summaryrefslogtreecommitdiff
path: root/source3/rpc_parse
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2000-12-15 01:02:11 +0000
committerJeremy Allison <jra@samba.org>2000-12-15 01:02:11 +0000
commit369f5fd1d7a6e6298bc3cbe01e3aaed0106f6cf4 (patch)
treee4237cf9927822e2b49faea870dd13012e5a5cb5 /source3/rpc_parse
parent1fc3e43f9b9b431e8499d2ebd7f557b9bf2ff14c (diff)
downloadsamba-369f5fd1d7a6e6298bc3cbe01e3aaed0106f6cf4.tar.gz
samba-369f5fd1d7a6e6298bc3cbe01e3aaed0106f6cf4.tar.bz2
samba-369f5fd1d7a6e6298bc3cbe01e3aaed0106f6cf4.zip
Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. Merged
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
Diffstat (limited to 'source3/rpc_parse')
-rw-r--r--source3/rpc_parse/parse_lsa.c43
-rw-r--r--source3/rpc_parse/parse_misc.c8
2 files changed, 34 insertions, 17 deletions
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index 4b0e6e4106..41219854d1 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -710,14 +710,14 @@ static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
/* Mallocate memory if we're unpacking from the wire */
if (UNMARSHALLING(ps)) {
- if ((sen->ptr_sid = (uint32 *)malloc(
+ if ((sen->ptr_sid = (uint32 *)prs_alloc_mem( ps,
sen->num_entries * sizeof(uint32))) == NULL) {
DEBUG(3, ("init_lsa_sid_enum(): out of memory for "
"ptr_sid\n"));
return False;
}
- if ((sen->sid = (DOM_SID2 *)malloc(
+ if ((sen->sid = (DOM_SID2 *)prs_alloc_mem( ps,
sen->num_entries * sizeof(DOM_SID2))) == NULL) {
DEBUG(3, ("init_lsa_sid_enum(): out of memory for "
"sids\n"));
@@ -824,13 +824,13 @@ static BOOL lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn,
if (UNMARSHALLING(ps)) {
if ((trn->name = (LSA_TRANS_NAME *)
- malloc(trn->num_entries *
+ prs_alloc_mem(ps, trn->num_entries *
sizeof(LSA_TRANS_NAME))) == NULL) {
return False;
}
if ((trn->uni_name = (UNISTR2 *)
- malloc(trn->num_entries *
+ prs_alloc_mem(ps, trn->num_entries *
sizeof(UNISTR2))) == NULL) {
return False;
}
@@ -964,23 +964,40 @@ BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps,
if(!smb_io_pol_hnd("", &q_r->pol, ps, depth)) /* policy handle */
return False;
+ if(!prs_align(ps))
+ return False;
if(!prs_uint32("num_entries ", ps, depth, &q_r->num_entries))
return False;
if(!prs_uint32("num_entries2 ", ps, depth, &q_r->num_entries2))
return False;
+ if (UNMARSHALLING(ps)) {
+ if (q_r->num_entries) {
+ if ((q_r->hdr_name = (UNIHDR *)prs_alloc_mem(ps,
+ q_r->num_entries * sizeof(UNIHDR))) == NULL)
+ return False;
+ if ((q_r->uni_name = (UNISTR2 *)prs_alloc_mem(ps,
+ q_r->num_entries * sizeof(UNISTR2))) == NULL)
+ return False;
+ }
+ }
+
for (i = 0; i < q_r->num_entries; i++) {
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unihdr("hdr_name", &q_r->hdr_name[i], ps, depth)) /* pointer names */
return False;
}
for (i = 0; i < q_r->num_entries; i++) {
- if(!smb_io_unistr2("dom_name", &q_r->uni_name[i], q_r->hdr_name[i].buffer, ps, depth)) /* names to be looked up */
- return False;
if(!prs_align(ps))
return False;
+ if(!smb_io_unistr2("dom_name", &q_r->uni_name[i], q_r->hdr_name[i].buffer, ps, depth)) /* names to be looked up */
+ return False;
}
+ if(!prs_align(ps))
+ return False;
if(!prs_uint32("num_trans_entries ", ps, depth, &q_r->num_trans_entries))
return False;
if(!prs_uint32("ptr_trans_sids ", ps, depth, &q_r->ptr_trans_sids))
@@ -997,8 +1014,7 @@ BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps,
reads or writes a structure.
********************************************************************/
-BOOL lsa_io_r_lookup_names(TALLOC_CTX *mem_ctx, char *desc,
- LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth)
+BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth)
{
int i;
@@ -1032,11 +1048,12 @@ BOOL lsa_io_r_lookup_names(TALLOC_CTX *mem_ctx, char *desc,
return False;
}
- if ((r_r->dom_rid = (DOM_RID2 *)
- talloc(mem_ctx, r_r->num_entries2 * sizeof(DOM_RID2)))
- == NULL) {
- DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n"));
- return False;
+ if (UNMARSHALLING(ps)) {
+ if ((r_r->dom_rid = (DOM_RID2 *)prs_alloc_mem(ps, r_r->num_entries2 * sizeof(DOM_RID2)))
+ == NULL) {
+ DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n"));
+ return False;
+ }
}
for (i = 0; i < r_r->num_entries2; i++)
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index dd6784a8e7..859a800771 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -321,7 +321,7 @@ void init_uni_hdr(UNIHDR *hdr, int len)
{
hdr->uni_str_len = 2 * len;
hdr->uni_max_len = 2 * len;
- hdr->buffer = len != 0;
+ hdr->buffer = len != 0 ? 1 : 0;
}
/*******************************************************************
@@ -867,8 +867,7 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
{
ZERO_STRUCTP(str);
- /* Set up string lengths. */
-
+ /* set up string lengths. */
str->uni_max_len = (uint32)len;
str->undoc = 0;
str->uni_str_len = (uint32)len;
@@ -881,7 +880,8 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
len *= sizeof(uint16);
str->buffer = (uint16 *)talloc(parse_misc_talloc, len);
- if ((str->buffer == NULL) && (len > 0)) {
+ if ((str->buffer == NULL) && (len > 0))
+ {
smb_panic("init_unistr2: malloc fail\n");
return;
}