10 files changed, 47 insertions, 36 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a50a449815..30933c6c93 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -607,7 +607,7 @@ static NTSTATUS create_nt_user_token(const DOM_SID *user_sid, const DOM_SID *gro
 						       group_sidstr, sidstr);
 		}
 
-		command = strdup(lp_log_nt_token_command());
+		command = SMB_STRDUP(lp_log_nt_token_command());
 		command = realloc_string_sub(command, "%s", user_sidstr);
 		command = realloc_string_sub(command, "%t", group_sidstr);
 		DEBUG(8, ("running command: [%s]\n", command));
diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index 68c2f183f1..5a40bf6c47 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -130,7 +130,7 @@ static int smb_pam_conv(int num_msg,
 		return PAM_CONV_ERR;
 	}
 
-	reply = malloc(sizeof(struct pam_response) * num_msg);
+	reply = SMB_MALLOC_ARRAY(struct pam_response, num_msg);
 	if (!reply)
 		return PAM_CONV_ERR;
 
@@ -211,7 +211,7 @@ static struct chat_struct *make_pw_chat(char *p)
 	struct chat_struct *tmp;
 
 	while (1) {
-		t = (struct chat_struct *)malloc(sizeof(*t));
+		t = SMB_MALLOC_P(struct chat_struct);
 		if (!t) {
 			DEBUG(0,("make_pw_chat: malloc failed!\n"));
 			return NULL;
@@ -290,7 +290,7 @@ static int smb_pam_passchange_conv(int num_msg,
 		return PAM_CONV_ERR;
 	}
 
-	reply = malloc(sizeof(struct pam_response) * num_msg);
+	reply = SMB_MALLOC_ARRAY(struct pam_response, num_msg);
 	if (!reply) {
 		DEBUG(0,("smb_pam_passchange_conv: malloc for reply failed!\n"));
 		free_pw_chat(pw_chat);
@@ -406,8 +406,8 @@ static void smb_free_pam_conv(struct pam_conv *pconv)
 static struct pam_conv *smb_setup_pam_conv(smb_pam_conv_fn smb_pam_conv_fnptr, const char *user,
 					const char *passwd, const char *newpass)
 {
-	struct pam_conv *pconv = (struct pam_conv *)malloc(sizeof(struct pam_conv));
-	struct smb_pam_userdata *udp = (struct smb_pam_userdata *)malloc(sizeof(struct smb_pam_userdata));
+	struct pam_conv *pconv = SMB_MALLOC_P(struct pam_conv);
+	struct smb_pam_userdata *udp = SMB_MALLOC_P(struct smb_pam_userdata);
 
 	if (pconv == NULL || udp == NULL) {
 		SAFE_FREE(pconv);
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 52cf15da1e..77d4e6d2a6 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -984,18 +984,22 @@ void add_to_large_array(TALLOC_CTX *mem_ctx, size_t element_size,
 			void *element, void **array, uint32 *num_elements,
 			ssize_t *array_size)
 {
-	if (*array_size == -1)
+	if (*array_size < 0)
 		return;
 
 	if (*array == NULL) {
-		if (*array_size == 0)
+		if (*array_size == 0) {
 			*array_size = 128;
+		}
+
+		if (*array_size >= MAX_ALLOC_SIZE/element_size) {
+			goto error;
+		}
 
 		if (mem_ctx != NULL)
-			*array = talloc_array(mem_ctx, element_size,
-					      *array_size);
+			*array = TALLOC(mem_ctx, element_size * (*array_size));
 		else
-			*array = malloc_array(element_size, *array_size);
+			*array = SMB_MALLOC(element_size * (*array_size));
 
 		if (*array == NULL)
 			goto error;
@@ -1004,13 +1008,16 @@ void add_to_large_array(TALLOC_CTX *mem_ctx, size_t element_size,
 	if (*num_elements == *array_size) {
 		*array_size *= 2;
 
+		if (*array_size >= MAX_ALLOC_SIZE/element_size) {
+			goto error;
+		}
+
 		if (mem_ctx != NULL)
-			*array = talloc_realloc_array(mem_ctx, *array,
-						      element_size,
-						      *array_size);
+			*array = TALLOC_REALLOC(mem_ctx, *array,
+						element_size * (*array_size));
 		else
-			*array = realloc_array(*array, element_size,
-					       *array_size);
+			*array = SMB_REALLOC(*array,
+					     element_size * (*array_size));
 
 		if (*array == NULL)
 			goto error;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 7d66b0aaf0..7b3d84e43b 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -2343,7 +2343,7 @@ static NTSTATUS ldapsam_enum_group_members(struct pdb_methods *methods,
 		goto done;
 	}
 
-	sid_filter = strdup("(&(objectClass=sambaSamAccount)(|");
+	sid_filter = SMB_STRDUP("(&(objectClass=sambaSamAccount)(|");
 	if (sid_filter == NULL) {
 		result = NT_STATUS_NO_MEMORY;
 		goto done;
@@ -3170,7 +3170,7 @@ static NTSTATUS ldapsam_lookup_rids(struct pdb_methods *methods,
 	for (i=0; i<num_rids; i++)
 		(*attrs)[i] = SID_NAME_UNKNOWN;
 
-	allsids = strdup("");
+	allsids = SMB_STRDUP("");
 	if (allsids == NULL) return NT_STATUS_NO_MEMORY;
 
 	for (i=0; i<num_rids; i++) {
diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c
index 06060d4067..e2f3128fd5 100644
--- a/source3/passdb/pdb_nds.c
+++ b/source3/passdb/pdb_nds.c
@@ -241,7 +241,7 @@ static int berDecodeLoginData(
 	if(retData)
 	{
 		retOctStrLen = *retDataLen + 1;
-		retOctStr = (char *)malloc(retOctStrLen);
+		retOctStr = SMB_MALLOC(retOctStrLen);
 		if(!retOctStr)
 		{
 			err = LDAP_OPERATIONS_ERROR;
@@ -404,7 +404,7 @@ static int nmasldap_get_simple_pwd(
 	size_t  pwdBufLen, bufferLen;
 
 	bufferLen = pwdBufLen = pwdLen+2;
-	pwdBuf = (char *)malloc(pwdBufLen); /* digest and null */
+	pwdBuf = SMB_MALLOC(pwdBufLen); /* digest and null */
 	if(pwdBuf == NULL)
 	{
 		return LDAP_NO_MEMORY;
@@ -568,7 +568,7 @@ static int nmasldap_get_password(
 	}
 
 	bufferLen = pwdBufLen = *pwdSize;
-	pwdBuf = (char *)malloc(pwdBufLen+2);
+	pwdBuf = SMB_MALLOC(pwdBufLen+2);
 	if(pwdBuf == NULL)
 	{
 		return LDAP_NO_MEMORY;
@@ -890,7 +890,7 @@ static NTSTATUS pdb_init_NDS_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHOD
 	(*pdb_method)->update_login_attempts = pdb_nds_update_login_attempts;
 
 	/* Save location for use in pdb_nds_update_login_attempts */
-	ldap_state->location = strdup(location);
+	ldap_state->location = SMB_STRDUP(location);
 
 	return NT_STATUS_OK;
 }
diff --git a/source3/registry/reg_eventlog.c b/source3/registry/reg_eventlog.c
index cc2ffb5a05..ccac7a190e 100644
--- a/source3/registry/reg_eventlog.c
+++ b/source3/registry/reg_eventlog.c
@@ -40,7 +40,7 @@ static int eventlog_topkey_values( char *key, REGVAL_CTR *val )
     
     if ( key ) 
     {
-	key2 = strdup( key );
+	key2 = SMB_STRDUP( key );
 	keystr = key2;
 	reg_split_path( keystr, &base, &new_path );
 	
diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c
index 0d7d194850..87b41d248e 100644
--- a/source3/rpc_client/cli_reg.c
+++ b/source3/rpc_client/cli_reg.c
@@ -449,7 +449,7 @@ WERROR cli_reg_get_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 
 	if (*sec_buf_size != 0)
 	{
-		sec_buf->sec = (SEC_DESC*)talloc(mem_ctx, *sec_buf_size);
+		sec_buf->sec = TALLOC(mem_ctx, *sec_buf_size);
 	}
 
 	if (!reg_io_r_get_key_sec("", &r_o, &rbuf, 0))
diff --git a/source3/rpc_parse/parse_eventlog.c b/source3/rpc_parse/parse_eventlog.c
index 9bb0a13169..be21f0f74e 100644
--- a/source3/rpc_parse/parse_eventlog.c
+++ b/source3/rpc_parse/parse_eventlog.c
@@ -372,7 +372,9 @@ BOOL eventlog_io_r_read_eventlog(const char *desc,
 
 	/* Now pad with whitespace until the end of the response buffer */
 
-	r_u->end_of_entries_padding = (uint8 *)calloc(q_u->max_read_size - r_u->num_bytes_in_resp, sizeof(uint8));
+	r_u->end_of_entries_padding =
+		SMB_CALLOC_ARRAY(uint8,
+				 q_u->max_read_size - r_u->num_bytes_in_resp);
 
 	if(!(prs_uint8s(False, "end of entries padding", ps, 
 		depth, r_u->end_of_entries_padding,
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 53019dc1b2..bd150f2a35 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -145,19 +145,19 @@ static const char* server_role_str(uint32 server_role)
 {
 	switch(server_role) {
 		case ROLE_STANDALONE:
-			return strdup("ROLE_STANDALONE");
+			return SMB_STRDUP("ROLE_STANDALONE");
 			break;
 		case ROLE_DOMAIN_MEMBER:
-			return strdup("ROLE_DOMAIN_MEMBER");
+			return SMB_STRDUP("ROLE_DOMAIN_MEMBER");
 			break;
 		case ROLE_DOMAIN_BDC:
-			return strdup("ROLE_DOMAIN_BDC");
+			return SMB_STRDUP("ROLE_DOMAIN_BDC");
 			break;
 		case ROLE_DOMAIN_PDC:
-			return strdup("ROLE_DOMAIN_PDC");
+			return SMB_STRDUP("ROLE_DOMAIN_PDC");
 			break;
 		default:
-			return strdup("Unknown -- internal error?");
+			return SMB_STRDUP("Unknown -- internal error?");
 			break;
 	}
 }
diff --git a/source3/sam/idmap_rid.c b/source3/sam/idmap_rid.c
index 48e496b4b7..4f28f9e1af 100644
--- a/source3/sam/idmap_rid.c
+++ b/source3/sam/idmap_rid.c
@@ -81,7 +81,8 @@ static NTSTATUS rid_idmap_parse(const char *init_param,
 		DEBUG(3,("rid_idmap_parse: parsing entry: %d\n", trust.number));
 
 		/* reinit sizes */
-		trust.dom = (struct dom_entry *) realloc(trust.dom, sizeof(struct dom_entry)*(trust.number+1));
+		trust.dom = SMB_REALLOC_ARRAY(trust.dom, struct dom_entry,
+					      trust.number+1);
 
 		if ( trust.dom == NULL ) {
 			return NT_STATUS_NO_MEMORY;
@@ -163,8 +164,8 @@ static NTSTATUS rid_idmap_get_domains(uint32 *num_domains, fstring **domain_name
 
 	/* put the results together */
 	*num_domains = 1;
-	*domain_names = (fstring *) malloc(sizeof(fstring) * *num_domains);
-	*domain_sids = (DOM_SID *) malloc(sizeof(DOM_SID) * *num_domains); 
+	*domain_names = SMB_MALLOC_ARRAY(fstring, *num_domains);
+	*domain_sids = SMB_MALLOC_ARRAY(DOM_SID, *num_domains);
 
 	/* avoid calling a DC when trusted domains are not allowed anyway */
 	if (!lp_allow_trusted_domains()) {
@@ -276,8 +277,9 @@ static NTSTATUS rid_idmap_get_domains(uint32 *num_domains, fstring **domain_name
 
 	/* put the results together */
 	*num_domains = trusted_num_domains + own_domains;
-	*domain_names = (fstring *) realloc(*domain_names, sizeof(fstring) * *num_domains);
-	*domain_sids = (DOM_SID *) realloc(*domain_sids, sizeof(DOM_SID) * *num_domains); 
+	*domain_names = SMB_REALLOC_ARRAY(*domain_names, fstring,
+					  *num_domains);
+	*domain_sids = SMB_REALLOC_ARRAY(*domain_sids, DOM_SID, *num_domains);
 
 	/* first add mydomain */
 	fstrcpy((*domain_names)[0], domain_name);
@@ -352,7 +354,7 @@ static NTSTATUS rid_idmap_init(char *init_param)
 	}
 
 	/* init sizes */
-	trust.dom = (struct dom_entry *) malloc(sizeof(struct dom_entry));
+	trust.dom = SMB_MALLOC_P(struct dom_entry);
 	if (trust.dom == NULL) { 
 		return NT_STATUS_NO_MEMORY;
 	}