summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/lib/util_unistr.c43
-rw-r--r--source3/rpc_parse/parse_misc.c17
-rw-r--r--source3/rpc_parse/parse_prs.c41
-rw-r--r--source3/rpc_parse/parse_samr.c25
-rw-r--r--source3/rpc_server/srv_lsa.c2
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c2
7 files changed, 89 insertions, 45 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 8b4fcb173d..79c742e0a8 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -17,6 +17,9 @@ void cmd_tar(void);
int process_tar(void);
int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind);
+/*The following definitions come from groupdb/mapping.c */
+
+
/*The following definitions come from lib/access.c */
BOOL allow_access(char *deny_list,char *allow_list,
@@ -2472,6 +2475,7 @@ BOOL prs_uint32(char *name, prs_struct *ps, int depth, uint32 *data32);
BOOL prs_uint8s(BOOL charmode, char *name, prs_struct *ps, int depth, uint8 *data8s, int len);
BOOL prs_uint16s(BOOL charmode, char *name, prs_struct *ps, int depth, uint16 *data16s, int len);
BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *data32s, int len);
+BOOL prs_buffer5(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER5 *str);
BOOL prs_buffer2(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER2 *str);
BOOL prs_string2(BOOL charmode, char *name, prs_struct *ps, int depth, STRING2 *str);
BOOL prs_unistr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNISTR2 *str);
diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c
index 74ecc841d0..5e86d5db0b 100644
--- a/source3/lib/util_unistr.c
+++ b/source3/lib/util_unistr.c
@@ -282,38 +282,37 @@ void unistr_to_ascii(char *dest, const uint16 *src, int len)
void unistr2_to_ascii(char *dest, const UNISTR2 *str, size_t maxlen)
{
- char *destend;
- const uint16 *src;
+ char *p;
+ uint16 *src;
size_t len;
- register uint16 c;
+ int i;
+
+ if (str == NULL) {
+ *dest='\0';
+ return;
+ }
src = str->buffer;
len = MIN(str->uni_str_len, maxlen);
- destend = dest + len;
- while (dest < destend)
- {
- uint16 ucs2_val;
- uint16 cp_val;
+ if (len == 0) {
+ *dest='\0';
+ return;
+ }
+
+ for (p = dest; *src && p-dest < len; src++) {
+ uint16 ucs2_val = SVAL(src,0);
+ uint16 cp_val = ucs2_to_doscp[ucs2_val];
- c = *src;
- if (c == 0)
- {
- break;
- }
-
- ucs2_val = SVAL(src++,0);
- cp_val = ucs2_to_doscp[ucs2_val];
-
if (cp_val < 256)
- *(dest++) = (char)cp_val;
+ *p++ = (char)cp_val;
else {
- *dest= (cp_val >> 8) & 0xff;
- *(dest++) = (cp_val & 0xff);
+ *p = (cp_val >> 8) & 0xff;
+ *p++ = (cp_val & 0xff);
}
}
-
- *dest = 0;
+
+ *p = 0;
}
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 859a800771..0a2f49d4dd 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -647,17 +647,14 @@ BOOL smb_io_buffer5(char *desc, BUFFER5 *buf5, prs_struct *ps, int depth)
if (buf5 == NULL) return False;
- prs_align(ps);
- prs_uint32("buf_len", ps, depth, &(buf5->buf_len));
+ if(!prs_align(ps))
+ return False;
+ if(!prs_uint32("buf_len", ps, depth, &buf5->buf_len))
+ return False;
- /* reading: alloc the buffer first */
- if ( UNMARSHALLING(ps) ) {
- buf5->buffer=(uint16 *)prs_alloc_mem(ps, sizeof(uint16)*buf5->buf_len );
- if (buf5->buffer == NULL)
- return False;
- }
-
- prs_uint16s(True, "buffer", ps, depth, buf5->buffer, buf5->buf_len);
+
+ if(!prs_buffer5(True, "buffer" , ps, depth, buf5))
+ return False;
return True;
}
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index e800c20290..5621a2c210 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -563,6 +563,47 @@ BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *d
}
/******************************************************************
+ Stream an array of unicode string, length/buffer specified separately,
+ in uint16 chars. We use DBG_RW_PCVAL, not DBG_RW_PSVAL here
+ as the unicode string is already in little-endian format.
+ ********************************************************************/
+
+BOOL prs_buffer5(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER5 *str)
+{
+ char *p;
+ char *q = prs_mem_get(ps, str->buf_len * sizeof(uint16));
+ if (q == NULL)
+ return False;
+
+ if (UNMARSHALLING(ps)) {
+ str->buffer = (uint16 *)prs_alloc_mem(ps,str->buf_len * sizeof(uint16));
+ if (str->buffer == NULL)
+ return False;
+ memset(str->buffer, '\0', str->buf_len * sizeof(uint16));
+ }
+
+ /* If the string is empty, we don't have anything to stream */
+ if (str->buf_len==0)
+ return True;
+
+ p = (char *)str->buffer;
+
+ /* If we're using big-endian, reverse to get little-endian. */
+ if(ps->bigendian_data) {
+ DBG_RW_PSVAL(charmode, name, depth, ps->data_offset,
+ ps->io, ps->bigendian_data, q, p,
+ str->buf_len)
+ } else {
+ DBG_RW_PCVAL(charmode, name, depth, ps->data_offset,
+ ps->io, q, p, str->buf_len * sizeof(uint16))
+ }
+
+ ps->data_offset += (str->buf_len * sizeof(uint16));
+
+ return True;
+}
+
+/******************************************************************
Stream a "not" unicode string, length/buffer specified separately,
in byte chars. String is in little-endian format.
********************************************************************/
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index c36ca06aae..aa08606a57 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -3890,22 +3890,25 @@ BOOL samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct
**********************************************************************/
BOOL samr_io_q_lookup_domain(char* desc, SAMR_Q_LOOKUP_DOMAIN* q_u, prs_struct *ps, int depth)
{
- if (q_u == NULL)
- return False;
+ if (q_u == NULL)
+ return False;
- prs_debug(ps, depth, desc, "samr_io_q_lookup_domain");
- depth++;
+ prs_debug(ps, depth, desc, "samr_io_q_lookup_domain");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
- prs_align(ps);
+ if(!smb_io_pol_hnd("connect_pol", &q_u->connect_pol, ps, depth))
+ return False;
- smb_io_pol_hnd("connect_pol", &(q_u->connect_pol), ps, depth);
+ if(!smb_io_unihdr("hdr_domain", &q_u->hdr_domain, ps, depth))
+ return False;
- smb_io_unihdr("hdr_domain", &(q_u->hdr_domain), ps, depth);
- smb_io_unistr2("uni_domain", &(q_u->uni_domain),
- q_u->hdr_domain.buffer, ps, depth);
- prs_align(ps);
+ if(!smb_io_unistr2("uni_domain", &q_u->uni_domain, q_u->hdr_domain.buffer, ps, depth))
+ return False;
- return True;
+ return True;
}
/*******************************************************************
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index aea7294ffe..5fc40d692c 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -88,7 +88,7 @@ Init dom_query
static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
{
- int domlen = (dom_name != NULL) ? strlen(dom_name) : 0;
+ int domlen = (dom_name != NULL) ? strlen(dom_name)+1 : 0;
d_q->uni_dom_max_len = domlen * 2;
d_q->uni_dom_str_len = domlen * 2;
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index c2054143b7..a4f5e257f1 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -2021,7 +2021,7 @@ static DEVICEMODE *construct_dev_mode(int snum)
DEBUGADD(8,("loading DEVICEMODE\n"));
- safe_strcpy(adevice, printer->info_2->printername, sizeof(adevice));
+ snprintf(adevice, sizeof(adevice), printer->info_2->printername);
init_unistr(&devmode->devicename, adevice);
snprintf(aform, sizeof(aform), ntdevmode->formname);