From 8d1dd8bb96ea6caec651397400a2cce8f37570e3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 8 Mar 2006 17:50:44 +0000 Subject: r14043: After discussion with Jerry revert part of the Coverity null-ref patch - put prs_rpcbuffer_p back to the way it was (with an additional coverity paranoia check) - move the real test into rpcbuf_alloc_size instead. Jeremy. (This used to be commit f74993e65c01bc0ef73d3e8710bb2f840910161a) --- source3/rpc_parse/parse_buffer.c | 41 +++++++++++++++------------------------- 1 file changed, 15 insertions(+), 26 deletions(-) (limited to 'source3/rpc_parse') diff --git a/source3/rpc_parse/parse_buffer.c b/source3/rpc_parse/parse_buffer.c index 52117dc44b..21dddfa3cf 100644 --- a/source3/rpc_parse/parse_buffer.c +++ b/source3/rpc_parse/parse_buffer.c @@ -108,37 +108,22 @@ BOOL prs_rpcbuffer_p(const char *desc, prs_struct *ps, int depth, RPC_BUFFER **b data_p = *buffer ? 0xf000baaa : 0; - if ( !prs_uint32("ptr", ps, depth, &data_p )) { + if ( !prs_uint32("ptr", ps, depth, &data_p )) return False; - } - - /* We must always return a valid buffer pointer even if the - client didn't send one - just leave it initialized to null. */ - if ( UNMARSHALLING(ps) ) { - if ( !(*buffer = PRS_ALLOC_MEM(ps, RPC_BUFFER, 1)) ) { - return False; - } - } /* we're done if there is no data */ - if (!data_p) { - if (UNMARSHALLING(ps)) { - RPC_BUFFER *pbuffer = *buffer; - /* On unmarshalling we must return a valid, - but zero size value RPC_BUFFER. */ - pbuffer->size = 0; - pbuffer->string_at_end = 0; - if (!prs_init(&pbuffer->prs, 0, prs_get_mem_context(ps), UNMARSHALL)) { - return False; - } - } + if ( !data_p ) return True; - } - /* Coverity paranoia. Buffer must be valid. */ - if (!*buffer) { - return False; + if ( UNMARSHALLING(ps) ) { + if ( !(*buffer = PRS_ALLOC_MEM(ps, RPC_BUFFER, 1)) ) + return False; + } else { + /* Marshalling case. - coverity paranoia - should already be ok if data_p != 0 */ + if (!*buffer) { + return True; + } } return prs_rpcbuffer( desc, ps, depth, *buffer); @@ -158,7 +143,11 @@ BOOL rpcbuf_alloc_size(RPC_BUFFER *buffer, uint32 buffer_size) if ( buffer_size == 0x0 ) return True; - + + if (!buffer) { + return False; + } + ps= &buffer->prs; /* damn, I'm doing the reverse operation of prs_grow() :) */ -- cgit