diff options
author | Gerald Carter <jerry@samba.org> | 2000-08-10 14:00:40 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2000-08-10 14:00:40 +0000 |
commit | 2f9a0f83fe1029fddf3aae5f35ff3ccdf63f3134 (patch) | |
tree | 0e6669d6e2a17a49c82516d7fca28b46b205fcf7 /source3/rpc_parse/parse_prs.c | |
parent | f488740112449ca49d75d411a920edc6a605ff02 (diff) | |
download | samba-2f9a0f83fe1029fddf3aae5f35ff3ccdf63f3134.tar.gz samba-2f9a0f83fe1029fddf3aae5f35ff3ccdf63f3134.tar.bz2 samba-2f9a0f83fe1029fddf3aae5f35ff3ccdf63f3134.zip |
deal with allocation size of 0 in prs_unistr when UNMARSHALLING
jerry
(This used to be commit 26a73a70e282a5e46cc2b6fe7bc09b406724c9dd)
Diffstat (limited to 'source3/rpc_parse/parse_prs.c')
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 54 |
1 files changed, 30 insertions, 24 deletions
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 71806e422e..7bc9578863 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -679,6 +679,8 @@ BOOL prs_unistr(char *name, prs_struct *ps, int depth, UNISTR *str) uint8 *start; char *q; char zero=0; + uint32 max_len; + uint16* ptr; if (MARSHALLING(ps)) { @@ -734,38 +736,42 @@ BOOL prs_unistr(char *name, prs_struct *ps, int depth, UNISTR *str) /* * Work out how much space we need and talloc it. */ - { - uint32 max_len = (ps->buffer_size - ps->data_offset)/sizeof(uint16); - uint16 *ptr; - - for ( ptr = (uint16 *)q; *ptr && (alloc_len <= max_len); alloc_len++) - ; + max_len = (ps->buffer_size - ps->data_offset)/sizeof(uint16); + for ( ptr = (uint16 *)q; *ptr && (alloc_len <= max_len); alloc_len++) + ; + if (alloc_len > 0) + { str->buffer = (uint16 *)prs_alloc_mem(ps,alloc_len * sizeof(uint16)); if (str->buffer == NULL) return False; p = (unsigned char *)str->buffer; - } - do - { - len++; - - if(ps->bigendian_data) + do { - RW_SVAL(ps->io, ps->bigendian_data, q, *p, 0); - p += 2; - q += 2; - } else { - RW_CVAL(ps->io, q, *p, 0); - p++; - q++; - RW_CVAL(ps->io, q, *p, 0); - p++; - q++; - } - } while (len < alloc_len && str->buffer[len] != 0); + len++; + + if(ps->bigendian_data) + { + RW_SVAL(ps->io, ps->bigendian_data, q, *p, 0); + p += 2; + q += 2; + } else { + RW_CVAL(ps->io, q, *p, 0); + p++; + q++; + RW_CVAL(ps->io, q, *p, 0); + p++; + q++; + } + } while (len < alloc_len && str->buffer[len] != 0); + } + else + { + len = 0; + str->buffer = NULL; + } } ps->data_offset += len*2; |