summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_prs.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-19/+20
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13585: Sorry Gunther, had to revert this. It's got a bufferJeremy Allison1-43/+0
overrun. Spoke to Jerry about the correct fix. Will add this after. Jeremy. (This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
2007-10-10r13581: Correctly parse a non-null terminated, little-endian UCS2 string in theGünther Deschner1-0/+43
PAC_LOGON_NAME structure. This was broken on big-endian machines (Solaris SPARC and ppc). Fixes Bug #3330. Jerry, this should be in 3.0.21c. Guenther (This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-0/+29
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r12043: It's amazing the warnings you find when compiling on a 64-bitJeremy Allison1-0/+29
box with gcc4 and -O6... Fix a bunch of C99 dereferencing type-punned pointer will break strict-aliasing rules errors. Also added prs_int32 (not uint32...) as it's needed in one place. Find places where prs_uint32 was being used to marshall/unmarshall a time_t (a big no no on 64-bits). More warning fixes to come. Thanks to Volker for nudging me to compile like this. Jeremy. (This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
2007-10-10r11446: Remove unused fn. Remove unneeded strncpy use.Jeremy Allison1-26/+0
Jeremy. (This used to be commit d202aae3c821f3d78ff063d867bac1f84dca3548)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-1/+1
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10720: Add helper function that does prs alignment on a specified number of ↵Jelmer Vernooij1-0/+18
bytes. (This used to be commit 4576e6843b67c5919823307a196b1582b78fdeaf)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-66/+80
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r9935: Make it easier to find overruns.Jeremy Allison1-2/+4
Jeremy. (This used to be commit e68872d1473ea0557fac1072055a6ed21e5b3d82)
2007-10-10r7415: * big change -- volker's new async winbindd from trunkGerald Carter1-0/+26
(This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2007-10-10r6595: This is Volkers new-talloc patch. Just got the go-ahead fromJeremy Allison1-5/+1
Volker to commit. Woo Hoo ! Jeremy. (This used to be commit 316df944a456f150944761dab34add5e8c4ab699)
2007-10-10r6014: rather large change set....Gerald Carter1-39/+42
pulling back all recent rpc changes from trunk into 3.0. I've tested a compile and so don't think I've missed any files. But if so, just mail me and I'll clean backup in a couple of hours. Changes include \winreg, \eventlog, \svcctl, and general parse_misc.c updates. I am planning on bracketing the event code with an #ifdef ENABLE_EVENTLOG until I finish merging Marcin's changes (very soon). (This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
2007-10-10r5805: merging spoolss parsing changes from trunk and cleaning up resulting ↵Gerald Carter1-0/+28
segvs (This used to be commit 25121547caaaed0d60f4db7458570c14e7d21b2a)
2007-10-10r4601: Removed any use of the MAX_XXX_STR style definitions. A little largerJeremy Allison1-24/+33
change than I'd hoped for due to formating changes to tidy up code. Jeremy. (This used to be commit a348f9221a9fe719dc6f0db6eb295575c2f95e1e)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-15/+22
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r1492: Rework our random number generation system.Andrew Bartlett1-1/+1
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
2007-10-10r1202: This hopefully fixes our memory use when unmarshalling strings. The ↵Volker Lendecke1-1/+4
test case was 'rpcclient -c "enumprinters 2"' with 4000 printers. At some point this completely exploded in memory usage. For every string we talloc'ed memory up to the end of the buffer. -> O(n^2). This survives valgrind with this number of printers. It might also have influence on winbind with a large number of users. All those who dare to look at samba3 rpc code, could you please take a look? I know this is a burden, but I would like comments ;-))) Volker (This used to be commit af251f4ea63c584604972e1c8add83e65046de80)
2004-01-14source/rpc_parse/parse_prs.c ZERO_STRUCTP(ps) not needed as it is doneHerb Lewis1-1/+0
in prs_init now testsuite/printing/psec.c cannot do a prs_mem_free() when tdb_prs_fetch fails as the prs structure has not been initialized (This used to be commit a363e5d8c549861329506bd87c11d82ace5520e5)
2004-01-09fix some warnings from the Sun compilerGerald Carter1-4/+4
(This used to be commit ebabf72a78f0165521268b73e0fcabe1ea7834fd)
2003-11-03Fix some uninitialised variable warnings.Tim Potter1-2/+2
(This used to be commit 68945027b5dc6b5e1aee13e4df4d11a34e42a3a9)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter1-60/+87
clientspreviously joined to the Samba domain (This used to be commit 3802f5895ee18507c6f467bd11db0b1147a6fdfd)
2003-08-15get rid of more compiler warningsHerb Lewis1-7/+7
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
2003-08-12Fix commentAndrew Bartlett1-1/+1
(This used to be commit 024d32f79390210bee6da8e75c228a4aaa7fe6b0)
2003-07-25More printf portability fixes. Got caught out by some gcc'isms lastTim Potter1-2/+2
time. )-: (This used to be commit 59dae1da66a5eb7e128263bd578f167d8746e9f0)
2003-07-24More printf fixes - size_t is long on some architectures.Tim Potter1-2/+2
(This used to be commit ba4d334b822248d8ab929c9568533431603d967e)
2003-07-14Jeremy requested that I get my NTLMSSP patch into CVS. He didn't requestAndrew Bartlett1-95/+175
the schannel code, but I've included that anyway. :-) This patch revives the client-side NTLMSSP support for RPC named pipes in Samba, and cleans up the client and server schannel code. The use of the new code is enabled by the 'sign', 'seal' and 'schannel' commands in rpcclient. The aim was to prove that our separate NTLMSSP client library actually implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation, in the hope that knowing this will assist us in correctly implementing NTLMSSP signing for SMB packets. (Still not yet functional) This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with calls to libsmb/ntlmssp.c. In the process, we have gained the ability to use the more secure NT password, and the ability to sign-only, instead of having to seal the pipe connection. (Previously we were limited to sealing, and could only use the LM-password derived key). Our new client-side NTLMSSP code also needed alteration to cope with our comparatively simple server-side implementation. A future step is to replace it with calls to the same NTLMSSP library. Also included in this patch is the schannel 'sign only' patch I submitted to the team earlier. While not enabled (and not functional, at this stage) the work in this patch makes the code paths *much* easier to follow. I have also included similar hooks in rpccleint to allow the use of schannel on *any* pipe. rpcclient now defaults to not using schannel (or any other extra per-pipe authenticiation) for any connection. The 'schannel' command enables schannel for all pipes until disabled. This code is also much more secure than the previous code, as changes to our cli_pipe routines ensure that the authentication footer cannot be removed by an attacker, and more error states are correctly handled. (The same needs to be done to our server) Andrew Bartlett (This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
2003-05-26This fixes net rpc vampire when talking to win2k (<sp3). win2k sendsTim Potter1-4/+4
back a different sized blob of encrypted password data then we were expecting. There's an extra 32 bytes of unknown stuff. (This used to be commit 285952fd626b02362fb6732f90c5a3ce0d2d5ae0)
2003-04-22parse_string is only used for the authentication negotiators.Volker Lendecke1-1/+7
It can itself determine the length of the string it has to transfer. Andrew B., could you take a look at the length calculation? Is that safe? Thanks, Volker (This used to be commit 0ef69b586a8f1fa11a41a3900180ea2090b60bfd)
2003-04-16Fixes to make SCHANNEL work in 3.0 against a W2K DC. Still need to fixJeremy Allison1-8/+6
multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC. Jeremy. (This used to be commit ff66d4097088409205b6bad5124a78ef9946010d)
2003-04-09Put the core schannel functions to parse_prs.c. They are also used byVolker Lendecke1-0/+182
schannel clients. Volker (This used to be commit 0f348a35d09ff020837119157ef7f4b9e6f07643)
2003-03-17Merge from HEAD:Andrew Bartlett1-2/+2
signed/unsigned (mostly i counters) a little bit of const. Andrew Bartlett (This used to be commit 50f0ca752e5058c4051f42a9337361373ba1f727)
2003-02-14Ensure that only parse_prs.c access internal members of the prs_struct.Jeremy Allison1-12/+54
Needed to move to disk based i/o later. Jeremy. (This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
2003-01-15merging some rpcclient and net functionality from HEADGerald Carter1-19/+0
(This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-22/+22
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-11-23Lots of fixes for error paths where tdb_fetch() data need freeing.Jeremy Allison1-1/+2
Found via a post from Arcady Chernyak <Arcady.Chernyak@efi.com>. Jeremy. (This used to be commit 5d5762d1787db4392d2dff16024097c638b2d494)
2002-09-25sync'ing up for 3.0alpha20 releaseGerald Carter1-1/+7
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-08-17sync 3.0 branch with headJelmer Vernooij1-3/+5
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-1/+36
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-17Added dos_errstr() function. Not all errors in list yet.Tim Potter1-1/+1
(This used to be commit ddb5753e36b8c5efb48ce5c82c16d970fb8e76b6)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-1/+1
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-18Added prs_mem_clear(). Clear memory on buffer reallocation. That wayJeremy Allison1-3/+12
we're not returning what the client gave us. Jeremy. (This used to be commit 9a969069f132019cdd8a11be2b00356a3f09b64d)
2002-01-18Always clear malloced memory for parse structs.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 6deb4caca5b45f87be84032fe0588db8d73b901a)
2002-01-02Add prs_dump_before to dump everything from the start of the prsMartin Pool1-4/+23
buffer up to the current position, and use this to dump pipe buffers just before parsing. (This used to be commit 92a3ab274e6cf09a8ba39b91f8bbacba6de40b37)
2001-11-21samr_querydom_info level 1: found the meaning of the unknow fields. AndJean-François Micouleau1-2/+2
discovered that our reply is short by 4 bytes since day 1 of this code. Added a decode function to rpcclient too. splitted the STRING2 fields filling while trying to understand the win9x userlist bug. (didn't fix the bug, but the reply looks closer to NT). J.F. (This used to be commit bfbe7f377e5fcb09e87bfc866196dfc51a8fe64d)
2001-11-15Doxygen demo for Tim.Martin Pool1-3/+8
(This used to be commit 5c892badbcad43b8a2e002d1a42483c402f2d3e9)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-3/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-17move to SAFE_FREE()Simo Sorce1-3/+2
(This used to be commit 94b0fde8a8a4e888cee93ebde79390c7942a2785)
2001-09-14Merge prs_hash1() function from tng.Tim Potter1-0/+24
(This used to be commit 3245714243d15160b9e0e27c413fef65ea91f455)