diff options
| author | Andrew Tridgell <tridge@samba.org> | 2005-08-17 01:25:58 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:33:25 -0500 |
| commit | 9fffd12799239219a276b1ca83319d1340d97232 (patch) | |
| tree | 1f83f41dcab7551040d9ebb7b027971f4715df74 /source4/rpc_server | |
| parent | c463b98c583714ccd02b878f9f968bcf2b5685de (diff) | |
| download | samba-9fffd12799239219a276b1ca83319d1340d97232.tar.gz samba-9fffd12799239219a276b1ca83319d1340d97232.tar.bz2 samba-9fffd12799239219a276b1ca83319d1340d97232.zip | |
r9338: fixed the winreg IDL to be correct for the EnumKey and EnumValue
calls. The previous IDL was just a workaround for the limitations of
our older rpc infrastructure. Now that Jelmer has added much improved
string support using the charset keyword we can correctly implemenent
the unusual winreg string buffers.
Jelmer, note the little comment I put on winreg_StringBuf() about why
I couldn't use [value()] for the length field.
This also fixes EnumKey() and EnumValue() to use NTTIME fields for the
last_changed_time. I don't know why we were using a pair of uint32's,
as it is just a NTTIME.
(This used to be commit 8354b016122cc4f3cff042b3ada1de07e1614eb7)
Diffstat (limited to 'source4/rpc_server')
| -rw-r--r-- | source4/rpc_server/winreg/rpc_winreg.c | 50 |
1 files changed, 38 insertions, 12 deletions
diff --git a/source4/rpc_server/winreg/rpc_winreg.c b/source4/rpc_server/winreg/rpc_winreg.c index 050df29727..431323d1b6 100644 --- a/source4/rpc_server/winreg/rpc_winreg.c +++ b/source4/rpc_server/winreg/rpc_winreg.c @@ -166,11 +166,13 @@ static WERROR winreg_EnumKey(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem r->out.result = reg_key_get_subkey_by_index(mem_ctx, (struct registry_key *)h->data, r->in.enum_index, &key); if (W_ERROR_IS_OK(r->out.result)) { - r->out.key_name_len = strlen(key->name); - r->out.out_name = talloc_zero(mem_ctx, struct winreg_EnumKeyNameResponse); - r->out.out_name->name = key->name; - r->out.class = talloc_zero(mem_ctx, struct winreg_String); - r->out.last_changed_time = talloc_zero(mem_ctx, struct winreg_Time); + if (2*strlen_m(key->name) > r->in.name->size) { + return WERR_MORE_DATA; + } + r->out.name->length = 2*strlen_m(key->name); + r->out.name->name = key->name; + r->out.class = talloc_zero(mem_ctx, struct winreg_StringBuf); + r->out.last_changed_time = &key->last_mod; } return r->out.result; @@ -196,14 +198,38 @@ static WERROR winreg_EnumValue(struct dcesrv_call_state *dce_call, TALLOC_CTX *m if (!W_ERROR_IS_OK(result)) { return result; } + + /* the client can optionally pass a NULL for type, meaning they don't + want that back */ + if (r->in.type != NULL) { + r->out.type = talloc(mem_ctx, uint32_t); + *r->out.type = value->data_type; + } + + /* check the client has enough room for the value */ + if (r->in.size != NULL && + value->data_len > *r->in.size) { + return WERR_MORE_DATA; + } - r->out.type = talloc(mem_ctx, uint32_t); - *r->out.type = value->data_type; - r->out.name_out.name = value->name; - r->out.value = value->data_blk; - r->out.size = talloc(mem_ctx, uint32_t); - r->out.length = r->out.size; - *r->out.size = value->data_len; + /* and enough room for the name */ + if (r->in.name->size < 2*strlen_m(value->name)) { + return WERR_MORE_DATA; + } + + r->out.name->name = value->name; + r->out.name->length = 2*strlen_m(value->name); + r->out.name->size = 2*strlen_m(value->name); + + if (r->in.value) { + r->out.value = value->data_blk; + } + + if (r->in.size) { + r->out.size = talloc(mem_ctx, uint32_t); + *r->out.size = value->data_len; + r->out.length = r->out.size; + } return WERR_OK; } |