From f6f2151a3947cc105481c64a31d2405f239948cc Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 3 Nov 2009 00:47:37 +0100 Subject: s3:registry: add safety check for return value of tdb_unpack to regdb_fetch_keys_internal() Prevents segfaults in some situations. (For a non existent or empty record, we sometimes rely on the fetch operation to return dsize==0 and sometimes we rely on dptr==NULL.) Michael --- source3/registry/reg_backend_db.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/registry') diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c index 2b6259c03a..2cd3593537 100644 --- a/source3/registry/reg_backend_db.c +++ b/source3/registry/reg_backend_db.c @@ -1470,6 +1470,10 @@ static WERROR regdb_fetch_keys_internal(struct db_context *db, const char *key, buf = value.dptr; buflen = value.dsize; len = tdb_unpack( buf, buflen, "d", &num_items); + if (len == (uint32_t)-1) { + werr = WERR_NOT_FOUND; + goto done; + } werr = regsubkey_ctr_reinit(ctr); W_ERROR_NOT_OK_GOTO_DONE(werr); -- cgit