diff options
-rw-r--r-- | source3/include/rpc_misc.h | 27 | ||||
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 10 | ||||
-rw-r--r-- | source3/rpc_client/cli_samr.c | 21 | ||||
-rw-r--r-- | source3/rpc_parse/parse_misc.c | 10 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_hnd.c | 18 | ||||
-rw-r--r-- | source3/rpc_server/srv_reg_nt.c | 3 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 4 |
7 files changed, 19 insertions, 74 deletions
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index 24c7150433..91e0115b69 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -97,29 +97,12 @@ typedef struct { uint32 handle; /* enumeration handle */ } ENUM_HND; +typedef struct policy_handle POLICY_HND; - -/********************************************************************** - * RPC policy handle used pretty much everywhere - **********************************************************************/ - -typedef struct { - uint32 data1; - uint32 data2; - uint16 data3; - uint16 data4; - uint8 data5[8]; -#ifdef __INSURE__ - - /* To prevent the leakage of policy handles mallocate a bit of - memory when a policy handle is created and free it when the - handle is closed. This should cause Insure to flag an error - when policy handles are overwritten or fall out of scope without - being freed. */ - - char *marker; -#endif -} POLICY_HND; +#define OUR_HANDLE(hnd) (((hnd)==NULL) ? "NULL" :\ + ( IVAL((hnd)->uuid.node,2) == (uint32)sys_getpid() ? "OURS" : \ + "OTHER")), ((unsigned int)IVAL((hnd)->uuid.node,2)),\ + ((unsigned int)sys_getpid() ) /********************************************************************** diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 8597bcb3a8..852602bb54 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -78,9 +78,6 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli, if (NT_STATUS_IS_OK(result)) { *pol = r.pol; -#ifdef __INSURE__ - pol->marker = MALLOC(1); -#endif } return result; @@ -125,9 +122,6 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli, if (NT_STATUS_IS_OK(result)) { *pol = r.pol; -#ifdef __INSURE__ - pol->marker = (char *)malloc(1); -#endif } return result; @@ -145,10 +139,6 @@ NTSTATUS rpccli_lsa_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, memcpy( &policy, pol, sizeof(policy) ); -#ifdef __INSURE__ - SAFE_FREE(pol->marker); -#endif - return rpccli_lsa_Close( cli, mem_ctx, &policy ); } diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index 4c6a868e7f..a1e226dee6 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -52,9 +52,6 @@ NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_OK(result = r.status)) { *connect_pol = r.connect_pol; -#ifdef __INSURE__ - connect_pol->marker = malloc(1); -#endif } return result; @@ -88,9 +85,6 @@ NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_OK(result = r.status)) { *connect_pol = r.connect_pol; -#ifdef __INSURE__ - connect_pol->marker = malloc(1); -#endif } return result; @@ -125,9 +119,6 @@ NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, /* Return output parameters */ if (NT_STATUS_IS_OK(result = r.status)) { -#ifdef __INSURE__ - SAFE_FREE(connect_pol->marker); -#endif *connect_pol = r.pol; } @@ -166,9 +157,6 @@ NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ct if (NT_STATUS_IS_OK(result = r.status)) { *domain_pol = r.domain_pol; -#ifdef __INSURE__ - domain_pol->marker = malloc(1); -#endif } return result; @@ -204,9 +192,6 @@ NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli, if (NT_STATUS_IS_OK(result = r.status)) { *user_pol = r.user_pol; -#ifdef __INSURE__ - user_pol->marker = malloc(1); -#endif } return result; @@ -244,9 +229,6 @@ NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli, if (NT_STATUS_IS_OK(result = r.status)) { *group_pol = r.pol; -#ifdef __INSURE__ - group_pol->marker = malloc(1); -#endif } return result; @@ -936,9 +918,6 @@ NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli, if (NT_STATUS_IS_OK(result = r.status)) { *alias_pol = r.pol; -#ifdef __INSURE__ - alias_pol->marker = malloc(1); -#endif } return result; diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 541d2d771f..ef4d0e7689 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -1695,15 +1695,9 @@ BOOL smb_io_pol_hnd(const char *desc, POLICY_HND *pol, prs_struct *ps, int depth if(UNMARSHALLING(ps)) ZERO_STRUCTP(pol); - if (!prs_uint32("data1", ps, depth, &pol->data1)) + if (!prs_uint32("handle_type", ps, depth, &pol->handle_type)) return False; - if (!prs_uint32("data2", ps, depth, &pol->data2)) - return False; - if (!prs_uint16("data3", ps, depth, &pol->data3)) - return False; - if (!prs_uint16("data4", ps, depth, &pol->data4)) - return False; - if(!prs_uint8s (False, "data5", ps, depth, pol->data5, sizeof(pol->data5))) + if (!smb_io_uuid("uuid", (struct uuid*)&pol->uuid, ps, depth)) return False; return True; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 7da87d5b93..88c59ee895 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -103,6 +103,7 @@ BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *) { static uint32 pol_hnd_low = 0; static uint32 pol_hnd_high = 0; + time_t t = time(NULL); struct policy *pol; @@ -127,12 +128,17 @@ BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *) if (pol_hnd_low == 0) (pol_hnd_high)++; - SIVAL(&pol->pol_hnd.data1, 0 , 0); /* first bit must be null */ - SIVAL(&pol->pol_hnd.data2, 0 , pol_hnd_low ); /* second bit is incrementing */ - SSVAL(&pol->pol_hnd.data3, 0 , pol_hnd_high); /* second bit is incrementing */ - SSVAL(&pol->pol_hnd.data4, 0 , (pol_hnd_high>>16)); /* second bit is incrementing */ - SIVAL(pol->pol_hnd.data5, 0, time(NULL)); /* something random */ - SIVAL(pol->pol_hnd.data5, 4, sys_getpid()); /* something more random */ + SIVAL(&pol->pol_hnd.handle_type, 0 , 0); /* first bit must be null */ + SIVAL(&pol->pol_hnd.uuid.time_low, 0 , pol_hnd_low ); /* second bit is incrementing */ + SSVAL(&pol->pol_hnd.uuid.time_mid, 0 , pol_hnd_high); /* second bit is incrementing */ + SSVAL(&pol->pol_hnd.uuid.time_hi_and_version, 0 , (pol_hnd_high>>16)); /* second bit is incrementing */ + + /* split the current time into two 16 bit values */ + + SSVAL(pol->pol_hnd.uuid.clock_seq, 0, (t>>16)); /* something random */ + SSVAL(pol->pol_hnd.uuid.node, 0, t); /* something random */ + + SIVAL(pol->pol_hnd.uuid.node, 2, sys_getpid()); /* something more random */ DLIST_ADD(p->pipe_handles->Policy, pol); p->pipe_handles->count++; diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 8fd0e55c54..3728252c99 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -30,9 +30,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV -#define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \ -((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) - static struct generic_mapping reg_generic_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL }; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index e60a431846..5f8e705ea3 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -66,10 +66,6 @@ static uint32 smb_connections=0; extern STANDARD_MAPPING printer_std_mapping, printserver_std_mapping; -#define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \ -((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) - - /* API table for Xcv Monitor functions */ struct xcv_api_table { |