summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/printing/nt_printing.c54
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c35
3 files changed, 50 insertions, 43 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index d9154cca6f..ff004bbabd 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1962,9 +1962,9 @@ BOOL parse_lpq_entry(int snum,char *line,
#if OLD_NTDOMAIN
BOOL nt_printing_init(void);
-int get_ntforms(nt_forms_struct **list);
+int get_ntforms(TALLOC_CTX *ctx, nt_forms_struct **list);
int write_ntforms(nt_forms_struct **list, int number);
-BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count);
+BOOL add_a_form(TALLOC_CTX *ctx, nt_forms_struct **list, const FORM *form, int *count);
BOOL delete_a_form(nt_forms_struct **list, UNISTR2 *del_name, int *count, uint32 *ret);
void update_a_form(nt_forms_struct **list, const FORM *form, int count);
int get_ntdrivers(fstring **list, char *architecture, uint32 version);
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index a2337c25f3..8614c55e82 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -52,10 +52,10 @@ static nt_forms_struct default_forms[] = {
{"Letter", 0x2, 0x34b5b, 0x44367, 0x0, 0x0, 0x34b5b, 0x44367},
};
-
/****************************************************************************
open the NT printing tdb
****************************************************************************/
+
BOOL nt_printing_init(void)
{
static pid_t local_pid;
@@ -81,14 +81,15 @@ BOOL nt_printing_init(void)
return True;
}
-
/****************************************************************************
-get a form struct list
+get a form struct list. Returns talloc'ed memory.
****************************************************************************/
-int get_ntforms(nt_forms_struct **list)
+
+int get_ntforms(TALLOC_CTX *ctx, nt_forms_struct **list)
{
TDB_DATA kbuf, newkey, dbuf;
nt_forms_struct form;
+ nt_forms_struct *list_p = NULL;
int ret;
int i;
int n = 0;
@@ -110,25 +111,37 @@ int get_ntforms(nt_forms_struct **list)
/* allocate space and populate the list in correct order */
if (i+1 > n) {
- *list = Realloc(*list, sizeof(nt_forms_struct)*(i+1));
+ list_p = Realloc(list_p, sizeof(nt_forms_struct)*(i+1));
+ if (!list_p)
+ return 0;
n = i+1;
}
- (*list)[i] = form;
+ list_p[i] = form;
}
/* we should never return a null forms list or NT gets unhappy */
if (n == 0) {
- *list = (nt_forms_struct *)memdup(&default_forms[0], sizeof(default_forms));
+ list_p = (nt_forms_struct *)memdup(&default_forms[0], sizeof(default_forms));
+ if (!list_p)
+ return 0;
n = sizeof(default_forms) / sizeof(default_forms[0]);
}
+ *list = NULL;
+ if (list_p) {
+ *list = (nt_forms_struct *)talloc_memdup(ctx, list_p, n * sizeof(nt_forms_struct) );
+ free(list_p);
+ }
+ if (!*list)
+ return 0;
return n;
}
/****************************************************************************
write a form struct list
****************************************************************************/
+
int write_ntforms(nt_forms_struct **list, int number)
{
pstring buf, key;
@@ -142,23 +155,26 @@ int write_ntforms(nt_forms_struct **list, int number)
i, (*list)[i].flag, (*list)[i].width, (*list)[i].length,
(*list)[i].left, (*list)[i].top, (*list)[i].right,
(*list)[i].bottom);
- if (len > sizeof(buf)) break;
+ if (len > sizeof(buf))
+ break;
slprintf(key, sizeof(key), "%s%s", FORMS_PREFIX, (*list)[i].name);
dos_to_unix(key, True); /* Convert key to unix-codepage */
kbuf.dsize = strlen(key)+1;
kbuf.dptr = key;
dbuf.dsize = len;
dbuf.dptr = buf;
- if (tdb_store(tdb, kbuf, dbuf, TDB_REPLACE) != 0) break;
- }
+ if (tdb_store(tdb, kbuf, dbuf, TDB_REPLACE) != 0)
+ break;
+ }
- return i;
+ return i;
}
/****************************************************************************
add a form struct at the end of the list
****************************************************************************/
-BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count)
+
+BOOL add_a_form(TALLOC_CTX *ctx, nt_forms_struct **list, const FORM *form, int *count)
{
int n=0;
BOOL update;
@@ -182,8 +198,14 @@ BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count)
}
if (update==False) {
- if((*list=Realloc(*list, (n+1)*sizeof(nt_forms_struct))) == NULL)
+ /* We can't realloc a talloc memory area. */
+ nt_forms_struct *new_list = (nt_forms_struct *)talloc(ctx, (n+1)*sizeof(nt_forms_struct) );
+ if (!new_list)
return False;
+
+ memcpy(new_list, *list, n*sizeof(nt_forms_struct) );
+ *list = new_list;
+
unistr2_to_ascii((*list)[n].name, &form->name, sizeof((*list)[n].name)-1);
(*count)++;
}
@@ -202,6 +224,7 @@ BOOL add_a_form(nt_forms_struct **list, const FORM *form, int *count)
/****************************************************************************
delete a named form struct
****************************************************************************/
+
BOOL delete_a_form(nt_forms_struct **list, UNISTR2 *del_name, int *count, uint32 *ret)
{
pstring key;
@@ -250,6 +273,7 @@ BOOL delete_a_form(nt_forms_struct **list, UNISTR2 *del_name, int *count, uint32
/****************************************************************************
update a form struct
****************************************************************************/
+
void update_a_form(nt_forms_struct **list, const FORM *form, int count)
{
int n=0;
@@ -257,8 +281,7 @@ void update_a_form(nt_forms_struct **list, const FORM *form, int count)
unistr2_to_ascii(form_name, &(form->name), sizeof(form_name)-1);
DEBUG(106, ("[%s]\n", form_name));
- for (n=0; n<count; n++)
- {
+ for (n=0; n<count; n++) {
DEBUGADD(106, ("n [%d]:[%s]\n", n, (*list)[n].name));
if (!strncmp((*list)[n].name, form_name, strlen(form_name)))
break;
@@ -280,6 +303,7 @@ get the nt drivers list
traverse the database and look-up the matching names
****************************************************************************/
+
int get_ntdrivers(fstring **list, char *architecture, uint32 version)
{
int total=0;
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 341117f346..01055f4e71 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -5278,14 +5278,14 @@ uint32 _new_spoolss_enumforms(pipes_struct *p, SPOOL_Q_ENUMFORMS *q_u, SPOOL_R_E
DEBUGADD(5,("Offered buffer size [%d]\n", offered));
DEBUGADD(5,("Info level [%d]\n", level));
- *numofforms = get_ntforms(&list);
+ *numofforms = get_ntforms(p->mem_ctx, &list);
DEBUGADD(5,("Number of forms [%d]\n", *numofforms));
if (*numofforms == 0) return ERROR_NO_MORE_ITEMS;
switch (level) {
case 1:
- if ((forms_1=(FORM_1 *)malloc(*numofforms * sizeof(FORM_1))) == NULL) {
+ if ((forms_1=(FORM_1 *)talloc(p->mem_ctx, *numofforms * sizeof(FORM_1))) == NULL) {
*numofforms=0;
return ERROR_NOT_ENOUGH_MEMORY;
}
@@ -5296,8 +5296,6 @@ uint32 _new_spoolss_enumforms(pipes_struct *p, SPOOL_Q_ENUMFORMS *q_u, SPOOL_R_E
fill_form_1(&forms_1[i], &list[i]);
}
- safe_free(list);
-
/* check the required size. */
for (i=0; i<*numofforms; i++) {
DEBUGADD(6,("adding form [%d]'s size\n",i));
@@ -5306,10 +5304,8 @@ uint32 _new_spoolss_enumforms(pipes_struct *p, SPOOL_Q_ENUMFORMS *q_u, SPOOL_R_E
*needed=buffer_size;
- if (!alloc_buffer_size(buffer, buffer_size)){
- safe_free(forms_1);
+ if (!alloc_buffer_size(buffer, buffer_size))
return ERROR_INSUFFICIENT_BUFFER;
- }
/* fill the buffer with the form structures */
for (i=0; i<*numofforms; i++) {
@@ -5317,8 +5313,6 @@ uint32 _new_spoolss_enumforms(pipes_struct *p, SPOOL_Q_ENUMFORMS *q_u, SPOOL_R_E
new_smb_io_form_1("", buffer, &forms_1[i], 0);
}
- safe_free(forms_1);
-
if (*needed > offered) {
*numofforms=0;
return ERROR_INSUFFICIENT_BUFFER;
@@ -5327,10 +5321,8 @@ uint32 _new_spoolss_enumforms(pipes_struct *p, SPOOL_Q_ENUMFORMS *q_u, SPOOL_R_E
return NT_STATUS_NO_PROBLEMO;
default:
- safe_free(list);
return ERROR_INVALID_LEVEL;
}
-
}
/****************************************************************************
@@ -5361,7 +5353,7 @@ uint32 _spoolss_getform(pipes_struct *p, SPOOL_Q_GETFORM *q_u, SPOOL_R_GETFORM *
DEBUGADD(5,("Offered buffer size [%d]\n", offered));
DEBUGADD(5,("Info level [%d]\n", level));
- numofforms = get_ntforms(&list);
+ numofforms = get_ntforms(p->mem_ctx, &list);
DEBUGADD(5,("Number of forms [%d]\n", numofforms));
if (numofforms == 0)
@@ -5382,8 +5374,6 @@ uint32 _spoolss_getform(pipes_struct *p, SPOOL_Q_GETFORM *q_u, SPOOL_R_GETFORM *
}
}
- safe_free(list);
-
/* check the required size. */
*needed=spoolss_size_form_1(&form_1);
@@ -5403,7 +5393,6 @@ uint32 _spoolss_getform(pipes_struct *p, SPOOL_Q_GETFORM *q_u, SPOOL_R_GETFORM *
return NT_STATUS_NO_PROBLEMO;
default:
- safe_free(list);
return ERROR_INVALID_LEVEL;
}
}
@@ -6181,14 +6170,12 @@ uint32 _spoolss_addform( pipes_struct *p, SPOOL_Q_ADDFORM *q_u, SPOOL_R_ADDFORM
return ERROR_INVALID_HANDLE;
}
- count=get_ntforms(&list);
- if(!add_a_form(&list, form, &count))
+ count=get_ntforms(p->mem_ctx, &list);
+ if(!add_a_form(p->mem_ctx, &list, form, &count))
return ERROR_NOT_ENOUGH_MEMORY;
write_ntforms(&list, count);
- safe_free(list);
-
- return 0x0;
+ return NT_STATUS_NOPROBLEMO;
}
/****************************************************************************
@@ -6211,12 +6198,10 @@ uint32 _spoolss_deleteform( pipes_struct *p, SPOOL_Q_DELETEFORM *q_u, SPOOL_R_DE
return ERROR_INVALID_HANDLE;
}
- count = get_ntforms(&list);
+ count = get_ntforms(p->mem_ctx, &list);
if(!delete_a_form(&list, form_name, &count, &ret))
return ERROR_INVALID_PARAMETER;
- safe_free(list);
-
return ret;
}
@@ -6240,12 +6225,10 @@ uint32 _spoolss_setform(pipes_struct *p, SPOOL_Q_SETFORM *q_u, SPOOL_R_SETFORM *
DEBUG(0,("_spoolss_setform: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
- count=get_ntforms(&list);
+ count=get_ntforms(p->mem_ctx, &list);
update_a_form(&list, form, count);
write_ntforms(&list, count);
- safe_free(list);
-
return 0x0;
}