From c109a70531de72eef30a695248b91704bd0c7c24 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 30 Mar 2011 13:08:31 -0700
Subject: Fix convert_string() to take a *converted_size arg. and return a
 bool.

Makes these interfaces much harder to misuse and easier to ensure error
checking.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
---
 source3/lib/charcnv.c | 74 ++++++++++++++++++++++++++++-----------------------
 source3/lib/dprintf.c |  5 ++--
 source3/lib/fstring.c |  7 ++---
 source3/lib/smbldap.c |  3 ++-
 4 files changed, 49 insertions(+), 40 deletions(-)

(limited to 'source3/lib')

diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 76fa968457..3fd574b985 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -299,12 +299,12 @@ bool convert_string_error(charset_t from, charset_t to,
 	return convert_string_internal(from, to, src, srclen, dest, destlen, converted_size);
 }
 
-size_t convert_string(charset_t from, charset_t to,
+bool convert_string(charset_t from, charset_t to,
 		      void const *src, size_t srclen,
-		      void *dest, size_t destlen)
+		      void *dest, size_t destlen,
+		      size_t *converted_size)
 {
-	size_t converted_size;
-	bool ret = convert_string_error(from, to, src, srclen, dest, destlen, &converted_size);
+	bool ret = convert_string_error(from, to, src, srclen, dest, destlen, converted_size);
 
 	if(ret==false) {
 		const char *reason="unknown error";
@@ -344,7 +344,7 @@ size_t convert_string(charset_t from, charset_t to,
 		}
 		/* smb_panic(reason); */
 	}
-	return ret ? converted_size : (size_t)-1;
+	return ret;
 }
 
 
@@ -500,10 +500,11 @@ bool convert_string_talloc(TALLOC_CTX *ctx, charset_t from, charset_t to,
 	return true;
 }
 
-size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
+bool unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
 {
 	size_t size;
 	smb_ucs2_t *buffer;
+	bool ret;
 
 	if (!push_ucs2_talloc(talloc_tos(), &buffer, src, &size)) {
 		return (size_t)-1;
@@ -514,9 +515,9 @@ size_t unix_strupper(const char *src, size_t srclen, char *dest, size_t destlen)
 		return srclen;
 	}
 
-	size = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen);
+	ret = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen, &size);
 	TALLOC_FREE(buffer);
-	return size;
+	return ret;
 }
 
 /**
@@ -584,10 +585,11 @@ char *strupper_talloc(TALLOC_CTX *ctx, const char *s) {
 }
 
 
-size_t unix_strlower(const char *src, size_t srclen, char *dest, size_t destlen)
+bool unix_strlower(const char *src, size_t srclen, char *dest, size_t destlen)
 {
 	size_t size;
 	smb_ucs2_t *buffer = NULL;
+	bool ret;
 
 	if (!convert_string_talloc(talloc_tos(), CH_UNIX, CH_UTF16LE, src, srclen,
 				   (void **)(void *)&buffer, &size))
@@ -598,9 +600,9 @@ size_t unix_strlower(const char *src, size_t srclen, char *dest, size_t destlen)
 		TALLOC_FREE(buffer);
 		return srclen;
 	}
-	size = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen);
+	ret = convert_string(CH_UTF16LE, CH_UNIX, buffer, size, dest, destlen, &size);
 	TALLOC_FREE(buffer);
-	return size;
+	return ret;
 }
 
 
@@ -656,7 +658,8 @@ size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags)
 {
 	size_t src_len = strlen(src);
 	char *tmpbuf = NULL;
-	size_t ret;
+	size_t size;
+	bool ret;
 
 	/* No longer allow a length of -1. */
 	if (dest_len == (size_t)-1) {
@@ -676,14 +679,14 @@ size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags)
 		src_len++;
 	}
 
-	ret = convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len);
-	if (ret == (size_t)-1 &&
+	ret = convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len, &size);
+	if (ret == false &&
 			(flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
 			&& dest_len > 0) {
 		((char *)dest)[0] = '\0';
 	}
 	SAFE_FREE(tmpbuf);
-	return ret;
+	return ret ? size : (size_t)-1;
 }
 
 /********************************************************************
@@ -716,7 +719,8 @@ bool push_ascii_talloc(TALLOC_CTX *mem_ctx, char **dest, const char *src, size_t
  **/
 size_t pull_ascii(char *dest, const void *src, size_t dest_len, size_t src_len, int flags)
 {
-	size_t ret;
+	bool ret;
+	size_t size = 0;
 
 	if (dest_len == (size_t)-1) {
 		/* No longer allow dest_len of -1. */
@@ -734,16 +738,16 @@ size_t pull_ascii(char *dest, const void *src, size_t dest_len, size_t src_len,
 		}
 	}
 
-	ret = convert_string(CH_DOS, CH_UNIX, src, src_len, dest, dest_len);
-	if (ret == (size_t)-1) {
-		ret = 0;
+	ret = convert_string(CH_DOS, CH_UNIX, src, src_len, dest, dest_len, &size);
+	if (ret == false) {
+		size = 0;
 		dest_len = 0;
 	}
 
-	if (dest_len && ret) {
+	if (dest_len && size) {
 		/* Did we already process the terminating zero ? */
-		if (dest[MIN(ret-1, dest_len-1)] != 0) {
-			dest[MIN(ret, dest_len-1)] = 0;
+		if (dest[MIN(size-1, dest_len-1)] != 0) {
+			dest[MIN(size, dest_len-1)] = 0;
 		}
 	} else  {
 		dest[0] = 0;
@@ -858,7 +862,8 @@ size_t push_ucs2(const void *base_ptr, void *dest, const char *src, size_t dest_
 {
 	size_t len=0;
 	size_t src_len;
-	size_t ret;
+	size_t size = 0;
+	bool ret;
 
 	if (dest_len == (size_t)-1) {
 		/* No longer allow dest_len of -1. */
@@ -881,8 +886,8 @@ size_t push_ucs2(const void *base_ptr, void *dest, const char *src, size_t dest_
 	/* ucs2 is always a multiple of 2 bytes */
 	dest_len &= ~1;
 
-	ret =  convert_string(CH_UNIX, CH_UTF16LE, src, src_len, dest, dest_len);
-	if (ret == (size_t)-1) {
+	ret = convert_string(CH_UNIX, CH_UTF16LE, src, src_len, dest, dest_len, &size);
+	if (ret == false) {
 		if ((flags & STR_TERMINATE) &&
 				dest &&
 				dest_len) {
@@ -891,7 +896,7 @@ size_t push_ucs2(const void *base_ptr, void *dest, const char *src, size_t dest_
 		return len;
 	}
 
-	len += ret;
+	len += size;
 
 	if (flags & STR_UPPER) {
 		smb_ucs2_t *dest_ucs2 = (smb_ucs2_t *)dest;
@@ -968,8 +973,9 @@ bool push_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
 
 size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_len, size_t src_len, int flags)
 {
-	size_t ret;
+	size_t size = 0;
 	size_t ucs2_align_len = 0;
+	bool ret;
 
 	if (dest_len == (size_t)-1) {
 		/* No longer allow dest_len of -1. */
@@ -1005,19 +1011,19 @@ size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_
 	if (src_len != (size_t)-1)
 		src_len &= ~1;
 
-	ret = convert_string(CH_UTF16LE, CH_UNIX, src, src_len, dest, dest_len);
-	if (ret == (size_t)-1) {
-		ret = 0;
+	ret = convert_string(CH_UTF16LE, CH_UNIX, src, src_len, dest, dest_len, &size);
+	if (ret == false) {
+		size = 0;
 		dest_len = 0;
 	}
 
 	if (src_len == (size_t)-1)
-		src_len = ret*2;
+		src_len = size*2;
 
-	if (dest_len && ret) {
+	if (dest_len && size) {
 		/* Did we already process the terminating zero ? */
-		if (dest[MIN(ret-1, dest_len-1)] != 0) {
-			dest[MIN(ret, dest_len-1)] = 0;
+		if (dest[MIN(size-1, dest_len-1)] != 0) {
+			dest[MIN(size, dest_len-1)] = 0;
 		}
 	} else {
 		dest[0] = 0;
diff --git a/source3/lib/dprintf.c b/source3/lib/dprintf.c
index 97129f8b4a..ad3c79a8d5 100644
--- a/source3/lib/dprintf.c
+++ b/source3/lib/dprintf.c
@@ -35,6 +35,7 @@
 {
 	char *p = NULL, *p2 = NULL;
 	int ret, maxlen, clen;
+	size_t size = 0;
 	const char *msgstr;
 	va_list ap2;
 
@@ -66,11 +67,11 @@ again:
 		goto out;
 	}
 
-	clen = convert_string(CH_UNIX, CH_DISPLAY, p, ret, p2, maxlen);
-	if (clen == -1) {
+	if (!convert_string(CH_UNIX, CH_DISPLAY, p, ret, p2, maxlen, &size)) {
 		ret = -1;
 		goto out;
 	}
+	clen = size;
 
 	if (clen >= maxlen) {
 		/* it didn't fit - try a larger buffer */
diff --git a/source3/lib/fstring.c b/source3/lib/fstring.c
index 50b0765f92..b0a30b52cc 100644
--- a/source3/lib/fstring.c
+++ b/source3/lib/fstring.c
@@ -75,7 +75,8 @@ size_t pull_ascii_nstring(char *dest, size_t dest_len, const void *src)
 static size_t push_utf8(void *dest, const char *src, size_t dest_len, int flags)
 {
 	size_t src_len = 0;
-	size_t ret;
+	size_t size = 0;
+	bool ret;
 	char *tmpbuf = NULL;
 
 	if (dest_len == (size_t)-1) {
@@ -97,9 +98,9 @@ static size_t push_utf8(void *dest, const char *src, size_t dest_len, int flags)
 		src_len++;
 	}
 
-	ret = convert_string(CH_UNIX, CH_UTF8, src, src_len, dest, dest_len);
+	ret = convert_string(CH_UNIX, CH_UTF8, src, src_len, dest, dest_len, &size);
 	TALLOC_FREE(tmpbuf);
-	return ret;
+	return ret ? size : (size_t)-1;
 }
 
 size_t push_utf8_fstring(void *dest, const char *src)
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index c094fbe255..207f435d28 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -264,6 +264,7 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
 				    int max_len)
 {
 	char **values;
+	size_t size = 0;
 
 	if ( !attribute )
 		return False;
@@ -276,7 +277,7 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
 		return False;
 	}
 
-	if (convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, max_len) == (size_t)-1) {
+	if (!convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, max_len, &size)) {
 		DEBUG(1, ("smbldap_get_single_attribute: string conversion of [%s] = [%s] failed!\n", 
 			  attribute, values[0]));
 		ldap_value_free(values);
-- 
cgit