From f1d8c4da23049cf0115666f8d97dac251395de76 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 May 2007 22:01:26 +0000 Subject: r22675: Simo's patch for 0 size allocation. Still need to examine parse_misc.c fix. Jeremy. (This used to be commit 80d981265cd3bc9d73c5da3c514ec736e2dfa73a) --- source3/modules/vfs_afsacl.c | 2 +- source3/nsswitch/idmap.c | 17 ++++++++--------- source3/nsswitch/winbindd_async.c | 5 +++++ source3/rpc_client/cli_svcctl.c | 8 ++++++-- source3/rpc_server/srv_lsa_nt.c | 16 +++++++++------- 5 files changed, 29 insertions(+), 19 deletions(-) (limited to 'source3') diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index a82e6b350b..47e8ec5aef 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -616,7 +616,7 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl, uid_to_sid(&owner_sid, sbuf.st_uid); gid_to_sid(&group_sid, sbuf.st_gid); - if (num_aces) { + if (afs_acl->num_aces) { nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces); if (nt_ace_list == NULL) diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c index 5222eba8f3..73a30f6087 100644 --- a/source3/nsswitch/idmap.c +++ b/source3/nsswitch/idmap.c @@ -1025,17 +1025,16 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids) DEBUG(10, ("Query backends to map sids->ids\n")); /* split list per domain */ - - if (num_domains) { - dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains); - IDMAP_CHECK_ALLOC(dom_ids); - counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains); - IDMAP_CHECK_ALLOC(counters); - } else { - dom_ids = NULL; - counters = NULL; + if (num_domains == 0) { + DEBUG(1, ("No domains available?\n")); + return NT_STATUS_UNSUCCESSFUL; } + dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains); + IDMAP_CHECK_ALLOC(dom_ids); + counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains); + IDMAP_CHECK_ALLOC(counters); + /* partition the requests by domain */ for (i = 0; ids[i]; i++) { diff --git a/source3/nsswitch/winbindd_async.c b/source3/nsswitch/winbindd_async.c index a8a92c3cae..393479c63d 100644 --- a/source3/nsswitch/winbindd_async.c +++ b/source3/nsswitch/winbindd_async.c @@ -273,6 +273,11 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain, DEBUG(3, ("[%5lu]: sids to unix ids\n", (unsigned long)state->pid)); + if (state->request.extra_len == 0) { + DEBUG(0, ("Invalid buffer size!\n")); + return WINBINDD_ERROR; + } + sids = (DOM_SID *)state->request.extra_data.data; num = state->request.extra_len / sizeof(DOM_SID); diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c index 2df27c2da5..d183670f5f 100644 --- a/source3/rpc_client/cli_svcctl.c +++ b/source3/rpc_client/cli_svcctl.c @@ -209,8 +209,12 @@ WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX return out.status; /* pull out the data */ - if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) ) - return WERR_NOMEM; + if (out.returned) { + if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) ) + return WERR_NOMEM; + } else { + services = NULL; + } for ( i=0; imem_ctx, LSA_TRANS_NAME_ENUM2); sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids); ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF); @@ -845,12 +849,10 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, return status; } - if (num_sids > 0) { - names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids); - names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids); - if ((names->name == NULL) || (names->uni_name == NULL)) { - return NT_STATUS_NO_MEMORY; - } + names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids); + names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids); + if ((names->name == NULL) || (names->uni_name == NULL)) { + return NT_STATUS_NO_MEMORY; } for (i=0; i