added a basic dcerpc endpoint mapper to Samba4. Currently only

implements the epm_Lookup() call, I'll add the other important calls
soon. I was rather pleased to find that epm_Lookup() worked first
time, which is particularly surprising given its complexity.

This required quite a bit of new infrastructure:

  * a generic way of handling dcerpc policy handles in the rpc server

  * added type checked varients of talloc. These are much less error
    prone. I'd like to move to using these for nearly all uses of
    talloc.

  * added more dcerpc fault handling code, and translation from
    NTSTATUS to a dcerpc fault code

  * added data_blob_talloc_zero() for allocating an initially zero
    blob

  * added a endpoint enumeration hook in the dcerpc endpoint server
    operations
(This used to be commit 3f85f9b782dc17417baf1ca557fcae22f5b6a83a)

4 files changed, 80 insertions, 14 deletions

diff --git a/source4/lib/data_blob.c b/source4/lib/data_blob.c
index 457ad382a2..b5d1b4076e 100644
--- a/source4/lib/data_blob.c
+++ b/source4/lib/data_blob.c
@@ -88,6 +88,18 @@ DATA_BLOB data_blob_talloc(TALLOC_CTX *mem_ctx, const void *p, size_t length)
 }
 
 /*******************************************************************
+ construct a zero data blob, using supplied TALLOC_CTX. 
+ use this sparingly as it initialises data - better to initialise
+ yourself if you want specific data in the blob
+*******************************************************************/
+DATA_BLOB data_blob_talloc_zero(TALLOC_CTX *mem_ctx, size_t length)
+{
+	DATA_BLOB blob = data_blob_talloc(mem_ctx, NULL, length);
+	data_blob_clear(&blob);
+	return blob;
+}
+
+/*******************************************************************
 free a data blob
 *******************************************************************/
 void data_blob_free(DATA_BLOB *d)
diff --git a/source4/lib/genparser.c b/source4/lib/genparser.c
index 39c455def4..0f5d26620b 100644
--- a/source4/lib/genparser.c
+++ b/source4/lib/genparser.c
@@ -22,17 +22,6 @@
 
 #include "includes.h"
 
-/* see if a range of memory is all zero. Used to prevent dumping of zero elements */
-static int all_zero(const char *ptr, unsigned size)
-{
-	int i;
-	if (!ptr) return 1;
-	for (i=0;i<size;i++) {
-		if (ptr[i]) return 0;
-	}
-	return 1;
-}
-
 /* encode a buffer of bytes into a escaped string */
 static char *encode_bytes(TALLOC_CTX *mem_ctx, const char *ptr, unsigned len)
 {
diff --git a/source4/lib/talloc.c b/source4/lib/talloc.c
index 83a99d8071..25871feac1 100644
--- a/source4/lib/talloc.c
+++ b/source4/lib/talloc.c
@@ -48,12 +48,13 @@
  **/
 
 /**
- * If you want testing for memory corruption, link with dmalloc or use
- * Insure++.  It doesn't seem useful to duplicate them here.
+ * If you want testing for memory corruption use valgrind
  **/
 
 #include "includes.h"
 
+#define MAX_TALLOC_SIZE 0x10000000
+
 struct talloc_chunk {
 	struct talloc_chunk *next;
 	size_t size;
@@ -188,8 +189,14 @@ void *talloc_realloc(TALLOC_CTX *t, void *ptr, size_t size)
 	void *new_ptr;
 
 	/* size zero is equivalent to free() */
-	if (!t || size == 0)
+	if (!t) {
 		return NULL;
+	}
+
+	if (size == 0) {
+		talloc_free(t, ptr);
+		return NULL;
+	}
 
 	/* realloc(NULL) is equavalent to malloc() */
 	if (ptr == NULL)
@@ -471,6 +478,39 @@ void talloc_get_allocation(TALLOC_CTX *t,
 
 
 /* 
+   free a lump from a pool. Use sparingly please.
+*/
+void talloc_free(TALLOC_CTX *ctx, void *ptr)
+{
+	struct talloc_chunk *tc;
+
+	if (!ptr || !ctx->list) return;
+
+	/* as a special case, see if its the first element in the
+	   list */
+	if (ctx->list->ptr == ptr) {
+		ctx->total_alloc_size -= ctx->list->size;
+		ctx->list = ctx->list->next;
+		free(ptr);
+		return;
+	}
+
+	/* find it in the context */
+	for (tc=ctx->list; tc->next; tc=tc->next) {
+		if (tc->next->ptr == ptr) break;
+	}
+
+	if (tc->next) {
+		ctx->total_alloc_size -= tc->next->size;
+		tc->next = tc->next->next;
+	} else {
+		DEBUG(0,("Attempt to free non-allocated chunk in context '%s'\n", 
+			 ctx->name));
+	}
+}
+
+
+/* 
    move a lump of memory from one talloc context to another
    return the ptr on success, or NULL if it could not be found
    in the old context or could not be transferred
@@ -511,5 +551,16 @@ const void *talloc_steal(TALLOC_CTX *old_ctx, TALLOC_CTX *new_ctx, const void *p
 	return ptr;
 }
 
+/*
+  realloc an array, checking for integer overflow in the array size
+*/
+void *talloc_realloc_array(TALLOC_CTX *ctx, void *ptr, size_t el_size, unsigned count)
+{
+	if (count == 0 ||
+	    count >= MAX_TALLOC_SIZE/el_size) {
+		return NULL;
+	}
+	return talloc_realloc(ctx, ptr, el_size * count);
+}
 
 /** @} */
diff --git a/source4/lib/util.c b/source4/lib/util.c
index 9b6cef8bfe..233609263d 100644
--- a/source4/lib/util.c
+++ b/source4/lib/util.c
@@ -1009,3 +1009,17 @@ void dump_data_pw(const char *msg, const uchar * data, size_t len)
 	}
 #endif
 }
+
+
+/* see if a range of memory is all zero. A NULL pointer is considered
+   to be all zero */
+BOOL all_zero(const char *ptr, unsigned size)
+{
+	int i;
+	if (!ptr) return True;
+	for (i=0;i<size;i++) {
+		if (ptr[i]) return False;
+	}
+	return True;
+}
+