diff options
author | Jeremy Allison <jra@samba.org> | 2001-04-02 22:27:40 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2001-04-02 22:27:40 +0000 |
commit | 9f793948bd34e79be1adecfe41c53cb7ec2636fa (patch) | |
tree | 269683f47211e3d95a49d8a84776e7e38fc13a52 | |
parent | f439f72ceec665dbd1eae367eb5d7302d8a3338d (diff) | |
download | samba-9f793948bd34e79be1adecfe41c53cb7ec2636fa.tar.gz samba-9f793948bd34e79be1adecfe41c53cb7ec2636fa.tar.bz2 samba-9f793948bd34e79be1adecfe41c53cb7ec2636fa.zip |
include/ntdomain.h:
rpc_server/srv_lsa_hnd.c: Remove back pointer from policy handle list as the pipe
that opened the handle may have been closed. We were dereferencing
into something that had been closed.
rpc_parse/parse_spoolss.c: Sync up with Gerald's changes in 2.2.
lib/replace.c: Don't do proto on setlinebuf as it differs between systems.
Jeremy.
(This used to be commit 887ef3e12dc56b89b2284d42b16a81f03e15110b)
-rw-r--r-- | source3/include/ntdomain.h | 1 | ||||
-rw-r--r-- | source3/include/proto.h | 25 | ||||
-rw-r--r-- | source3/lib/replace.c | 4 | ||||
-rw-r--r-- | source3/rpc_parse/parse_spoolss.c | 199 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_hnd.c | 5 |
5 files changed, 158 insertions, 76 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index f56b765d29..ecd261949c 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -143,7 +143,6 @@ typedef struct _input_data { struct policy { struct policy *next, *prev; - struct pipes_struct *p; POLICY_HND pol_hnd; diff --git a/source3/include/proto.h b/source3/include/proto.h index 7f1a03e586..1d75877547 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -198,7 +198,6 @@ void cmd_history(void); /*The following definitions come from lib/replace.c */ char *rep_inet_ntoa(struct in_addr ip); -void setlinebuf(FILE *stream); /*The following definitions come from lib/select.c */ @@ -3229,7 +3228,7 @@ BOOL make_spoolss_q_addprinterex( const char* user_name, uint32 level, PRINTER_INFO_CTR *ctr); -BOOL make_spool_printer_info_2( +BOOL make_spoolss_printer_info_2( SPOOL_PRINTER_INFO_LEVEL_2 **spool_info2, PRINTER_INFO_2 *info ); @@ -3321,8 +3320,20 @@ BOOL spoolss_io_q_enumprinters(char *desc, SPOOL_Q_ENUMPRINTERS *q_u, prs_struct BOOL spoolss_io_r_enumprinters(char *desc, SPOOL_R_ENUMPRINTERS *r_u, prs_struct *ps, int depth); BOOL spoolss_io_r_getprinter(char *desc, SPOOL_R_GETPRINTER *r_u, prs_struct *ps, int depth); BOOL spoolss_io_q_getprinter(char *desc, SPOOL_Q_GETPRINTER *q_u, prs_struct *ps, int depth); -BOOL make_spoolss_q_getprinter(SPOOL_Q_GETPRINTER *q_u, const POLICY_HND *hnd, uint32 level, - NEW_BUFFER *buffer, uint32 offered); +BOOL make_spoolss_q_getprinter( + SPOOL_Q_GETPRINTER *q_u, + const POLICY_HND *hnd, + uint32 level, + NEW_BUFFER *buffer, + uint32 offered +); +BOOL make_spoolss_q_setprinter( + SPOOL_Q_SETPRINTER *q_u, + const POLICY_HND *hnd, + uint32 level, + PRINTER_INFO_CTR *info, + uint32 command +); BOOL spoolss_io_r_setprinter(char *desc, SPOOL_R_SETPRINTER *r_u, prs_struct *ps, int depth); BOOL spoolss_io_q_setprinter(char *desc, SPOOL_Q_SETPRINTER *q_u, prs_struct *ps, int depth); BOOL spoolss_io_r_fcpn(char *desc, SPOOL_R_FCPN *r_u, prs_struct *ps, int depth); @@ -3372,11 +3383,11 @@ BOOL make_spoolss_q_addprinterdriver( const char* srv_name, uint32 level, PRINTER_DRIVER_CTR *info); -BOOL make_spool_driver_info_3( - SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *spool_drv_info, +BOOL make_spoolss_driver_info_3( + SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 **spool_drv_info, DRIVER_INFO_3 *info3 ); -BOOL make_spool_buffer5(BUFFER5 *buf5, uint32 len, uint16 *src); +BOOL make_spoolss_buffer5(BUFFER5 *buf5, uint32 len, uint16 *src); BOOL spoolss_io_q_addprinterdriver(char *desc, SPOOL_Q_ADDPRINTERDRIVER *q_u, prs_struct *ps, int depth); BOOL spoolss_io_r_addprinterdriver(char *desc, SPOOL_R_ADDPRINTERDRIVER *q_u, prs_struct *ps, int depth); BOOL uni_2_asc_printer_driver_3(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *uni, diff --git a/source3/lib/replace.c b/source3/lib/replace.c index f252b84801..45c302f498 100644 --- a/source3/lib/replace.c +++ b/source3/lib/replace.c @@ -377,8 +377,8 @@ char *rep_inet_ntoa(struct in_addr ip) #endif /* HAVE_STRTOUL */ #ifndef HAVE_SETLINEBUF -void setlinebuf(FILE *stream) + int setlinebuf(FILE *stream) { - setvbuf(stream, (char *)NULL, _IOLBF, 0); + return setvbuf(stream, (char *)NULL, _IOLBF, 0); } #endif /* HAVE_SETLINEBUF */ diff --git a/source3/rpc_parse/parse_spoolss.c b/source3/rpc_parse/parse_spoolss.c index 11ccfa447f..bf178b4ab8 100644 --- a/source3/rpc_parse/parse_spoolss.c +++ b/source3/rpc_parse/parse_spoolss.c @@ -407,7 +407,7 @@ BOOL smb_io_notify_info_data_strings(char *desc,SPOOL_NOTIFY_INFO_DATA *data, if(!prs_uint8s(True,"string",ps,depth, (uint8 *)&data->notify_data.data.length,x*2)) return False; } else { - if(!prs_uint8s(True,"string",ps,depth,(uint8 *)data->notify_data.data.string,x*2)) + if(!prs_uint16uni(True,"string",ps,depth,data->notify_data.data.string,x)) return False; } } else { @@ -418,7 +418,7 @@ BOOL smb_io_notify_info_data_strings(char *desc,SPOOL_NOTIFY_INFO_DATA *data, if (!data->notify_data.data.string) return False; - if(!prs_uint16s(True,"string",ps,depth,data->notify_data.data.string,x)) + if(!prs_uint16uni(True,"string",ps,depth,data->notify_data.data.string,x)) return False; } } @@ -550,7 +550,7 @@ static BOOL spoolss_io_devmode(char *desc, prs_struct *ps, int depth, DEVICEMODE return False; } - if (!prs_uint16s(True,"devicename", ps, depth, devmode->devicename.buffer, 32)) + if (!prs_uint16uni(True,"devicename", ps, depth, devmode->devicename.buffer, 32)) return False; if (!prs_uint16("specversion", ps, depth, &devmode->specversion)) return False; @@ -595,7 +595,7 @@ static BOOL spoolss_io_devmode(char *desc, prs_struct *ps, int depth, DEVICEMODE return False; } - if (!prs_uint16s(True, "formname", ps, depth, devmode->formname.buffer, 32)) + if (!prs_uint16uni(True, "formname", ps, depth, devmode->formname.buffer, 32)) return False; if (!prs_uint16("logpixels", ps, depth, &devmode->logpixels)) return False; @@ -783,7 +783,7 @@ BOOL make_spoolss_q_addprinterex( { case 2: /* init q_u->info.info2 from *info */ - if (!make_spool_printer_info_2(&q_u->info.info_2, ctr->printers_2)) + if (!make_spoolss_printer_info_2(&q_u->info.info_2, ctr->printers_2)) { DEBUG(0,("make_spoolss_q_addprinterex: Unable to fill SPOOL_Q_ADDPRINTEREX struct!\n")); return False; @@ -817,7 +817,7 @@ BOOL make_spoolss_q_addprinterex( create a SPOOL_PRINTER_INFO_2 stuct from a PRINTER_INFO_2 struct *******************************************************************/ -BOOL make_spool_printer_info_2( +BOOL make_spoolss_printer_info_2( SPOOL_PRINTER_INFO_LEVEL_2 **spool_info2, PRINTER_INFO_2 *info ) @@ -827,9 +827,9 @@ BOOL make_spool_printer_info_2( /* allocate the necessary memory */ inf = (SPOOL_PRINTER_INFO_LEVEL_2*)malloc(sizeof(SPOOL_PRINTER_INFO_LEVEL_2)); - if (spool_info2 == NULL) + if (!spool_info2) { - DEBUG(0,("make_spool_printer_info_2: Unable to allocate SPOOL_PRINTER_INFO_LEVEL_2 sruct!\n")); + DEBUG(0,("make_spoolss_printer_info_2: Unable to allocate SPOOL_PRINTER_INFO_LEVEL_2 sruct!\n")); return False; } @@ -865,7 +865,7 @@ BOOL make_spool_printer_info_2( init_unistr2_from_unistr(&inf->datatype, &info->datatype); init_unistr2_from_unistr(&inf->parameters, &info->parameters); init_unistr2_from_unistr(&inf->datatype, &info->datatype); - inf->secdesc = NULL; + inf->secdesc = inf->secdesc; *spool_info2 = inf; @@ -3419,8 +3419,13 @@ BOOL spoolss_io_q_getprinter(char *desc, SPOOL_Q_GETPRINTER *q_u, prs_struct *ps * init a structure. ********************************************************************/ -BOOL make_spoolss_q_getprinter(SPOOL_Q_GETPRINTER *q_u, const POLICY_HND *hnd, uint32 level, - NEW_BUFFER *buffer, uint32 offered) +BOOL make_spoolss_q_getprinter( + SPOOL_Q_GETPRINTER *q_u, + const POLICY_HND *hnd, + uint32 level, + NEW_BUFFER *buffer, + uint32 offered +) { if (q_u == NULL) { @@ -3436,6 +3441,73 @@ BOOL make_spoolss_q_getprinter(SPOOL_Q_GETPRINTER *q_u, const POLICY_HND *hnd, u } /******************************************************************* + * init a structure. + ********************************************************************/ +BOOL make_spoolss_q_setprinter( + SPOOL_Q_SETPRINTER *q_u, + const POLICY_HND *hnd, + uint32 level, + PRINTER_INFO_CTR *info, + uint32 command +) +{ + SEC_DESC *secdesc; + DEVICEMODE *devmode; + + if (q_u == NULL) + { + return False; + } + + memcpy(&q_u->handle, hnd, sizeof(q_u->handle)); + + q_u->level = level; + q_u->info.level = level; + q_u->info.info_ptr = (info != NULL) ? 1 : 0; + switch (level) + { + case 2: + secdesc = info->printers_2->secdesc; + devmode = info->printers_2->devmode; + + /* FIXMEE!! HACK ALERT!!! --jerry */ + info->printers_2->devmode = NULL; + info->printers_2->secdesc = NULL; + + make_spoolss_printer_info_2 (&q_u->info.info_2, info->printers_2); +#if 0 /* JERRY TEST */ + q_u->secdesc_ctr = (SEC_DESC_BUF*)malloc(sizeof(SEC_DESC_BUF)); + if (!q_u->secdesc_ctr) + return False; + q_u->secdesc_ctr->ptr = (secdesc != NULL) ? 1: 0; + q_u->secdesc_ctr->max_len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; + q_u->secdesc_ctr->len = (secdesc) ? sizeof(SEC_DESC) + (2*sizeof(uint32)) : 0; + q_u->secdesc_ctr->sec = secdesc; + + q_u->devmode_ctr.devmode_ptr = (devmode != NULL) ? 1 : 0; + q_u->devmode_ctr.size = sizeof(DEVICEMODE) + (3*sizeof(uint32)); + q_u->devmode_ctr.devmode = devmode; +#else + q_u->secdesc_ctr = NULL; + + q_u->devmode_ctr.devmode_ptr = 0; + q_u->devmode_ctr.size = 0; + q_u->devmode_ctr.devmode = NULL; +#endif + break; + default: + DEBUG(0,("make_spoolss_q_setprinter: Unknown info level [%d]\n", level)); + break; + } + + + q_u->command = command; + + return True; +} + + +/******************************************************************* ********************************************************************/ BOOL spoolss_io_r_setprinter(char *desc, SPOOL_R_SETPRINTER *r_u, prs_struct *ps, int depth) @@ -4644,31 +4716,26 @@ BOOL make_spoolss_q_addprinterdriver( q_u->info.ptr = (info!=NULL)?1:0; switch (level) { - /* info level 3 is supported by Windows 95/98, - WinNT and Win2k */ - case 3 : - q_u->info.info_3=(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3*) - malloc(sizeof(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)); - memset (q_u->info.info_3, 0x0, sizeof(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)); - make_spool_driver_info_3(q_u->info.info_3, info->info3); - break; + /* info level 3 is supported by Windows 95/98, WinNT and Win2k */ + case 3 : + make_spoolss_driver_info_3(&q_u->info.info_3, info->info3); + break; - /* info level 6 is supported by WinME and Win2k */ - case 6: - /* WRITEME!! will add later --jerry */ - break; - default: - DEBUG(0,("make_spoolss_q_addprinterdriver: Unknown \ -info level [%d]\n", level)); - break; - + /* info level 6 is supported by WinME and Win2k */ + case 6: + /* WRITEME!! will add later --jerry */ + break; + + default: + DEBUG(0,("make_spoolss_q_addprinterdriver: Unknown info level [%d]\n", level)); + break; } return True; } -BOOL make_spool_driver_info_3( - SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *spool_drv_info, +BOOL make_spoolss_driver_info_3( + SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 **spool_drv_info, DRIVER_INFO_3 *info3 ) { @@ -4676,25 +4743,32 @@ BOOL make_spool_driver_info_3( uint16 *ptr = info3->dependentfiles; BOOL done = False; BOOL null_char = False; - - spool_drv_info->cversion = info3->version; - spool_drv_info->name_ptr = (info3->name.buffer!=NULL)?1:0; - spool_drv_info->environment_ptr = (info3->architecture.buffer!=NULL)?1:0; - spool_drv_info->driverpath_ptr = (info3->driverpath.buffer!=NULL)?1:0; - spool_drv_info->datafile_ptr = (info3->datafile.buffer!=NULL)?1:0; - spool_drv_info->configfile_ptr = (info3->configfile.buffer!=NULL)?1:0; - spool_drv_info->helpfile_ptr = (info3->helpfile.buffer!=NULL)?1:0; - spool_drv_info->monitorname_ptr = (info3->monitorname.buffer!=NULL)?1:0; - spool_drv_info->defaultdatatype_ptr = (info3->defaultdatatype.buffer!=NULL)?1:0; - - init_unistr2_from_unistr(&spool_drv_info->name, &info3->name); - init_unistr2_from_unistr(&spool_drv_info->environment, &info3->architecture); - init_unistr2_from_unistr(&spool_drv_info->driverpath, &info3->driverpath); - init_unistr2_from_unistr(&spool_drv_info->datafile, &info3->datafile); - init_unistr2_from_unistr(&spool_drv_info->configfile, &info3->configfile); - init_unistr2_from_unistr(&spool_drv_info->helpfile, &info3->helpfile); - init_unistr2_from_unistr(&spool_drv_info->monitorname, &info3->monitorname); - init_unistr2_from_unistr(&spool_drv_info->defaultdatatype, &info3->defaultdatatype); + SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *inf; + + inf = (SPOOL_PRINTER_DRIVER_INFO_LEVEL_3*) + malloc(sizeof(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)); + if (!inf) + return False; + memset (inf, 0x0, sizeof(SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)); + + inf->cversion = info3->version; + inf->name_ptr = (info3->name.buffer!=NULL)?1:0; + inf->environment_ptr = (info3->architecture.buffer!=NULL)?1:0; + inf->driverpath_ptr = (info3->driverpath.buffer!=NULL)?1:0; + inf->datafile_ptr = (info3->datafile.buffer!=NULL)?1:0; + inf->configfile_ptr = (info3->configfile.buffer!=NULL)?1:0; + inf->helpfile_ptr = (info3->helpfile.buffer!=NULL)?1:0; + inf->monitorname_ptr = (info3->monitorname.buffer!=NULL)?1:0; + inf->defaultdatatype_ptr = (info3->defaultdatatype.buffer!=NULL)?1:0; + + init_unistr2_from_unistr(&inf->name, &info3->name); + init_unistr2_from_unistr(&inf->environment, &info3->architecture); + init_unistr2_from_unistr(&inf->driverpath, &info3->driverpath); + init_unistr2_from_unistr(&inf->datafile, &info3->datafile); + init_unistr2_from_unistr(&inf->configfile, &info3->configfile); + init_unistr2_from_unistr(&inf->helpfile, &info3->helpfile); + init_unistr2_from_unistr(&inf->monitorname, &info3->monitorname); + init_unistr2_from_unistr(&inf->defaultdatatype, &info3->defaultdatatype); while (!done) { @@ -4717,25 +4791,30 @@ BOOL make_spool_driver_info_3( len++; ptr++; } - spool_drv_info->dependentfiles_ptr = (info3->dependentfiles!=NULL)?1:0; - spool_drv_info->dependentfilessize = len; - if(!make_spool_buffer5(&spool_drv_info->dependentfiles, len, info3->dependentfiles)) + inf->dependentfiles_ptr = (info3->dependentfiles != NULL) ? 1 : 0; + inf->dependentfilessize = len; + if(!make_spoolss_buffer5(&inf->dependentfiles, len, info3->dependentfiles)) + { + safe_free (inf); return False; + } + + *spool_drv_info = inf; return True; -} +} /******************************************************************* make a BUFFER5 struct from a uint16* ******************************************************************/ -BOOL make_spool_buffer5(BUFFER5 *buf5, uint32 len, uint16 *src) +BOOL make_spoolss_buffer5(BUFFER5 *buf5, uint32 len, uint16 *src) { buf5->buf_len = len; if((buf5->buffer=(uint16*)malloc(sizeof(uint16)*len)) == NULL) { - DEBUG(0,("make_spool_buffer5: Unable to talloc memory for buffer!\n")); + DEBUG(0,("make_spoolss_buffer5: Unable to malloc memory for buffer!\n")); return False; } @@ -5234,14 +5313,8 @@ BOOL spoolss_io_r_enumprinterdata(char *desc, SPOOL_R_ENUMPRINTERDATA *r_u, prs_ if(!prs_uint32("valuesize", ps, depth, &r_u->valuesize)) return False; - if (MARSHALLING(ps)) { - /* "Value is actually a UNICODE string. It's already little-endian so don't reverse. */ - if(!prs_uint8s(False, "value", ps, depth, (uint8 *)r_u->value, r_u->valuesize * 2)) - return False; - } else { - if(!prs_uint16s(False, "value", ps, depth, r_u->value, r_u->valuesize )) - return False; - } + if(!prs_uint16uni(False, "value", ps, depth, r_u->value, r_u->valuesize )) + return False; if(!prs_align(ps)) return False; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index d0a26abc6b..393f50a498 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -109,7 +109,6 @@ BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *) ZERO_STRUCTP(pol); - pol->p = p; pol->data_ptr = data_ptr; pol->free_fn = free_fn; @@ -189,9 +188,9 @@ BOOL close_policy_hnd(pipes_struct *p, POLICY_HND *hnd) if (pol->free_fn && pol->data_ptr) (*pol->free_fn)(pol->data_ptr); - pol->p->pipe_handles->count--; + p->pipe_handles->count--; - DLIST_REMOVE(pol->p->pipe_handles->Policy, pol); + DLIST_REMOVE(p->pipe_handles->Policy, pol); ZERO_STRUCTP(pol); |