
error:
free(*asc);
return False;
}
BOOL uni_2_asc_printer_info_2(const SPOOL_PRINTER_INFO_LEVEL_2 *uni,

View File

@ -915,20 +915,24 @@ static BOOL convert_printer_info(const SPOOL_PRINTER_INFO_LEVEL *uni,
static BOOL convert_printer_driver_info(const SPOOL_PRINTER_DRIVER_INFO_LEVEL *uni,
NT_PRINTER_DRIVER_INFO_LEVEL *printer, uint32 level)
{
BOOL result = True;
switch (level) {
case 3:
printer->info_3=NULL;
uni_2_asc_printer_driver_3(uni->info_3, &printer->info_3);
if (!uni_2_asc_printer_driver_3(uni->info_3, &printer->info_3))
result = False;
break;
case 6:
printer->info_6=NULL;
uni_2_asc_printer_driver_6(uni->info_6, &printer->info_6);
if (!uni_2_asc_printer_driver_6(uni->info_6, &printer->info_6))
result = False;
break;
default:
break;
}
return True;
return result;
}
BOOL convert_devicemode(char *printername, const DEVICEMODE *devmode,
@ -2200,7 +2204,7 @@ static BOOL construct_notify_printer_info(SPOOL_NOTIFY_INFO *info, int
uint16 type;
uint16 field;
SPOOL_NOTIFY_INFO_DATA *current_data;
SPOOL_NOTIFY_INFO_DATA *current_data, *tid;
NT_PRINTER_INFO_LEVEL *printer = NULL;
print_queue_struct *queue=NULL;
@ -2220,9 +2224,12 @@ static BOOL construct_notify_printer_info(SPOOL_NOTIFY_INFO *info, int
if (!search_notify(type, field, &j) )
continue;
if((info->data=(SPOOL_NOTIFY_INFO_DATA *)Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
if((tid=(SPOOL_NOTIFY_INFO_DATA *)Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
DEBUG(0,("construct_notify_printer_info: failed to enlarge buffer info->data!\n"));
return False;
}
else info->data = tid;
current_data=&info->data[info->count];
construct_info_data(current_data, type, field, id);
@ -2256,7 +2263,7 @@ static BOOL construct_notify_jobs_info(print_queue_struct *queue,
uint16 type;
uint16 field;
SPOOL_NOTIFY_INFO_DATA *current_data;
SPOOL_NOTIFY_INFO_DATA *current_data, *tid;
DEBUG(4,("construct_notify_jobs_info\n"));
@ -2272,9 +2279,11 @@ static BOOL construct_notify_jobs_info(print_queue_struct *queue,
if (!search_notify(type, field, &j) )
continue;
if((info->data=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
if((tid=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
DEBUG(0,("construct_notify_jobs_info: failed to enlarg buffer info->data!\n"));
return False;
}
else info->data = tid;
current_data=&(info->data[info->count]);
@ -2877,7 +2886,7 @@ static BOOL enum_all_printers_info_1(uint32 flags, NEW_BUFFER *buffer, uint32 of
int snum;
int i;
int n_services=lp_numservices();
PRINTER_INFO_1 *printers=NULL;
PRINTER_INFO_1 *tp, *printers=NULL;
PRINTER_INFO_1 current_prt;
DEBUG(4,("enum_all_printers_info_1\n"));
@ -2887,10 +2896,13 @@ static BOOL enum_all_printers_info_1(uint32 flags, NEW_BUFFER *buffer, uint32 of
DEBUG(4,("Found a printer in smb.conf: %s[%x]\n", lp_servicename(snum), snum));
if (construct_printer_info_1(flags, &current_prt, snum)) {
if((printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_1))) == NULL) {
if((tp=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_1))) == NULL) {
DEBUG(0,("enum_all_printers_info_1: failed to enlarge printers buffer!\n"));
safe_free(printers);
*returned=0;
return ERRnomem;
}
else printers = tp;
DEBUG(4,("ReAlloced memory for [%d] PRINTER_INFO_1\n", *returned));
memcpy(&printers[*returned], &current_prt, sizeof(PRINTER_INFO_1));
(*returned)++;
@ -3024,7 +3036,7 @@ static BOOL enum_all_printers_info_2(NEW_BUFFER *buffer, uint32 offered, uint32
int snum;
int i;
int n_services=lp_numservices();
PRINTER_INFO_2 *printers=NULL;
PRINTER_INFO_2 *tp, *printers=NULL;
PRINTER_INFO_2 current_prt;
for (snum=0; snum<n_services; snum++) {
@ -3032,8 +3044,13 @@ static BOOL enum_all_printers_info_2(NEW_BUFFER *buffer, uint32 offered, uint32
DEBUG(4,("Found a printer in smb.conf: %s[%x]\n", lp_servicename(snum), snum));
if (construct_printer_info_2(&current_prt, snum)) {
if((printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_2))) == NULL)
if((tp=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_2))) == NULL) {
DEBUG(0,("enum_all_printers_info_2: failed to enlarge printers buffer!\n"));
safe_free(printers);
*returned = 0;
return ERRnomem;
}
else printers = tp;
DEBUG(4,("ReAlloced memory for [%d] PRINTER_INFO_2\n", *returned));
memcpy(&printers[*returned], &current_prt, sizeof(PRINTER_INFO_2));
(*returned)++;
@ -3460,6 +3477,7 @@ static void init_unistr_array(uint16 **uni_array, fstring *char_array, char *ser
int j=0;
char *v;
pstring line;
uint16 *tuary;
DEBUG(6,("init_unistr_array\n"));
*uni_array=NULL;
@ -3474,10 +3492,11 @@ static void init_unistr_array(uint16 **uni_array, fstring *char_array, char *ser
if (strlen(v) == 0) break;
slprintf(line, sizeof(line)-1, "\\\\%s%s", servername, v);
DEBUGADD(6,("%d:%s:%d\n", i, line, strlen(line)));
if((*uni_array=Realloc(*uni_array, (j+strlen(line)+2)*sizeof(uint16))) == NULL) {
if((tuary=Realloc(*uni_array, (j+strlen(line)+2)*sizeof(uint16))) == NULL) {
DEBUG(0,("init_unistr_array: Realloc error\n" ));
return;
}
else *uni_array = tuary;
j += (rpcstr_push((*uni_array+j), line, sizeof(uint16)*strlen(line)+2, 0)/ sizeof(uint16));
i++;
}
@ -4984,7 +5003,7 @@ static uint32 enumprinterdrivers_level1(fstring servername, fstring architecture
fstring *list = NULL;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_1 *driver_info_1=NULL;
DRIVER_INFO_1 *tdi1, *driver_info_1=NULL;
*returned=0;
@ -4999,10 +5018,13 @@ static uint32 enumprinterdrivers_level1(fstring servername, fstring architecture
return ERRnomem;
if(ndrivers != 0) {
if((driver_info_1=(DRIVER_INFO_1 *)Realloc(driver_info_1, (*returned+ndrivers) * sizeof(DRIVER_INFO_1))) == NULL) {
if((tdi1=(DRIVER_INFO_1 *)Realloc(driver_info_1, (*returned+ndrivers) * sizeof(DRIVER_INFO_1))) == NULL) {
DEBUG(0,("enumprinterdrivers_level1: failed to enlarge driver info buffer!\n"));
safe_free(driver_info_1);
safe_free(list);
return ERRnomem;
}
else driver_info_1 = tdi1;
}
for (i=0; i<ndrivers; i++) {
@ -5059,7 +5081,7 @@ static uint32 enumprinterdrivers_level2(fstring servername, fstring architecture
fstring *list = NULL;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_2 *driver_info_2=NULL;
DRIVER_INFO_2 *tdi2, *driver_info_2=NULL;
*returned=0;
@ -5074,10 +5096,13 @@ static uint32 enumprinterdrivers_level2(fstring servername, fstring architecture
return ERRnomem;
if(ndrivers != 0) {
if((driver_info_2=(DRIVER_INFO_2 *)Realloc(driver_info_2, (*returned+ndrivers) * sizeof(DRIVER_INFO_2))) == NULL) {
if((tdi2=(DRIVER_INFO_2 *)Realloc(driver_info_2, (*returned+ndrivers) * sizeof(DRIVER_INFO_2))) == NULL) {
DEBUG(0,("enumprinterdrivers_level2: failed to enlarge driver info buffer!\n"));
safe_free(driver_info_2);
safe_free(list);
return ERRnomem;
}
else driver_info_2 = tdi2;
}
for (i=0; i<ndrivers; i++) {
@ -5135,7 +5160,7 @@ static uint32 enumprinterdrivers_level3(fstring servername, fstring architecture
fstring *list = NULL;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_3 *driver_info_3=NULL;
DRIVER_INFO_3 *tdi3, *driver_info_3=NULL;
*returned=0;
@ -5150,10 +5175,13 @@ static uint32 enumprinterdrivers_level3(fstring servername, fstring architecture
return ERRnomem;
if(ndrivers != 0) {
if((driver_info_3=(DRIVER_INFO_3 *)Realloc(driver_info_3, (*returned+ndrivers) * sizeof(DRIVER_INFO_3))) == NULL) {
if((tdi3=(DRIVER_INFO_3 *)Realloc(driver_info_3, (*returned+ndrivers) * sizeof(DRIVER_INFO_3))) == NULL) {
DEBUG(0,("enumprinterdrivers_level3: failed to enlarge driver info buffer!\n"));
safe_free(driver_info_3);
safe_free(list);
return ERRnomem;
}
else driver_info_3 = tdi3;
}
for (i=0; i<ndrivers; i++) {
@ -5811,7 +5839,10 @@ uint32 _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u,
get_current_user(&user, p);
convert_printer_driver_info(info, &driver, level);
if (!convert_printer_driver_info(info, &driver, level)) {
err = ERRnomem;
goto done;
}
DEBUG(5,("Cleaning driver's information\n"));
if ((err = clean_up_driver_struct(driver, level, &user)) != ERRsuccess )

View File

@ -1123,10 +1123,16 @@ static int get_server_info(uint32 servertype,
if (!*ptr) continue;
if (count == alloced) {
struct srv_info_struct *ts;
alloced += 10;
(*servers) = (struct srv_info_struct *)
ts = (struct srv_info_struct *)
Realloc(*servers,sizeof(**servers)*alloced);
if (!(*servers)) return(0);
if (!ts) {
DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n"));
return(0);
}
else *servers = ts;
memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count));
}
s = &(*servers)[count];

View File

@ -80,16 +80,19 @@ add a entry to a directory listing
static void smbw_dir_add(struct file_info *finfo, const char *mask,
void *state)
{
struct file_info *cdl;
DEBUG(5,("%s\n", finfo->name));
if (cur_dir->malloced == cur_dir->count) {
cur_dir->list = (struct file_info *)Realloc(cur_dir->list,
cdl = (struct file_info *)Realloc(cur_dir->list,
sizeof(cur_dir->list[0])*
(cur_dir->count+100));
if (!cur_dir->list) {
/* oops */
return;
}
cur_dir->list = cdl;
cur_dir->malloced += 100;
}