diff options
author | Andrew Tridgell <tridge@samba.org> | 2005-01-02 23:31:12 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:08:12 -0500 |
commit | 4db9496bb41e4c05d0c1178b56b4da4e4d486697 (patch) | |
tree | 4f85789a92d73ed61cd1df0d1a8d9006ffcb9afb /source4/rpc_server | |
parent | fc275d9889b730ed0b757674abdd0d8245c81dfc (diff) | |
download | samba-4db9496bb41e4c05d0c1178b56b4da4e4d486697.tar.gz samba-4db9496bb41e4c05d0c1178b56b4da4e4d486697.tar.bz2 samba-4db9496bb41e4c05d0c1178b56b4da4e4d486697.zip |
r4490: when implementing one rpc server call in terms of another call, you
must zero r.out before making the 2nd call if the 2nd call has any
non-ref out parameters. This is needed for the case where the 2nd call
fails, and the 1st call would then fill in its out fields based on
uninitialised memory.
(This used to be commit 202470326dcfaa5d36aaaf6be47eec40fed50402)
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 3650c904a3..92de6fe402 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -3306,6 +3306,7 @@ static NTSTATUS samr_QueryUserInfo2(struct dcesrv_call_state *dce_call, TALLOC_C struct samr_QueryUserInfo r1; NTSTATUS status; + ZERO_STRUCT(r1.out); r1.in.user_handle = r->in.user_handle; r1.in.level = r->in.level; @@ -3321,7 +3322,7 @@ static NTSTATUS samr_QueryUserInfo2(struct dcesrv_call_state *dce_call, TALLOC_C samr_QueryDisplayInfo2 */ static NTSTATUS samr_QueryDisplayInfo2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct samr_QueryDisplayInfo2 *r) + struct samr_QueryDisplayInfo2 *r) { struct samr_QueryDisplayInfo q; NTSTATUS result; @@ -3331,6 +3332,7 @@ static NTSTATUS samr_QueryDisplayInfo2(struct dcesrv_call_state *dce_call, TALLO q.in.start_idx = r->in.start_idx; q.in.max_entries = r->in.max_entries; q.in.buf_size = r->in.buf_size; + ZERO_STRUCT(q.out); result = samr_QueryDisplayInfo(dce_call, mem_ctx, &q); |