diff options
| author | Jeremy Allison <jra@samba.org> | 2000-07-27 00:47:19 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2000-07-27 00:47:19 +0000 |
| commit | 5ec1642809d9de83da8c88c65d6595c6eb0270f5 (patch) | |
| tree | f6f4f1e0b3678394fca8b7c37f71084a1b166671 /source3/smbd | |
| parent | 134a4b86548db77cba292c50fbd6b91ecaa69f14 (diff) | |
| download | samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.tar.gz samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.tar.bz2 samba-5ec1642809d9de83da8c88c65d6595c6eb0270f5.zip | |
Ok - this is a *BIG* change - but it fixes the problems with static strings
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/nttrans.c | 22 | ||||
| -rw-r--r-- | source3/smbd/process.c | 1 |
2 files changed, 21 insertions, 2 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 4e4e418efd..4673c87f58 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1496,6 +1496,7 @@ static int call_nt_transact_query_security_desc(connection_struct *conn, prs_struct pd; SEC_DESC *psd = NULL; size_t sd_size; + TALLOC_CTX *mem_ctx; files_struct *fsp = file_fsp(params,0); @@ -1544,7 +1545,13 @@ static int call_nt_transact_query_security_desc(connection_struct *conn, * Init the parse struct we will marshall into. */ - prs_init(&pd, 0, 4, MARSHALL); + if ((mem_ctx = talloc_init()) == NULL) { + DEBUG(0,("call_nt_transact_query_security_desc: talloc_init failed.\n")); + free_sec_desc(&psd); + return(ERROR(ERRDOS,ERRnomem)); + } + + prs_init(&pd, 0, 4, mem_ctx, MARSHALL); /* * Setup the prs_struct to point at the memory we just @@ -1564,6 +1571,7 @@ security descriptor.\n")); /* * Return access denied for want of a better error message.. */ + talloc_destroy(mem_ctx); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1572,6 +1580,7 @@ security descriptor.\n")); */ free_sec_desc(&psd); + talloc_destroy(mem_ctx); send_nt_replies(inbuf, outbuf, bufsize, 0, params, 4, data, (int)sd_size); return -1; @@ -1594,6 +1603,7 @@ static int call_nt_transact_set_security_desc(connection_struct *conn, uint32 total_data_count = (uint32)IVAL(inbuf, smb_nts_TotalDataCount); files_struct *fsp = NULL; uint32 security_info_sent = 0; + TALLOC_CTX *mem_ctx; if(!lp_nt_acl_support()) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1613,7 +1623,12 @@ static int call_nt_transact_set_security_desc(connection_struct *conn, * Init the parse struct we will unmarshall from. */ - prs_init(&pd, 0, 4, UNMARSHALL); + if ((mem_ctx = talloc_init()) == NULL) { + DEBUG(0,("call_nt_transact_query_security_desc: talloc_init failed.\n")); + return(ERROR(ERRDOS,ERRnomem)); + } + + prs_init(&pd, 0, 4, mem_ctx, UNMARSHALL); /* * Setup the prs_struct to point at the memory we just @@ -1633,15 +1648,18 @@ security descriptor.\n")); /* * Return access denied for want of a better error message.. */ + talloc_destroy(mem_ctx); return(UNIXERROR(ERRDOS,ERRnoaccess)); } if (!set_nt_acl(fsp, security_info_sent, psd)) { free_sec_desc(&psd); + talloc_destroy(mem_ctx); return(UNIXERROR(ERRDOS,ERRnoaccess)); } free_sec_desc(&psd); + talloc_destroy(mem_ctx); send_nt_replies(inbuf, outbuf, bufsize, 0, NULL, 0, NULL, 0); return -1; } diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 3c85c05312..2662db5896 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1042,6 +1042,7 @@ void smbd_process(void) /* free up temporary memory */ lp_talloc_free(); + parse_talloc_free(); while (!receive_message_or_smb(InBuffer,BUFFER_SIZE,select_timeout)) { if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time)) |