diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2008-12-23 22:12:23 +0100 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2008-12-23 22:12:23 +0100 |
| commit | 5c75b65ca15f7c71babd835a45b252fed6534acf (patch) | |
| tree | 6b8baa3f5d27c4eafd89fece7deedae30a6ff1fd /source3 | |
| parent | 86cee0b28c50dd849fe919bbe3faa4deba5275bf (diff) | |
| parent | ff26cb4b1c1d0292231e1cfc0490f4be6040d3e3 (diff) | |
| download | samba-5c75b65ca15f7c71babd835a45b252fed6534acf.tar.gz samba-5c75b65ca15f7c71babd835a45b252fed6534acf.tar.bz2 samba-5c75b65ca15f7c71babd835a45b252fed6534acf.zip | |
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/lib/time.c | 2 | ||||
| -rw-r--r-- | source3/libads/ads_struct.c | 11 | ||||
| -rw-r--r-- | source3/libads/kerberos_keytab.c | 20 | ||||
| -rw-r--r-- | source3/libads/krb5_setpw.c | 27 | ||||
| -rw-r--r-- | source3/libads/ldap.c | 14 | ||||
| -rw-r--r-- | source3/libads/ldap_printer.c | 26 | ||||
| -rw-r--r-- | source3/libads/ldap_user.c | 5 | ||||
| -rw-r--r-- | source3/libads/util.c | 12 | ||||
| -rw-r--r-- | source3/libnet/libnet_join.c | 3 | ||||
| -rw-r--r-- | source3/libnet/libnet_samsync_ldif.c | 7 | ||||
| -rw-r--r-- | source3/locking/posix.c | 13 | ||||
| -rw-r--r-- | source3/param/loadparm.c | 2 | ||||
| -rw-r--r-- | source3/passdb/login_cache.c | 7 | ||||
| -rw-r--r-- | source3/passdb/passdb.c | 85 | ||||
| -rw-r--r-- | source3/passdb/pdb_interface.c | 22 | ||||
| -rw-r--r-- | source3/passdb/pdb_ldap.c | 7 | ||||
| -rw-r--r-- | source3/printing/nt_printing.c | 30 | ||||
| -rw-r--r-- | source3/printing/print_generic.c | 4 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_hnd.c | 11 | ||||
| -rw-r--r-- | source3/smbd/fileio.c | 9 | ||||
| -rw-r--r-- | source3/smbd/seal.c | 3 | ||||
| -rw-r--r-- | source3/smbd/trans2.c | 11 |
22 files changed, 216 insertions, 115 deletions
diff --git a/source3/lib/time.c b/source3/lib/time.c index db2266fcbf..cae6b479b0 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -131,8 +131,6 @@ time_t convert_uint32_to_time_t(uint32_t u) return (time_t)u; } -int extra_time_offset=0; - /**************************************************************************** Check if NTTIME is 0. ****************************************************************************/ diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c index 8cc2f1215e..aef35ad822 100644 --- a/source3/libads/ads_struct.c +++ b/source3/libads/ads_struct.c @@ -57,12 +57,17 @@ char *ads_build_path(const char *realm, const char *sep, const char *field, int strlcat(ret, p, len); while ((p=strtok_r(NULL, sep, &saveptr)) != NULL) { - char *s; + int retval; + char *s = NULL; if (reverse) - asprintf(&s, "%s%s,%s", field, p, ret); + retval = asprintf(&s, "%s%s,%s", field, p, ret); else - asprintf(&s, "%s,%s%s", ret, field, p); + retval = asprintf(&s, "%s,%s%s", ret, field, p); free(ret); + if (retval == -1) { + free(r); + return NULL; + } ret = SMB_STRDUP(s); free(s); } diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index c4e67091dd..7c028cb78f 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -299,17 +299,29 @@ int ads_keytab_add_entry(ADS_STRUCT *ads, const char *srvPrinc) if (strchr_m(srvPrinc, '@')) { /* It's a fully-named principal. */ - asprintf(&princ_s, "%s", srvPrinc); + if (asprintf(&princ_s, "%s", srvPrinc) == -1) { + ret = -1; + goto out; + } } else if (srvPrinc[strlen(srvPrinc)-1] == '$') { /* It's the machine account, as used by smbclient clients. */ - asprintf(&princ_s, "%s@%s", srvPrinc, lp_realm()); + if (asprintf(&princ_s, "%s@%s", srvPrinc, lp_realm()) == -1) { + ret = -1; + goto out; + } } else { /* It's a normal service principal. Add the SPN now so that we * can obtain credentials for it and double-check the salt value * used to generate the service's keys. */ - asprintf(&princ_s, "%s/%s@%s", srvPrinc, my_fqdn, lp_realm()); - asprintf(&short_princ_s, "%s/%s@%s", srvPrinc, machine_name, lp_realm()); + if (asprintf(&princ_s, "%s/%s@%s", srvPrinc, my_fqdn, lp_realm()) == -1) { + ret = -1; + goto out; + } + if (asprintf(&short_princ_s, "%s/%s@%s", srvPrinc, machine_name, lp_realm()) == -1) { + ret = -1; + goto out; + } /* According to http://support.microsoft.com/kb/326985/en-us, certain principal names are automatically mapped to the host/... diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c index 04ee6ee62a..5032ffd14c 100644 --- a/source3/libads/krb5_setpw.c +++ b/source3/libads/krb5_setpw.c @@ -605,7 +605,13 @@ ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *princ, } realm++; - asprintf(&princ_name, "kadmin/changepw@%s", realm); + if (asprintf(&princ_name, "kadmin/changepw@%s", realm) == -1) { + krb5_cc_close(context, ccache); + krb5_free_context(context); + DEBUG(1,("asprintf failed\n")); + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } + ret = smb_krb5_parse_name(context, princ_name, &creds.server); if (ret) { krb5_cc_close(context, ccache); @@ -736,8 +742,13 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host, krb5_get_init_creds_opt_set_proxiable(&opts, 0); /* We have to obtain an INITIAL changepw ticket for changing password */ - asprintf(&chpw_princ, "kadmin/changepw@%s", - (char *) krb5_princ_realm(context, princ)); + if (asprintf(&chpw_princ, "kadmin/changepw@%s", + (char *) krb5_princ_realm(context, princ)) == -1) { + krb5_free_context(context); + DEBUG(1,("ads_krb5_chg_password: asprintf fail\n")); + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } + password = SMB_STRDUP(oldpw); ret = krb5_get_init_creds_password(context, &creds, princ, password, kerb_prompter, NULL, @@ -807,16 +818,14 @@ ADS_STATUS ads_set_machine_password(ADS_STRUCT *ads, as otherwise the server might end up setting the password for a user instead */ - asprintf(&principal, "%s@%s", machine_account, ads->config.realm); + if (asprintf(&principal, "%s@%s", machine_account, ads->config.realm) < 0) { + return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); + } status = ads_krb5_set_password(ads->auth.kdc_server, principal, password, ads->auth.time_offset); - free(principal); - + SAFE_FREE(principal); return status; } - - - #endif diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index cf8a7ebb1b..a598580941 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -603,7 +603,10 @@ got_connection: /* Must use the userPrincipalName value here or sAMAccountName and not servicePrincipalName; found by Guenther Deschner */ - asprintf(&ads->auth.user_name, "%s$", global_myname() ); + if (asprintf(&ads->auth.user_name, "%s$", global_myname() ) == -1) { + DEBUG(0,("ads_connect: asprintf fail.\n")); + ads->auth.user_name = NULL; + } } if (!ads->auth.realm) { @@ -619,10 +622,11 @@ got_connection: /* this is a really nasty hack to avoid ADS DNS problems. It needs a patch to MIT kerberos to work (tridge) */ { - char *env; - asprintf(&env, "KRB5_KDC_ADDRESS_%s", ads->config.realm); - setenv(env, ads->auth.kdc_server, 1); - free(env); + char *env = NULL; + if (asprintf(&env, "KRB5_KDC_ADDRESS_%s", ads->config.realm) > 0) { + setenv(env, ads->auth.kdc_server, 1); + free(env); + } } #endif diff --git a/source3/libads/ldap_printer.c b/source3/libads/ldap_printer.c index 0a42f00b39..169c3bba1d 100644 --- a/source3/libads/ldap_printer.c +++ b/source3/libads/ldap_printer.c @@ -31,7 +31,7 @@ const char *servername) { ADS_STATUS status; - char *srv_dn, **srv_cn, *s; + char *srv_dn, **srv_cn, *s = NULL; const char *attrs[] = {"*", "nTSecurityDescriptor", NULL}; status = ads_find_machine_acct(ads, res, servername); @@ -41,25 +41,43 @@ return status; } if (ads_count_replies(ads, *res) != 1) { + if (res) { + ads_msgfree(ads, *res); + *res = NULL; + } return ADS_ERROR(LDAP_NO_SUCH_OBJECT); } srv_dn = ldap_get_dn(ads->ldap.ld, *res); if (srv_dn == NULL) { + if (res) { + ads_msgfree(ads, *res); + *res = NULL; + } return ADS_ERROR(LDAP_NO_MEMORY); } srv_cn = ldap_explode_dn(srv_dn, 1); if (srv_cn == NULL) { ldap_memfree(srv_dn); + if (res) { + ads_msgfree(ads, *res); + *res = NULL; + } return ADS_ERROR(LDAP_INVALID_DN_SYNTAX); } - ads_msgfree(ads, *res); + if (res) { + ads_msgfree(ads, *res); + *res = NULL; + } - asprintf(&s, "(cn=%s-%s)", srv_cn[0], printer); + if (asprintf(&s, "(cn=%s-%s)", srv_cn[0], printer) == -1) { + ldap_memfree(srv_dn); + return ADS_ERROR(LDAP_NO_MEMORY); + } status = ads_search(ads, res, s, attrs); ldap_memfree(srv_dn); ldap_value_free(srv_cn); - free(s); + SAFE_FREE(s); return status; } diff --git a/source3/libads/ldap_user.c b/source3/libads/ldap_user.c index bef2c91292..eecd9045e5 100644 --- a/source3/libads/ldap_user.c +++ b/source3/libads/ldap_user.c @@ -35,7 +35,10 @@ return ADS_ERROR(LDAP_NO_MEMORY); } - asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user); + if (asprintf(&ldap_exp, "(samAccountName=%s)", escaped_user) == -1) { + SAFE_FREE(escaped_user); + return ADS_ERROR(LDAP_NO_MEMORY); + } status = ads_search(ads, res, ldap_exp, attrs); SAFE_FREE(ldap_exp); SAFE_FREE(escaped_user); diff --git a/source3/libads/util.c b/source3/libads/util.c index 9866a15285..2c7ccfebd6 100644 --- a/source3/libads/util.c +++ b/source3/libads/util.c @@ -71,7 +71,11 @@ ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, strlower_m(server); strupper_m(server_realm); - asprintf(&princ, "ldap/%s@%s", server, server_realm); + if (asprintf(&princ, "ldap/%s@%s", server, server_realm) == -1) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } SAFE_FREE(server); SAFE_FREE(server_realm); @@ -93,7 +97,11 @@ ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, strlower_m(server); strupper_m(server_realm); - asprintf(&princ, "ldap/%s@%s", server, server_realm); + if (asprintf(&princ, "ldap/%s@%s", server, server_realm) == -1) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } SAFE_FREE(server); SAFE_FREE(server_realm); diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 691f6ff8eb..51d979074b 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1019,8 +1019,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, return NT_STATUS_NO_TRUST_LSA_SECRET; } - asprintf(&machine_account, "%s$", machine_name); - if (!machine_account) { + if (asprintf(&machine_account, "%s$", machine_name) == -1) { SAFE_FREE(machine_password); return NT_STATUS_NO_MEMORY; } diff --git a/source3/libnet/libnet_samsync_ldif.c b/source3/libnet/libnet_samsync_ldif.c index c72eadf03f..3068f8d3eb 100644 --- a/source3/libnet/libnet_samsync_ldif.c +++ b/source3/libnet/libnet_samsync_ldif.c @@ -586,7 +586,7 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx, uchar zero_buf[16]; uint32 rid = 0, group_rid = 0, gidNumber = 0; time_t unix_time; - int i; + int i, ret; memset(zero_buf, '\0', sizeof(zero_buf)); @@ -660,7 +660,10 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } gidNumber = groupmap[i].gidNumber; - snprintf(sambaSID, sizeof(sambaSID), groupmap[i].sambaSID); + ret = snprintf(sambaSID, sizeof(sambaSID), "%s", groupmap[i].sambaSID); + if (ret < 0 || ret == sizeof(sambaSID)) { + return NT_STATUS_UNSUCCESSFUL; + } /* Set up sambaAcctFlags */ flags = pdb_encode_acct_ctrl(r->acct_flags, diff --git a/source3/locking/posix.c b/source3/locking/posix.c index c036ee597c..9b51c3aa6a 100644 --- a/source3/locking/posix.c +++ b/source3/locking/posix.c @@ -909,13 +909,12 @@ new: start=%.0f,size=%.0f\n", (double)l_curr->start, (double)l_curr->size, */ char *msg = NULL; - /* Don't check if alloc succeeds here - we're - * forcing a core dump anyway. */ - - asprintf(&msg, "logic flaw in cases: l_curr: start = %.0f, size = %.0f : \ -lock: start = %.0f, size = %.0f", (double)l_curr->start, (double)l_curr->size, (double)lock->start, (double)lock->size ); - - smb_panic(msg); + if (asprintf(&msg, "logic flaw in cases: l_curr: start = %.0f, size = %.0f : \ +lock: start = %.0f, size = %.0f", (double)l_curr->start, (double)l_curr->size, (double)lock->start, (double)lock->size ) != -1) { + smb_panic(msg); + } else { + smb_panic("posix_lock_list"); + } } } /* end for ( l_curr = lhead; l_curr;) */ } /* end for (i=0; i<num_locks && ul_head; i++) */ diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 8f03ae8fd7..274c79904e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -94,8 +94,6 @@ static int config_backend = CONFIG_BACKEND_FILE; #define USERSHARE_VALID 1 #define USERSHARE_PENDING_DELETE 2 -extern int extra_time_offset; - static bool defaults_saved = False; struct param_opt_struct { diff --git a/source3/passdb/login_cache.c b/source3/passdb/login_cache.c index 8222f77b95..4e14293e73 100644 --- a/source3/passdb/login_cache.c +++ b/source3/passdb/login_cache.c @@ -35,14 +35,13 @@ bool login_cache_init(void) /* skip file open if it's already opened */ if (cache) return True; - asprintf(&cache_fname, "%s/%s", lp_lockdir(), LOGIN_CACHE_FILE); - if (cache_fname) - DEBUG(5, ("Opening cache file at %s\n", cache_fname)); - else { + if (asprintf(&cache_fname, "%s/%s", lp_lockdir(), LOGIN_CACHE_FILE) == -1) { DEBUG(0, ("Filename allocation failed.\n")); return False; } + DEBUG(5, ("Opening cache file at %s\n", cache_fname)); + cache = tdb_open_log(cache_fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 8367d6a9ad..bb0daaa3f4 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -686,12 +686,16 @@ NTSTATUS local_password_change(const char *user_name, } if (!NT_STATUS_IS_OK(result)) { - asprintf(pp_err_str, "Failed to " "initialize account for user %s: %s\n", - user_name, nt_errstr(result)); + if (asprintf(pp_err_str, "Failed to " "initialize account for user %s: %s\n", + user_name, nt_errstr(result)) < 0) { + *pp_err_str = NULL; + } return result; } } else { - asprintf(pp_err_str, "Failed to find entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to find entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } return NT_STATUS_NO_SUCH_USER; } } else { @@ -704,19 +708,25 @@ NTSTATUS local_password_change(const char *user_name, other_acb = (pdb_get_acct_ctrl(sam_pass) & (~(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL))); if (local_flags & LOCAL_TRUST_ACCOUNT) { if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb, PDB_CHANGED) ) { - asprintf(pp_err_str, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) { if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST | other_acb, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'domain trust account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'domain trust account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else { if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL | other_acb, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'normal account' flags for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'normal account' flags for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -729,13 +739,17 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_DISABLE_USER) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_ENABLE_USER) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -743,7 +757,9 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_SET_NO_PASSWORD) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ, PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to set 'no password required' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set 'no password required' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -759,19 +775,25 @@ NTSTATUS local_password_change(const char *user_name, */ if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED)) { if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'disabled' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } if (!pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ), PDB_CHANGED)) { - asprintf(pp_err_str, "Failed to unset 'no password required' flag for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to unset 'no password required' flag for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) { - asprintf(pp_err_str, "Failed to set password for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to set password for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } @@ -779,34 +801,51 @@ NTSTATUS local_password_change(const char *user_name, if (local_flags & LOCAL_ADD_USER) { if (NT_STATUS_IS_OK(pdb_add_sam_account(sam_pass))) { - asprintf(pp_msg_str, "Added user %s.\n", user_name); + if (asprintf(pp_msg_str, "Added user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_OK; } else { - asprintf(pp_err_str, "Failed to add entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to add entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } } else if (local_flags & LOCAL_DELETE_USER) { if (!NT_STATUS_IS_OK(pdb_delete_sam_account(sam_pass))) { - asprintf(pp_err_str, "Failed to delete entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to delete entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return NT_STATUS_UNSUCCESSFUL; } - asprintf(pp_msg_str, "Deleted user %s.\n", user_name); + if (asprintf(pp_msg_str, "Deleted user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } } else { result = pdb_update_sam_account(sam_pass); if(!NT_STATUS_IS_OK(result)) { - asprintf(pp_err_str, "Failed to modify entry for user %s.\n", user_name); + if (asprintf(pp_err_str, "Failed to modify entry for user %s.\n", user_name) < 0) { + *pp_err_str = NULL; + } TALLOC_FREE(sam_pass); return result; } - if(local_flags & LOCAL_DISABLE_USER) - asprintf(pp_msg_str, "Disabled user %s.\n", user_name); - else if (local_flags & LOCAL_ENABLE_USER) - asprintf(pp_msg_str, "Enabled user %s.\n", user_name); - else if (local_flags & LOCAL_SET_NO_PASSWORD) - asprintf(pp_msg_str, "User %s password set to none.\n", user_name); + if(local_flags & LOCAL_DISABLE_USER) { + if (asprintf(pp_msg_str, "Disabled user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } else if (local_flags & LOCAL_ENABLE_USER) { + if (asprintf(pp_msg_str, "Enabled user %s.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } else if (local_flags & LOCAL_SET_NO_PASSWORD) { + if (asprintf(pp_msg_str, "User %s password set to none.\n", user_name) < 0) { + *pp_msg_str = NULL; + } + } } TALLOC_FREE(sam_pass); diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 5a79f09db0..b13644bac3 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -179,20 +179,26 @@ static struct pdb_methods *pdb_get_methods_reload( bool reload ) pdb->free_private_data( &(pdb->private_data) ); if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) { char *msg = NULL; - asprintf(&msg, "pdb_get_methods_reload: " - "failed to get pdb methods for backend %s\n", - lp_passdb_backend()); - smb_panic(msg); + if (asprintf(&msg, "pdb_get_methods_reload: " + "failed to get pdb methods for backend %s\n", + lp_passdb_backend()) > 0) { + smb_panic(msg); + } else { + smb_panic("pdb_get_methods_reload"); + } } } if ( !pdb ) { if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) { char *msg = NULL; - asprintf(&msg, "pdb_get_methods_reload: " - "failed to get pdb methods for backend %s\n", - lp_passdb_backend()); - smb_panic(msg); + if (asprintf(&msg, "pdb_get_methods_reload: " + "failed to get pdb methods for backend %s\n", + lp_passdb_backend()) > 0) { + smb_panic(msg); + } else { + smb_panic("pdb_get_methods_reload"); + } } } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 95e9a01ba3..f031483ea1 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -4184,9 +4184,10 @@ static char *get_ldap_filter(TALLOC_CTX *mem_ctx, const char *username) char *escaped = NULL; char *result = NULL; - asprintf(&filter, "(&%s(objectclass=%s))", - "(uid=%u)", LDAP_OBJ_SAMBASAMACCOUNT); - if (filter == NULL) goto done; + if (asprintf(&filter, "(&%s(objectclass=%s))", + "(uid=%u)", LDAP_OBJ_SAMBASAMACCOUNT) < 0) { + goto done; + } escaped = escape_ldap_string_alloc(username); if (escaped == NULL) goto done; diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index ba1fb4352c..3a81f27ad6 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -3187,7 +3187,9 @@ static bool map_nt_printer_info2_to_dsspooler(NT_PRINTER_INFO_LEVEL_2 *info2) map_sz_into_ctr(ctr, SPOOL_REG_SERVERNAME, longname); - asprintf(&allocated_string, "\\\\%s\\%s", longname, info2->sharename); + if (asprintf(&allocated_string, "\\\\%s\\%s", longname, info2->sharename) == -1) { + return false; + } map_sz_into_ctr(ctr, SPOOL_REG_UNCNAME, allocated_string); SAFE_FREE(allocated_string); @@ -3267,6 +3269,7 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, struct GUID guid; WERROR win_rc = WERR_OK; size_t converted_size; + int ret; DEBUG(5, ("publishing printer %s\n", printer->info_2->printername)); @@ -3278,27 +3281,23 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, srv_dn_utf8 = ldap_get_dn((LDAP *)ads->ldap.ld, (LDAPMessage *)res); if (!srv_dn_utf8) { - ads_destroy(&ads); return WERR_SERVER_UNAVAILABLE; } ads_msgfree(ads, res); srv_cn_utf8 = ldap_explode_dn(srv_dn_utf8, 1); if (!srv_cn_utf8) { ldap_memfree(srv_dn_utf8); - ads_destroy(&ads); return WERR_SERVER_UNAVAILABLE; } /* Now convert to CH_UNIX. */ if (!pull_utf8_allocate(&srv_dn, srv_dn_utf8, &converted_size)) { ldap_memfree(srv_dn_utf8); ldap_memfree(srv_cn_utf8); - ads_destroy(&ads); return WERR_SERVER_UNAVAILABLE; } if (!pull_utf8_allocate(&srv_cn_0, srv_cn_utf8[0], &converted_size)) { ldap_memfree(srv_dn_utf8); ldap_memfree(srv_cn_utf8); - ads_destroy(&ads); SAFE_FREE(srv_dn); return WERR_SERVER_UNAVAILABLE; } @@ -3309,27 +3308,28 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, srv_cn_escaped = escape_rdn_val_string_alloc(srv_cn_0); if (!srv_cn_escaped) { SAFE_FREE(srv_cn_0); - ldap_memfree(srv_dn_utf8); - ads_destroy(&ads); + SAFE_FREE(srv_dn); return WERR_SERVER_UNAVAILABLE; } sharename_escaped = escape_rdn_val_string_alloc(printer->info_2->sharename); if (!sharename_escaped) { SAFE_FREE(srv_cn_escaped); SAFE_FREE(srv_cn_0); - ldap_memfree(srv_dn_utf8); - ads_destroy(&ads); + SAFE_FREE(srv_dn); return WERR_SERVER_UNAVAILABLE; } - - asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn_escaped, sharename_escaped, srv_dn); + ret = asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn_escaped, sharename_escaped, srv_dn); SAFE_FREE(srv_dn); SAFE_FREE(srv_cn_0); SAFE_FREE(srv_cn_escaped); SAFE_FREE(sharename_escaped); + if (ret == -1) { + return WERR_NOMEM; + } + /* build the ads mods */ ctx = talloc_init("nt_printer_publish_ads"); if (ctx == NULL) { @@ -3381,7 +3381,7 @@ static WERROR nt_printer_unpublish_ads(ADS_STRUCT *ads, NT_PRINTER_INFO_LEVEL *printer) { ADS_STATUS ads_rc; - LDAPMessage *res; + LDAPMessage *res = NULL; char *prt_dn = NULL; DEBUG(5, ("unpublishing printer %s\n", printer->info_2->printername)); @@ -3390,7 +3390,7 @@ static WERROR nt_printer_unpublish_ads(ADS_STRUCT *ads, ads_rc = ads_find_printer_on_server(ads, &res, printer->info_2->sharename, global_myname()); - if (ADS_ERR_OK(ads_rc) && ads_count_replies(ads, res)) { + if (ADS_ERR_OK(ads_rc) && res && ads_count_replies(ads, res)) { prt_dn = ads_get_dn(ads, res); if (!prt_dn) { ads_msgfree(ads, res); @@ -3400,7 +3400,9 @@ static WERROR nt_printer_unpublish_ads(ADS_STRUCT *ads, ads_memfree(ads, prt_dn); } - ads_msgfree(ads, res); + if (res) { + ads_msgfree(ads, res); + } return WERR_OK; } diff --git a/source3/printing/print_generic.c b/source3/printing/print_generic.c index 5806b29206..b789354999 100644 --- a/source3/printing/print_generic.c +++ b/source3/printing/print_generic.c @@ -205,7 +205,9 @@ static int generic_job_submit(int snum, struct printjob *pjob) out: - chdir(wd); + if (chdir(wd) == -1) { + smb_panic("chdir failed in generic_job_submit"); + } TALLOC_FREE(current_directory); return ret; } diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 377ed505b4..839833ce54 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -54,10 +54,13 @@ bool init_pipe_handle_list(pipes_struct *p, const char *pipe_name) (is_samr_lsa_pipe(plist->name) && is_samr_lsa_pipe(pipe_name))) { if (!plist->pipe_handles) { char *msg; - asprintf(&msg, "init_pipe_handles: NULL " - "pipe_handle pointer in pipe %s", - pipe_name); - smb_panic(msg); + if (asprintf(&msg, "init_pipe_handles: NULL " + "pipe_handle pointer in pipe %s", + pipe_name) != -1) { + smb_panic(msg); + } else { + smb_panic("init_pipe_handle_list"); + } } hl = plist->pipe_handles; break; diff --git a/source3/smbd/fileio.c b/source3/smbd/fileio.c index 60aeeef1e2..e67f926a04 100644 --- a/source3/smbd/fileio.c +++ b/source3/smbd/fileio.c @@ -867,11 +867,14 @@ void set_filelen_write_cache(files_struct *fsp, SMB_OFF_T file_size) /* The cache *must* have been flushed before we do this. */ if (fsp->wcp->data_size != 0) { char *msg; - asprintf(&msg, "set_filelen_write_cache: size change " + if (asprintf(&msg, "set_filelen_write_cache: size change " "on file %s with write cache size = %lu\n", fsp->fsp_name, - (unsigned long)fsp->wcp->data_size); - smb_panic(msg); + (unsigned long)fsp->wcp->data_size) != -1) { + smb_panic(msg); + } else { + smb_panic("set_filelen_write_cache"); + } } fsp->wcp->file_size = file_size; } diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index 3822ee191e..bd4d853885 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -128,8 +128,7 @@ static NTSTATUS get_srv_gss_creds(const char *service, gss_OID_desc nt_hostbased_service = {10, CONST_DISCARD(char *,"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04")}; - asprintf(&host_princ_s, "%s@%s", service, name); - if (host_princ_s == NULL) { + if (asprintf(&host_princ_s, "%s@%s", service, name) == -1) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 27e29515e4..1d724bafd8 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3687,7 +3687,7 @@ static NTSTATUS marshall_stream_info(unsigned int num_streams, unsigned int i; unsigned int ofs = 0; - for (i=0; i<num_streams; i++) { + for (i = 0; i < num_streams && ofs <= max_data_bytes; i++) { unsigned int next_offset; size_t namelen; smb_ucs2_t *namebuf; @@ -3706,11 +3706,6 @@ static NTSTATUS marshall_stream_info(unsigned int num_streams, namelen -= 2; - if (ofs + 24 + namelen > max_data_bytes) { - TALLOC_FREE(namebuf); - return NT_STATUS_BUFFER_TOO_SMALL; - } - SIVAL(data, ofs+4, namelen); SOFF_T(data, ofs+8, streams[i].size); SOFF_T(data, ofs+16, streams[i].alloc_size); @@ -3725,10 +3720,6 @@ static NTSTATUS marshall_stream_info(unsigned int num_streams, else { unsigned int align = ndr_align_size(next_offset, 8); - if (next_offset + align > max_data_bytes) { - return NT_STATUS_BUFFER_TOO_SMALL; - } - memset(data+next_offset, 0, align); next_offset += align; |