summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2010-08-12 14:24:01 -0700
committerJeremy Allison <jra@samba.org>2010-08-12 15:16:42 -0700
commit84fd910c347ddfad6f01edbe7f6e25546c8382ee (patch)
treee6d3d4c0b8753adeb18700eb7636c50bb09cf712
parentc67b4ed3a406011d0fc7e1e2cbdc27ec4822e57c (diff)
downloadsamba-84fd910c347ddfad6f01edbe7f6e25546c8382ee.tar.gz
samba-84fd910c347ddfad6f01edbe7f6e25546c8382ee.tar.bz2
samba-84fd910c347ddfad6f01edbe7f6e25546c8382ee.zip
Fix bug #7617 - smbd coredump due to uninitialized variables in the performance counter code.
In the file rpc_server.c, function _winreg_QueryValue() uint8_t *outbuf Should be : uint8_t *outbuf = NULL; As it is later freed by if (free_buf) SAFE_FREE(outbuf); in some cases, this frees the unintialized outbuf, which causes a coredump.
-rw-r--r--source3/rpc_server/srv_winreg_nt.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c
index b4105a026b..568545fc0d 100644
--- a/source3/rpc_server/srv_winreg_nt.c
+++ b/source3/rpc_server/srv_winreg_nt.c
@@ -237,8 +237,8 @@ WERROR _winreg_QueryValue(struct pipes_struct *p,
struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle );
prs_struct prs_hkpd;
- uint8_t *outbuf;
- uint32_t outbuf_size;
+ uint8_t *outbuf = NULL;
+ uint32_t outbuf_size = 0;
bool free_buf = False;
bool free_prs = False;