diff options
| author | Jeremy Allison <jra@samba.org> | 2000-07-27 00:47:19 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2000-07-27 00:47:19 +0000 |
| commit | 5ec1642809d9de83da8c88c65d6595c6eb0270f5 (patch) | |
| tree | f6f4f1e0b3678394fca8b7c37f71084a1b166671 /source3/rpc_server/srv_pipe.c | |
| parent | 134a4b86548db77cba292c50fbd6b91ecaa69f14 (diff) | |
| download | samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.tar.gz samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.tar.bz2 samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.zip | |
Ok - this is a *BIG* change - but it fixes the problems with static strings
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
Diffstat (limited to 'source3/rpc_server/srv_pipe.c')
| -rw-r--r-- | source3/rpc_server/srv_pipe.c | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index f6746367bb..6f650c7e5e 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -167,17 +167,19 @@ BOOL create_next_pdu(pipes_struct *p) * data. */ - prs_init( &outgoing_pdu, 0, 4, MARSHALL); + prs_init( &outgoing_pdu, 0, 4, p->mem_ctx, MARSHALL); prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* Store the header in the data stream. */ if(!smb_io_rpc_hdr("hdr", &p->hdr, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_HDR.\n")); + prs_mem_free(&outgoing_pdu); return False; } if(!smb_io_rpc_hdr_resp("resp", &hdr_resp, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_HDR_RESP.\n")); + prs_mem_free(&outgoing_pdu); return False; } @@ -189,6 +191,7 @@ BOOL create_next_pdu(pipes_struct *p) if(!prs_append_data(&outgoing_pdu, data_from, data_len)) { DEBUG(0,("create_next_pdu: failed to copy %u bytes of data.\n", (unsigned int)data_len)); + prs_mem_free(&outgoing_pdu); return False; } @@ -216,6 +219,7 @@ BOOL create_next_pdu(pipes_struct *p) (auth_verify ? RPC_HDR_AUTH_LEN : 0), (auth_verify ? 1 : 0)); if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_HDR_AUTH.\n")); + prs_mem_free(&outgoing_pdu); return False; } } @@ -230,6 +234,7 @@ BOOL create_next_pdu(pipes_struct *p) auth_data = prs_data_p(&outgoing_pdu) + prs_offset(&outgoing_pdu) + 4; if(!smb_io_rpc_auth_ntlmssp_chk("auth_sign", &ntlmssp_chk, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_AUTH_NTLMSSP_CHK.\n")); + prs_mem_free(&outgoing_pdu); return False; } NTLMSSPcalc_p(p, (uchar*)auth_data, RPC_AUTH_NTLMSSP_CHK_LEN - 4); @@ -244,6 +249,7 @@ BOOL create_next_pdu(pipes_struct *p) p->out_data.current_pdu_len = p->hdr.frag_len; p->out_data.current_pdu_sent = 0; + prs_mem_free(&outgoing_pdu); return True; } @@ -566,7 +572,7 @@ static BOOL setup_bind_nak(pipes_struct *p) * header and are never sending more than one PDU here. */ - prs_init( &outgoing_rpc, 0, 4, MARSHALL); + prs_init( &outgoing_rpc, 0, 4, p->mem_ctx, MARSHALL); prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); @@ -583,6 +589,7 @@ static BOOL setup_bind_nak(pipes_struct *p) if(!smb_io_rpc_hdr("", &nak_hdr, &outgoing_rpc, 0)) { DEBUG(0,("setup_bind_nak: marshalling of RPC_HDR failed.\n")); + prs_mem_free(&outgoing_rpc); return False; } @@ -590,8 +597,10 @@ static BOOL setup_bind_nak(pipes_struct *p) * Now add the reject reason. */ - if(!prs_uint16("reject code", &outgoing_rpc, 0, &zero)) + if(!prs_uint16("reject code", &outgoing_rpc, 0, &zero)) { + prs_mem_free(&outgoing_rpc); return False; + } p->out_data.data_sent_length = 0; p->out_data.current_pdu_len = prs_offset(&outgoing_rpc); @@ -622,7 +631,7 @@ BOOL setup_fault_pdu(pipes_struct *p) * header and are never sending more than one PDU here. */ - prs_init( &outgoing_pdu, 0, 4, MARSHALL); + prs_init( &outgoing_pdu, 0, 4, p->mem_ctx, MARSHALL); prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* @@ -647,16 +656,19 @@ BOOL setup_fault_pdu(pipes_struct *p) if(!smb_io_rpc_hdr("", &fault_hdr, &outgoing_pdu, 0)) { DEBUG(0,("setup_fault_pdu: marshalling of RPC_HDR failed.\n")); + prs_mem_free(&outgoing_pdu); return False; } if(!smb_io_rpc_hdr_resp("resp", &hdr_resp, &outgoing_pdu, 0)) { DEBUG(0,("setup_fault_pdu: failed to marshall RPC_HDR_RESP.\n")); + prs_mem_free(&outgoing_pdu); return False; } if(!smb_io_rpc_hdr_fault("fault", &fault_resp, &outgoing_pdu, 0)) { DEBUG(0,("setup_fault_pdu: failed to marshall RPC_HDR_FAULT.\n")); + prs_mem_free(&outgoing_pdu); return False; } @@ -664,6 +676,7 @@ BOOL setup_fault_pdu(pipes_struct *p) p->out_data.current_pdu_len = prs_offset(&outgoing_pdu); p->out_data.current_pdu_sent = 0; + prs_mem_free(&outgoing_pdu); return True; } @@ -835,7 +848,7 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) * header and are never sending more than one PDU here. */ - prs_init( &outgoing_rpc, 0, 4, MARSHALL); + prs_init( &outgoing_rpc, 0, 4, p->mem_ctx, MARSHALL); prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* @@ -843,13 +856,15 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) * auth footers. */ - if(!prs_init(&out_hdr_ba, 1024, 4, MARSHALL)) { + if(!prs_init(&out_hdr_ba, 1024, 4, p->mem_ctx, MARSHALL)) { DEBUG(0,("api_pipe_bind_req: malloc out_hdr_ba failed.\n")); + prs_mem_free(&outgoing_rpc); return False; } - if(!prs_init(&out_auth, 1024, 4, MARSHALL)) { + if(!prs_init(&out_auth, 1024, 4, p->mem_ctx, MARSHALL)) { DEBUG(0,("pi_pipe_bind_req: malloc out_auth failed.\n")); + prs_mem_free(&outgoing_rpc); prs_mem_free(&out_hdr_ba); return False; } @@ -984,6 +999,7 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) err_exit: + prs_mem_free(&outgoing_rpc); prs_mem_free(&out_hdr_ba); prs_mem_free(&out_auth); return False; |