diff options
| author | Volker Lendecke <vlendec@samba.org> | 2004-06-20 08:37:01 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:51:59 -0500 |
| commit | 5db731d899987d1a53e72f16b92b7e01eafd80c2 (patch) | |
| tree | a4f1cb1d1caa48ddb26120131b9a16abbab0f346 | |
| parent | ee79226d2a4486be66b47e7ff86e40f91c654ba7 (diff) | |
| download | samba-5db731d899987d1a53e72f16b92b7e01eafd80c2.tar.gz samba-5db731d899987d1a53e72f16b92b7e01eafd80c2.tar.bz2 samba-5db731d899987d1a53e72f16b92b7e01eafd80c2.zip | |
r1202: This hopefully fixes our memory use when unmarshalling strings. The test case
was 'rpcclient -c "enumprinters 2"' with 4000 printers. At some point this
completely exploded in memory usage. For every string we talloc'ed memory up
to the end of the buffer. -> O(n^2).
This survives valgrind with this number of printers. It might also have
influence on winbind with a large number of users.
All those who dare to look at samba3 rpc code, could you please take a look? I
know this is a burden, but I would like comments ;-)))
Volker
(This used to be commit af251f4ea63c584604972e1c8add83e65046de80)
| -rw-r--r-- | source3/rpc_parse/parse_prs.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 0e5a25fe8c..92c5b13632 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -1101,10 +1101,13 @@ BOOL prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str) /* the test of the value of *ptr helps to catch the circumstance where we have an emtpty (non-existent) string in the buffer */ - for ( ptr = (uint16 *)q; *ptr && (alloc_len <= max_len); alloc_len++) + for ( ptr = (uint16 *)q; *ptr++ && (alloc_len <= max_len); alloc_len++) /* do nothing */ ; + if (alloc_len < max_len) + alloc_len += 1; + /* should we allocate anything at all? */ str->buffer = (uint16 *)prs_alloc_mem(ps,alloc_len * sizeof(uint16)); if ((str->buffer == NULL) && (alloc_len > 0)) |