diff options
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/lib/util_unistr.c | 43 | ||||
-rw-r--r-- | source3/rpc_parse/parse_misc.c | 17 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 41 | ||||
-rw-r--r-- | source3/rpc_parse/parse_samr.c | 25 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 2 |
7 files changed, 89 insertions, 45 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 8b4fcb173d..79c742e0a8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -17,6 +17,9 @@ void cmd_tar(void); int process_tar(void); int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind); +/*The following definitions come from groupdb/mapping.c */ + + /*The following definitions come from lib/access.c */ BOOL allow_access(char *deny_list,char *allow_list, @@ -2472,6 +2475,7 @@ BOOL prs_uint32(char *name, prs_struct *ps, int depth, uint32 *data32); BOOL prs_uint8s(BOOL charmode, char *name, prs_struct *ps, int depth, uint8 *data8s, int len); BOOL prs_uint16s(BOOL charmode, char *name, prs_struct *ps, int depth, uint16 *data16s, int len); BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *data32s, int len); +BOOL prs_buffer5(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER5 *str); BOOL prs_buffer2(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER2 *str); BOOL prs_string2(BOOL charmode, char *name, prs_struct *ps, int depth, STRING2 *str); BOOL prs_unistr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNISTR2 *str); diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index 74ecc841d0..5e86d5db0b 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -282,38 +282,37 @@ void unistr_to_ascii(char *dest, const uint16 *src, int len) void unistr2_to_ascii(char *dest, const UNISTR2 *str, size_t maxlen) { - char *destend; - const uint16 *src; + char *p; + uint16 *src; size_t len; - register uint16 c; + int i; + + if (str == NULL) { + *dest='\0'; + return; + } src = str->buffer; len = MIN(str->uni_str_len, maxlen); - destend = dest + len; - while (dest < destend) - { - uint16 ucs2_val; - uint16 cp_val; + if (len == 0) { + *dest='\0'; + return; + } + + for (p = dest; *src && p-dest < len; src++) { + uint16 ucs2_val = SVAL(src,0); + uint16 cp_val = ucs2_to_doscp[ucs2_val]; - c = *src; - if (c == 0) - { - break; - } - - ucs2_val = SVAL(src++,0); - cp_val = ucs2_to_doscp[ucs2_val]; - if (cp_val < 256) - *(dest++) = (char)cp_val; + *p++ = (char)cp_val; else { - *dest= (cp_val >> 8) & 0xff; - *(dest++) = (cp_val & 0xff); + *p = (cp_val >> 8) & 0xff; + *p++ = (cp_val & 0xff); } } - - *dest = 0; + + *p = 0; } diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 859a800771..0a2f49d4dd 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -647,17 +647,14 @@ BOOL smb_io_buffer5(char *desc, BUFFER5 *buf5, prs_struct *ps, int depth) if (buf5 == NULL) return False; - prs_align(ps); - prs_uint32("buf_len", ps, depth, &(buf5->buf_len)); + if(!prs_align(ps)) + return False; + if(!prs_uint32("buf_len", ps, depth, &buf5->buf_len)) + return False; - /* reading: alloc the buffer first */ - if ( UNMARSHALLING(ps) ) { - buf5->buffer=(uint16 *)prs_alloc_mem(ps, sizeof(uint16)*buf5->buf_len ); - if (buf5->buffer == NULL) - return False; - } - - prs_uint16s(True, "buffer", ps, depth, buf5->buffer, buf5->buf_len); + + if(!prs_buffer5(True, "buffer" , ps, depth, buf5)) + return False; return True; } diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index e800c20290..5621a2c210 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -563,6 +563,47 @@ BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *d } /****************************************************************** + Stream an array of unicode string, length/buffer specified separately, + in uint16 chars. We use DBG_RW_PCVAL, not DBG_RW_PSVAL here + as the unicode string is already in little-endian format. + ********************************************************************/ + +BOOL prs_buffer5(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER5 *str) +{ + char *p; + char *q = prs_mem_get(ps, str->buf_len * sizeof(uint16)); + if (q == NULL) + return False; + + if (UNMARSHALLING(ps)) { + str->buffer = (uint16 *)prs_alloc_mem(ps,str->buf_len * sizeof(uint16)); + if (str->buffer == NULL) + return False; + memset(str->buffer, '\0', str->buf_len * sizeof(uint16)); + } + + /* If the string is empty, we don't have anything to stream */ + if (str->buf_len==0) + return True; + + p = (char *)str->buffer; + + /* If we're using big-endian, reverse to get little-endian. */ + if(ps->bigendian_data) { + DBG_RW_PSVAL(charmode, name, depth, ps->data_offset, + ps->io, ps->bigendian_data, q, p, + str->buf_len) + } else { + DBG_RW_PCVAL(charmode, name, depth, ps->data_offset, + ps->io, q, p, str->buf_len * sizeof(uint16)) + } + + ps->data_offset += (str->buf_len * sizeof(uint16)); + + return True; +} + +/****************************************************************** Stream a "not" unicode string, length/buffer specified separately, in byte chars. String is in little-endian format. ********************************************************************/ diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index c36ca06aae..aa08606a57 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -3890,22 +3890,25 @@ BOOL samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct **********************************************************************/ BOOL samr_io_q_lookup_domain(char* desc, SAMR_Q_LOOKUP_DOMAIN* q_u, prs_struct *ps, int depth) { - if (q_u == NULL) - return False; + if (q_u == NULL) + return False; - prs_debug(ps, depth, desc, "samr_io_q_lookup_domain"); - depth++; + prs_debug(ps, depth, desc, "samr_io_q_lookup_domain"); + depth++; + + if(!prs_align(ps)) + return False; - prs_align(ps); + if(!smb_io_pol_hnd("connect_pol", &q_u->connect_pol, ps, depth)) + return False; - smb_io_pol_hnd("connect_pol", &(q_u->connect_pol), ps, depth); + if(!smb_io_unihdr("hdr_domain", &q_u->hdr_domain, ps, depth)) + return False; - smb_io_unihdr("hdr_domain", &(q_u->hdr_domain), ps, depth); - smb_io_unistr2("uni_domain", &(q_u->uni_domain), - q_u->hdr_domain.buffer, ps, depth); - prs_align(ps); + if(!smb_io_unistr2("uni_domain", &q_u->uni_domain, q_u->hdr_domain.buffer, ps, depth)) + return False; - return True; + return True; } /******************************************************************* diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index aea7294ffe..5fc40d692c 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -88,7 +88,7 @@ Init dom_query static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid) { - int domlen = (dom_name != NULL) ? strlen(dom_name) : 0; + int domlen = (dom_name != NULL) ? strlen(dom_name)+1 : 0; d_q->uni_dom_max_len = domlen * 2; d_q->uni_dom_str_len = domlen * 2; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index c2054143b7..a4f5e257f1 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2021,7 +2021,7 @@ static DEVICEMODE *construct_dev_mode(int snum) DEBUGADD(8,("loading DEVICEMODE\n")); - safe_strcpy(adevice, printer->info_2->printername, sizeof(adevice)); + snprintf(adevice, sizeof(adevice), printer->info_2->printername); init_unistr(&devmode->devicename, adevice); snprintf(aform, sizeof(aform), ntdevmode->formname); |