diff options
| -rw-r--r-- | source3/lib/util_unistr.c | 10 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_lsa.c | 10 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa.c | 27 |
3 files changed, 21 insertions, 26 deletions
diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index 5e86d5db0b..259b44e200 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -300,7 +300,7 @@ void unistr2_to_ascii(char *dest, const UNISTR2 *str, size_t maxlen) return; } - for (p = dest; *src && p-dest < len; src++) { + for (p = dest; (p-dest < len) && *src; src++) { uint16 ucs2_val = SVAL(src,0); uint16 cp_val = ucs2_to_doscp[ucs2_val]; @@ -341,7 +341,7 @@ char *dos_buffer2_to_str(BUFFER2 *str) nexti = (nexti+1)%8; - for (p = lbuf; *src && p-lbuf < max_size; src++) { + for (p = lbuf; (p-lbuf < max_size) && *src; src++) { uint16 ucs2_val = SVAL(src,0); uint16 cp_val = ucs2_to_doscp[ucs2_val]; @@ -405,7 +405,7 @@ size_t dos_struni2(char *dst, const char *src, size_t max_len) return 0; if (src != NULL) { - for (; *src && len < max_len-2; len++, dst +=2) { + for (; (len < max_len-2) && *src; len++, dst +=2) { size_t skip = get_character_len(*src); smb_ucs2_t val = (*src & 0xff); @@ -444,7 +444,7 @@ char *dos_unistr(char *buf) nexti = (nexti+1)%8; - for (p = lbuf; *src && p-lbuf < MAXUNI-3; src++) { + for (p = lbuf; (p-lbuf < MAXUNI-3) && *src; src++) { uint16 ucs2_val = SVAL(src,0); uint16 cp_val = ucs2_to_doscp[ucs2_val]; @@ -712,7 +712,7 @@ static char *unicode_to_multibyte(char *dst, const smb_ucs2_t *src, { size_t dst_pos; - for(dst_pos = 0; *src && (dst_pos < dst_len - 1);) { + for(dst_pos = 0; (dst_pos < dst_len - 1) && *src;) { smb_ucs2_t val = ucs2_to_cp[*src++]; if(val < 256) { dst[dst_pos++] = (char)val; diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 41219854d1..2c15166f26 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -853,16 +853,6 @@ static BOOL lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, if(!prs_align(ps)) return False; } - - /* Free memory if we've sent it */ - - if (MARSHALLING(ps)) { - safe_free(trn->name); - safe_free(trn->uni_name); - - trn->name = NULL; - trn->uni_name = NULL; - } } return True; diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index 5fc40d692c..ed65e787b4 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -276,7 +276,7 @@ static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l, Init lsa_trans_names. ***************************************************************************/ -static void init_lsa_trans_names(DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn, +static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn, int num_entries, DOM_SID2 *sid, uint32 *mapped_count) { @@ -286,16 +286,18 @@ static void init_lsa_trans_names(DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn, /* Allocate memory for list of names */ - if (!(trn->name = (LSA_TRANS_NAME *)malloc(sizeof(LSA_TRANS_NAME) * - num_entries))) { - DEBUG(0, ("init_lsa_trans_names(): out of memory\n")); - return; - } + if (num_entries > 0) { + if (!(trn->name = (LSA_TRANS_NAME *)talloc(ctx, sizeof(LSA_TRANS_NAME) * + num_entries))) { + DEBUG(0, ("init_lsa_trans_names(): out of memory\n")); + return; + } - if (!(trn->uni_name = (UNISTR2 *)malloc(sizeof(UNISTR2) * - num_entries))) { - DEBUG(0, ("init_lsa_trans_names(): out of memory\n")); - return; + if (!(trn->uni_name = (UNISTR2 *)talloc(ctx, sizeof(UNISTR2) * + num_entries))) { + DEBUG(0, ("init_lsa_trans_names(): out of memory\n")); + return; + } } for (i = 0; i < num_entries; i++) { @@ -375,21 +377,24 @@ static BOOL lsa_reply_lookup_sids(prs_struct *rdata, DOM_SID2 *sid, int num_entr DOM_R_REF ref; LSA_TRANS_NAME_ENUM names; uint32 mapped_count = 0; + TALLOC_CTX *ctx = talloc_init(); ZERO_STRUCT(r_l); ZERO_STRUCT(ref); ZERO_STRUCT(names); /* set up the LSA Lookup SIDs response */ - init_lsa_trans_names(&ref, &names, num_entries, sid, &mapped_count); + init_lsa_trans_names(ctx, &ref, &names, num_entries, sid, &mapped_count); init_reply_lookup_sids(&r_l, &ref, &names, mapped_count); /* store the response in the SMB stream */ if(!lsa_io_r_lookup_sids("", &r_l, rdata, 0)) { DEBUG(0,("lsa_reply_lookup_sids: Failed to marshall LSA_R_LOOKUP_SIDS.\n")); + talloc_destroy(ctx); return False; } + talloc_destroy(ctx); return True; } |