summaryrefslogtreecommitdiff
path: root/source3/libsmb/ntlmssp_parse.c
diff options
context:
space:
mode:
authorKarolin Seeger <kseeger@samba.org>2008-02-29 10:44:38 +0100
committerKarolin Seeger <kseeger@samba.org>2008-02-29 10:44:38 +0100
commitc4fbe2846231a6b322c1094c6a1dbf93b7305768 (patch)
tree09eb77a294f4acda131b41fe4c9bec4ed175eb16 /source3/libsmb/ntlmssp_parse.c
parent1a6415fc77c708b87c8e2ce6e7828f486ffc87ac (diff)
parent695b6662abe64a40061bfa05ede12173fc4b1945 (diff)
downloadsamba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.tar.gz
samba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.tar.bz2
samba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.zip
Merge commit 'origin/v3-2-test' into v3-2-stable
Conflicts: WHATSNEW.txt (This used to be commit a390bcf9403df4cf4d5eef42b35ebccbe253882e)
Diffstat (limited to 'source3/libsmb/ntlmssp_parse.c')
-rw-r--r--source3/libsmb/ntlmssp_parse.c23
1 files changed, 19 insertions, 4 deletions
diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c
index ac8846ad1e..70377cba7d 100644
--- a/source3/libsmb/ntlmssp_parse.c
+++ b/source3/libsmb/ntlmssp_parse.c
@@ -170,6 +170,7 @@ bool msrpc_gen(DATA_BLOB *blob,
/* a helpful macro to avoid running over the end of our blob */
#define NEED_DATA(amount) \
if ((head_ofs + amount) > blob->length) { \
+ va_end(ap); \
return False; \
}
@@ -216,16 +217,20 @@ bool msrpc_parse(const DATA_BLOB *blob,
if ((len1 != len2) || (ptr + len1 < ptr) ||
(ptr + len1 < len1) ||
(ptr + len1 > blob->length)) {
+ va_end(ap);
return false;
}
if (len1 & 1) {
/* if odd length and unicode */
+ va_end(ap);
return false;
}
if (blob->data + ptr <
(uint8 *)(unsigned long)ptr ||
- blob->data + ptr < blob->data)
+ blob->data + ptr < blob->data) {
+ va_end(ap);
return false;
+ }
if (0 < len1) {
char *p = NULL;
@@ -261,13 +266,16 @@ bool msrpc_parse(const DATA_BLOB *blob,
if ((len1 != len2) || (ptr + len1 < ptr) ||
(ptr + len1 < len1) ||
(ptr + len1 > blob->length)) {
+ va_end(ap);
return false;
}
if (blob->data + ptr <
(uint8 *)(unsigned long)ptr ||
- blob->data + ptr < blob->data)
+ blob->data + ptr < blob->data) {
+ va_end(ap);
return false;
+ }
if (0 < len1) {
char *p = NULL;
@@ -304,13 +312,16 @@ bool msrpc_parse(const DATA_BLOB *blob,
if ((len1 != len2) || (ptr + len1 < ptr) ||
(ptr + len1 < len1) ||
(ptr + len1 > blob->length)) {
+ va_end(ap);
return false;
}
if (blob->data + ptr <
(uint8 *)(unsigned long)ptr ||
- blob->data + ptr < blob->data)
+ blob->data + ptr < blob->data) {
+ va_end(ap);
return false;
+ }
*b = data_blob(blob->data + ptr, len1);
}
@@ -322,6 +333,7 @@ bool msrpc_parse(const DATA_BLOB *blob,
NEED_DATA(len1);
if (blob->data + head_ofs < (uint8 *)head_ofs ||
blob->data + head_ofs < blob->data) {
+ va_end(ap);
return false;
}
@@ -337,7 +349,8 @@ bool msrpc_parse(const DATA_BLOB *blob,
s = va_arg(ap, char *);
if (blob->data + head_ofs < (uint8 *)head_ofs ||
- blob->data + head_ofs < blob->data) {
+ blob->data + head_ofs < blob->data) {
+ va_end(ap);
return false;
}
@@ -351,11 +364,13 @@ bool msrpc_parse(const DATA_BLOB *blob,
blob->length - head_ofs,
STR_ASCII|STR_TERMINATE);
if (ret == (size_t)-1 || p == NULL) {
+ va_end(ap);
return false;
}
head_ofs += ret;
if (strcmp(s, p) != 0) {
TALLOC_FREE(p);
+ va_end(ap);
return false;
}
TALLOC_FREE(p);