diff options
author | Andrew Bartlett <abartlet@samba.org> | 2009-08-24 13:09:10 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2009-08-24 20:24:18 +1000 |
commit | cc330f93625290dc5f67c9c0f2f17e566ddbf1f1 (patch) | |
tree | f8b5db92a9e87597de7fbf24368db509b995fe02 | |
parent | 0f98d539e2edc8f1d57271fb20051189699222a7 (diff) | |
download | samba-cc330f93625290dc5f67c9c0f2f17e566ddbf1f1.tar.gz samba-cc330f93625290dc5f67c9c0f2f17e566ddbf1f1.tar.bz2 samba-cc330f93625290dc5f67c9c0f2f17e566ddbf1f1.zip |
s4:dsdb use talloc_strndup() in GET_STRING_LDB() rather than walk off the end
The problem is that samdb_result_string() and
ldb_msg_find_attr_as_string() both simply cast the string, rather than
ensuring the return value is NULL terminated. This may be best
regarded as a flaw in LDB, but fixing it there is going to be more
difficult.
Andrew Bartlett
-rw-r--r-- | source4/dsdb/schema/schema_init.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c index 170d5a12e9..c2d45970f0 100644 --- a/source4/dsdb/schema/schema_init.c +++ b/source4/dsdb/schema/schema_init.c @@ -653,14 +653,24 @@ static int dsdb_schema_setup_ldb_schema_attribute(struct ldb_context *ldb, } - #define GET_STRING_LDB(msg, attr, mem_ctx, p, elem, strict) do { \ - (p)->elem = samdb_result_string(msg, attr, NULL);\ - if (strict && (p)->elem == NULL) { \ - d_printf("%s: %s == NULL\n", __location__, attr); \ - return WERR_INVALID_PARAM; \ - } \ - talloc_steal(mem_ctx, (p)->elem); \ + struct ldb_val *get_string_val = ldb_msg_find_ldb_val(msg, attr); \ + if (get_string_val == NULL) { \ + if (strict) { \ + d_printf("%s: %s == NULL\n", __location__, attr); \ + return WERR_INVALID_PARAM; \ + } else { \ + (p)->elem = NULL; \ + } \ + } else { \ + (p)->elem = talloc_strndup(mem_ctx, \ + (const char *)get_string_val->data, \ + get_string_val->length); \ + if (!(p)->elem) { \ + d_printf("%s: talloc_strndup failed for %s\n", __location__, attr); \ + return WERR_NOMEM; \ + } \ + } \ } while (0) #define GET_STRING_LIST_LDB(msg, attr, mem_ctx, p, elem, strict) do { \ |