From 931f594cf16b8c7f9f416d7a8831432b783a0ec8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 21 May 2007 12:47:18 +0000 Subject: r23036: error checking on asn1_init() failure (This used to be commit 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2) --- source4/libcli/cldap/cldap.c | 2 ++ source4/libcli/ldap/ldap.c | 2 ++ source4/libcli/ldap/ldap_client.c | 4 +++- source4/libcli/ldap/ldap_controls.c | 40 +++++++++++++++++++++++++++++++++++++ source4/libcli/util/asn1.c | 6 +++++- 5 files changed, 52 insertions(+), 2 deletions(-) (limited to 'source4/libcli') diff --git a/source4/libcli/cldap/cldap.c b/source4/libcli/cldap/cldap.c index e92abe4d47..bd2ab630db 100644 --- a/source4/libcli/cldap/cldap.c +++ b/source4/libcli/cldap/cldap.c @@ -70,6 +70,8 @@ static void cldap_socket_recv(struct cldap_socket *cldap) struct ldap_message *ldap_msg; struct cldap_request *req; + if (!asn1) return; + status = socket_pending(cldap->sock, &dsize); if (!NT_STATUS_IS_OK(status)) { talloc_free(tmp_ctx); diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c index 70ba9335db..55988b8eb4 100644 --- a/source4/libcli/ldap/ldap.c +++ b/source4/libcli/ldap/ldap.c @@ -193,6 +193,8 @@ BOOL ldap_encode(struct ldap_message *msg, DATA_BLOB *result, TALLOC_CTX *mem_ct struct asn1_data *data = asn1_init(mem_ctx); int i, j; + if (!data) return False; + asn1_push_tag(data, ASN1_SEQUENCE(0)); asn1_write_Integer(data, msg->messageid); diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c index 5e4eddee92..ce15b39271 100644 --- a/source4/libcli/ldap/ldap_client.c +++ b/source4/libcli/ldap/ldap_client.c @@ -175,11 +175,13 @@ static NTSTATUS ldap_recv_handler(void *private_data, DATA_BLOB blob) struct ldap_message *msg = talloc(conn, struct ldap_message); struct asn1_data *asn1 = asn1_init(conn); - if (msg == NULL) { + if (asn1 == NULL || msg == NULL) { return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } if (!asn1_load(asn1, blob)) { + talloc_free(msg); + talloc_free(asn1); return NT_STATUS_LDAP(LDAP_PROTOCOL_ERROR); } diff --git a/source4/libcli/ldap/ldap_controls.c b/source4/libcli/ldap/ldap_controls.c index 180e6eeb62..79c16afc95 100644 --- a/source4/libcli/ldap/ldap_controls.c +++ b/source4/libcli/ldap/ldap_controls.c @@ -37,6 +37,8 @@ static BOOL decode_server_sort_response(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_sort_resp_control *lsrc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -82,6 +84,8 @@ static BOOL decode_server_sort_request(void *mem_ctx, DATA_BLOB in, void **out) struct ldb_server_sort_control **lssc; int num; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -156,6 +160,8 @@ static BOOL decode_extended_dn_request(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_extended_dn_control *ledc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -187,6 +193,8 @@ static BOOL decode_sd_flags_request(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_sd_flags_control *lsdfc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -218,6 +226,8 @@ static BOOL decode_search_options_request(void *mem_ctx, DATA_BLOB in, void **ou struct asn1_data *data = asn1_init(mem_ctx); struct ldb_search_options_control *lsoc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -250,6 +260,8 @@ static BOOL decode_paged_results_request(void *mem_ctx, DATA_BLOB in, void **out struct asn1_data *data = asn1_init(mem_ctx); struct ldb_paged_control *lprc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -296,6 +308,8 @@ static BOOL decode_dirsync_request(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_dirsync_control *ldc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -349,6 +363,8 @@ static BOOL decode_asq_control(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_asq_control *lac; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -452,6 +468,8 @@ static BOOL decode_vlv_request(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_vlv_req_control *lvrc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -562,6 +580,8 @@ static BOOL decode_vlv_response(void *mem_ctx, DATA_BLOB in, void **out) struct asn1_data *data = asn1_init(mem_ctx); struct ldb_vlv_resp_control *lvrc; + if (!data) return False; + if (!asn1_load(data, in)) { return False; } @@ -615,6 +635,8 @@ static BOOL encode_server_sort_response(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_sort_resp_control *lsrc = talloc_get_type(in, struct ldb_sort_resp_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -648,6 +670,8 @@ static BOOL encode_server_sort_request(void *mem_ctx, void *in, DATA_BLOB *out) struct asn1_data *data = asn1_init(mem_ctx); int num; + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -696,6 +720,8 @@ static BOOL encode_extended_dn_request(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_extended_dn_control *ledc = talloc_get_type(in, struct ldb_extended_dn_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -722,6 +748,8 @@ static BOOL encode_sd_flags_request(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_sd_flags_control *lsdfc = talloc_get_type(in, struct ldb_sd_flags_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -748,6 +776,8 @@ static BOOL encode_search_options_request(void *mem_ctx, void *in, DATA_BLOB *ou struct ldb_search_options_control *lsoc = talloc_get_type(in, struct ldb_search_options_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -774,6 +804,8 @@ static BOOL encode_paged_results_request(void *mem_ctx, void *in, DATA_BLOB *out struct ldb_paged_control *lprc = talloc_get_type(in, struct ldb_paged_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -807,6 +839,8 @@ static BOOL encode_asq_control(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_asq_control *lac = talloc_get_type(in, struct ldb_asq_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -840,6 +874,8 @@ static BOOL encode_dirsync_request(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_dirsync_control *ldc = talloc_get_type(in, struct ldb_dirsync_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -924,6 +960,8 @@ static BOOL encode_vlv_request(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_vlv_req_control *lvrc = talloc_get_type(in, struct ldb_vlv_req_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } @@ -998,6 +1036,8 @@ static BOOL encode_vlv_response(void *mem_ctx, void *in, DATA_BLOB *out) struct ldb_vlv_resp_control *lvrc = talloc_get_type(in, struct ldb_vlv_resp_control); struct asn1_data *data = asn1_init(mem_ctx); + if (!data) return False; + if (!asn1_push_tag(data, ASN1_SEQUENCE(0))) { return False; } diff --git a/source4/libcli/util/asn1.c b/source4/libcli/util/asn1.c index d02f6be9c7..81ce72bed9 100644 --- a/source4/libcli/util/asn1.c +++ b/source4/libcli/util/asn1.c @@ -24,7 +24,11 @@ /* allocate an asn1 structure */ struct asn1_data *asn1_init(TALLOC_CTX *mem_ctx) { - return talloc_zero(NULL, struct asn1_data); + struct asn1_data *ret = talloc_zero(NULL, struct asn1_data); + if (ret == NULL) { + DEBUG(0,("asn1_init failed! out of memory\n")); + } + return ret; } /* free an asn1 structure */ -- cgit