diff options
| author | Matthew Chapman <matty@samba.org> | 1999-03-24 12:18:28 +0000 |
|---|---|---|
| committer | Matthew Chapman <matty@samba.org> | 1999-03-24 12:18:28 +0000 |
| commit | 22ab15823fde3926f4fea5538632a2215d30d435 (patch) | |
| tree | 7aeb48a0897ec02420508aeba3bc81d2a4eb00b7 /source3/rpc_parse/parse_lsa.c | |
| parent | 6b9cb3a2545226257d698406c1ab3b016464705e (diff) | |
| download | samba-22ab15823fde3926f4fea5538632a2215d30d435.tar.gz samba-22ab15823fde3926f4fea5538632a2215d30d435.tar.bz2 samba-22ab15823fde3926f4fea5538632a2215d30d435.zip | |
Fixed LSA Lookup Names. There were a few too many NULL pointers in a
negative response, which tended to crash lsass.exe.
(This used to be commit 6d03f61d2536630968007958345cf44a42b03584)
Diffstat (limited to 'source3/rpc_parse/parse_lsa.c')
| -rw-r--r-- | source3/rpc_parse/parse_lsa.c | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index fc21546c61..c5767735b0 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -71,7 +71,6 @@ static void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int de prs_align(ps); - prs_uint32("undoc_buffer ", ps, depth, &(r_r->undoc_buffer )); /* undocumented buffer pointer. */ prs_uint32("num_ref_doms_1", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */ prs_uint32("ptr_ref_dom ", ps, depth, &(r_r->ptr_ref_dom )); /* undocumented buffer pointer. */ prs_uint32("max_entries ", ps, depth, &(r_r->max_entries )); /* 32 - max number of entries */ @@ -915,15 +914,29 @@ void lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, prs_align(ps); - lsa_io_dom_r_ref("", r_r->dom_ref, ps, depth); /* domain reference info */ + prs_uint32("ptr_dom_ref", ps, depth, &(r_r->ptr_dom_ref)); + if (r_r->ptr_dom_ref != 0) + { + lsa_io_dom_r_ref("", r_r->dom_ref, ps, depth); + } - prs_uint32("num_entries ", ps, depth, &(r_r->num_entries)); - prs_uint32("undoc_buffer", ps, depth, &(r_r->undoc_buffer)); - prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2)); + prs_uint32("num_entries", ps, depth, &(r_r->num_entries)); + prs_uint32("ptr_entries", ps, depth, &(r_r->ptr_entries)); - for (i = 0; i < r_r->num_entries2; i++) + if (r_r->ptr_entries != 0) { - smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */ + prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2)); + + if (r_r->num_entries2 != r_r->num_entries) + { + /* RPC fault */ + return; + } + + for (i = 0; i < r_r->num_entries2; i++) + { + smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */ + } } prs_uint32("mapped_count", ps, depth, &(r_r->mapped_count)); |