* fixed null terminated string handling

* fixed nested relative offsets in push functions the spoolss torture test now passes! (This used to be commit 60ced76160e4f4e2b511ebbeec31130c8ebcdd22)
author: Andrew Tridgell <tridge@samba.org> 2003-11-22 11:49:22 +0000
committer: Andrew Tridgell <tridge@samba.org> 2003-11-22 11:49:22 +0000
commit: be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3 (patch)
tree: f7c66a83daa4a555a7029a54b2fc7886ad1f0d91 /source4/librpc
parent: 677fb26deba2e8b8965c41d7b7455063db031a2c (diff)
download: samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.tar.gz
samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.tar.bz2
samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.zip
3 files changed, 15 insertions, 10 deletions
diff --git a/source4/librpc/ndr/ndr.c b/source4/librpc/ndr/ndr.c
index f22145af97..44472147fd 100644
--- a/source4/librpc/ndr/ndr.c
+++ b/source4/librpc/ndr/ndr.c
@@ -727,7 +727,7 @@ NTSTATUS ndr_push_relative(struct ndr_push *ndr, int ndr_flags, const void *p,
 		NDR_CHECK(ndr_push_align(ndr, 8));
 		ndr_push_save(ndr, &save);
 		ndr->offset = ofs->offset;
-		NDR_CHECK(ndr_push_uint32(ndr, save.offset + ndr->ofs_list->offset));
+		NDR_CHECK(ndr_push_uint32(ndr, save.offset - ndr->ofs_list->offset));
 		ndr_push_restore(ndr, &save);
 		NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p));
 	}
diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c
index a3c4bc0aec..4d0be44a89 100644
--- a/source4/librpc/ndr/ndr_basic.c
+++ b/source4/librpc/ndr/ndr_basic.c
@@ -397,15 +397,20 @@ NTSTATUS ndr_pull_string(struct ndr_pull *ndr, int ndr_flags, const char **s)
 		break;
 
 	case LIBNDR_FLAG_STR_NULLTERM:
+		len1 = strnlen_w(ndr->data+ndr->offset, 
+				 (ndr->data_size - ndr->offset)/2);
+		if (len1*2+2 <= ndr->data_size - ndr->offset) {
+			len1++;
+		}
 		ret = convert_string_talloc(ndr->mem_ctx, CH_UCS2, CH_UNIX, 
 					    ndr->data+ndr->offset, 
-					    ndr->data_size - ndr->offset,
+					    len1*2,
 					    (const void **)s);
 		if (ret == -1) {
 			return ndr_pull_error(ndr, NDR_ERR_CHARCNV, 
 					      "Bad character conversion");
 		}
-		NDR_CHECK(ndr_pull_advance(ndr, ret));
+		NDR_CHECK(ndr_pull_advance(ndr, len1*2));
 		break;
 
 	case LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4:
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 871d0fec24..2cb52ece0b 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -761,7 +761,7 @@ static NTSTATUS dcerpc_ndr_validate_in(TALLOC_CTX *mem_ctx,
 	status = ndr_pull(pull, NDR_IN, st);
 	if (!NT_STATUS_IS_OK(status)) {
 		return ndr_pull_error(pull, NDR_ERR_VALIDATE, 
-				      "Error in input validation pull - %s",
+				      "failed input validation pull - %s",
 				      nt_errstr(status));
 	}
 
@@ -773,7 +773,7 @@ static NTSTATUS dcerpc_ndr_validate_in(TALLOC_CTX *mem_ctx,
 	status = ndr_push(push, NDR_IN, st);
 	if (!NT_STATUS_IS_OK(status)) {
 		return ndr_push_error(push, NDR_ERR_VALIDATE, 
-				      "Error in input validation push - %s",
+				      "failed input validation push - %s",
 				      nt_errstr(status));
 	}
 
@@ -785,7 +785,7 @@ static NTSTATUS dcerpc_ndr_validate_in(TALLOC_CTX *mem_ctx,
 		DEBUG(3,("secondary:\n"));
 		dump_data(3, blob2.data, blob2.length);
 		return ndr_push_error(push, NDR_ERR_VALIDATE, 
-				      "Error in input validation data - %s",
+				      "failed input validation data - %s",
 				      nt_errstr(status));
 	}
 
@@ -825,7 +825,7 @@ static NTSTATUS dcerpc_ndr_validate_out(TALLOC_CTX *mem_ctx,
 	status = ndr_push(push, NDR_OUT, struct_ptr);
 	if (!NT_STATUS_IS_OK(status)) {
 		return ndr_push_error(push, NDR_ERR_VALIDATE, 
-				      "Error in output validation push - %s",
+				      "failed output validation push - %s",
 				      nt_errstr(status));
 	}
 
@@ -840,7 +840,7 @@ static NTSTATUS dcerpc_ndr_validate_out(TALLOC_CTX *mem_ctx,
 	status = ndr_pull(pull, NDR_OUT, st);
 	if (!NT_STATUS_IS_OK(status)) {
 		return ndr_pull_error(pull, NDR_ERR_VALIDATE, 
-				      "Error in output validation pull - %s",
+				      "failed output validation pull - %s",
 				      nt_errstr(status));
 	}
 
@@ -852,7 +852,7 @@ static NTSTATUS dcerpc_ndr_validate_out(TALLOC_CTX *mem_ctx,
 	status = ndr_push(push, NDR_OUT, st);
 	if (!NT_STATUS_IS_OK(status)) {
 		return ndr_push_error(push, NDR_ERR_VALIDATE, 
-				      "Error in output validation push2 - %s",
+				      "failed output validation push2 - %s",
 				      nt_errstr(status));
 	}
 
@@ -864,7 +864,7 @@ static NTSTATUS dcerpc_ndr_validate_out(TALLOC_CTX *mem_ctx,
 		DEBUG(3,("secondary:\n"));
 		dump_data(3, blob2.data, blob2.length);
 		return ndr_push_error(push, NDR_ERR_VALIDATE, 
-				      "Error in output validation data - %s",
+				      "failed output validation data - %s",
 				      nt_errstr(status));
 	}
author	Andrew Tridgell <tridge@samba.org>	2003-11-22 11:49:22 +0000
committer	Andrew Tridgell <tridge@samba.org>	2003-11-22 11:49:22 +0000
commit	be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3 (patch)
tree	f7c66a83daa4a555a7029a54b2fc7886ad1f0d91 /source4/librpc
parent	677fb26deba2e8b8965c41d7b7455063db031a2c (diff)
download	samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.tar.gz samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.tar.bz2 samba-be77d9c60d17e0ef2ed0b51ea0814c42a41a40a3.zip