summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/lib/charcnv.c61
1 files changed, 20 insertions, 41 deletions
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 1f698c6288..cf6dbdd95a 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -750,15 +750,15 @@ static size_t pull_ascii_base_talloc(TALLOC_CTX *ctx,
return 0;
}
+ if (src_len == (size_t)-1) {
+ smb_panic("sec_len == -1 in pull_ascii_base_talloc");
+ }
+
if (flags & STR_TERMINATE) {
- if (src_len == (size_t)-1) {
- src_len = strlen((const char *)src) + 1;
- } else {
- size_t len = strnlen((const char *)src, src_len);
- if (len < src_len)
- len++;
- src_len = len;
- }
+ size_t len = strnlen((const char *)src, src_len);
+ if (len < src_len)
+ len++;
+ src_len = len;
/* Ensure we don't use an insane length from the client. */
if (src_len >= 1024*1024) {
char *msg = talloc_asprintf(ctx,
@@ -767,14 +767,6 @@ static size_t pull_ascii_base_talloc(TALLOC_CTX *ctx,
(unsigned int)src_len);
smb_panic(msg);
}
- } else {
- /* Can't have an unlimited length
- * non STR_TERMINATE'd.
- */
- if (src_len == (size_t)-1) {
- errno = EINVAL;
- return 0;
- }
}
/* src_len != -1 here. */
@@ -1038,44 +1030,31 @@ static size_t pull_ucs2_base_talloc(TALLOC_CTX *ctx,
return 0;
}
+ if (src_len == (size_t)-1) {
+ /* no longer used anywhere, but worth checking */
+ smb_panic("sec_len == -1 in pull_ucs2_base_talloc");
+ }
+
if (ucs2_align(base_ptr, src, flags)) {
src = (const void *)((const char *)src + 1);
- if (src_len != (size_t)-1)
- src_len--;
+ src_len--;
ucs2_align_len = 1;
}
if (flags & STR_TERMINATE) {
/* src_len -1 is the default for null terminated strings. */
- if (src_len != (size_t)-1) {
- size_t len = strnlen_w((const smb_ucs2_t *)src,
- src_len/2);
- if (len < src_len/2)
- len++;
- src_len = len*2;
- } else {
- /*
- * src_len == -1 - alloc interface won't take this
- * so we must calculate.
- */
- src_len = (strlen_w((const smb_ucs2_t *)src)+1)*sizeof(smb_ucs2_t);
- }
+ size_t len = strnlen_w((const smb_ucs2_t *)src,
+ src_len/2);
+ if (len < src_len/2)
+ len++;
+ src_len = len*2;
+
/* Ensure we don't use an insane length from the client. */
if (src_len >= 1024*1024) {
smb_panic("Bad src length in pull_ucs2_base_talloc\n");
}
- } else {
- /* Can't have an unlimited length
- * non STR_TERMINATE'd.
- */
- if (src_len == (size_t)-1) {
- errno = EINVAL;
- return 0;
- }
}
- /* src_len != -1 here. */
-
/* ucs2 is always a multiple of 2 bytes */
src_len &= ~1;