The Samba-Bugzilla – Attachment 10405 Details for
Bug 9629
Since version 3.0.33-3.29.el5_5.1 the binary /usr/bin/profiles does not work.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch
9629.patch (text/plain), 3.48 KB, created by
Christian Ambach
on 2014-11-04 22:57:08 UTC
(
hide
)
Description:
proposed patch
Filename:
MIME Type:
Creator:
Christian Ambach
Created:
2014-11-04 22:57:08 UTC
Size:
3.48 KB
patch
obsolete
>From f46b0c632aa83171bb71e8a897fb00b7c2904531 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Tue, 4 Nov 2014 23:47:26 +0100 >Subject: [PATCH 1/3] s3:registry/regfio read SD from the correct location > >try to find the security descriptor at the data pointer, not at the beginning of the hbin > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9629 >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > source3/registry/regfio.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > >diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c >index fe80094..b32bf03 100644 >--- a/source3/registry/regfio.c >+++ b/source3/registry/regfio.c >@@ -768,8 +768,10 @@ static bool hbin_prs_sk_rec( const char *desc, REGF_HBIN *hbin, int depth, REGF_ > if (!prs_copy_data_in(&hbin->ps, (const char *)blob.data, blob.length)) > return False; > } else { >- blob = data_blob_const(prs_data_p(&hbin->ps), >- prs_data_size(&hbin->ps)); >+ blob = data_blob_const( >+ prs_data_p(&hbin->ps) + prs_offset(&hbin->ps), >+ prs_data_size(&hbin->ps) - prs_offset(&hbin->ps) >+ ); > status = unmarshall_sec_desc(mem_ctx, > blob.data, blob.length, > &sk->sec_desc); >-- >1.9.1 > > >From 8ce1af104dcaf063e8161f0bd76284e80ebc3e07 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Tue, 4 Nov 2014 23:50:07 +0100 >Subject: [PATCH 2/3] s3:registry/regfio fix some valgrind warnings > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > source3/registry/regfio.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/source3/registry/regfio.c b/source3/registry/regfio.c >index b32bf03..e49de26 100644 >--- a/source3/registry/regfio.c >+++ b/source3/registry/regfio.c >@@ -1741,7 +1741,7 @@ static bool create_vk_record(REGF_FILE *file, REGF_VK_REC *vk, > /* make sure we don't try to copy from a NULL value pointer */ > > if ( vk->data_size != 0 ) >- memcpy( &vk->data_off, regval_data_p(value), sizeof(uint32) ); >+ memcpy( &vk->data_off, regval_data_p(value), vk->data_size); > vk->data_size |= VK_DATA_IN_OFFSET; > } > >@@ -1806,7 +1806,7 @@ static int hashrec_cmp( REGF_HASH_REC *h1, REGF_HASH_REC *h2 ) > REGF_HASH_REC *hash = &parent->subkeys.hashes[parent->subkey_index]; > > hash->nk_off = prs_offset( &nk->hbin->ps ) + nk->hbin->first_hbin_off - HBIN_HDR_SIZE; >- memcpy( hash->keycheck, name, sizeof(uint32) ); >+ memcpy(hash->keycheck, name, MIN(strlen(name),sizeof(uint32))); > hash->fullname = talloc_strdup( file->mem_ctx, name ); > parent->subkey_index++; > >-- >1.9.1 > > >From 57833c295a39b77059afa7e567a858d4e275ac35 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Tue, 4 Nov 2014 23:51:23 +0100 >Subject: [PATCH 3/3] s3:utils/profiles fix a use after free > >path is a talloc-child of subkeys, so subkeys should not be freed before calling >verbose_output > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > source3/utils/profiles.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > >diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c >index 0f274ad..22c8f72 100644 >--- a/source3/utils/profiles.c >+++ b/source3/utils/profiles.c >@@ -189,12 +189,12 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk, > } > } > >- /* values is a talloc()'d child of subkeys here so just throw it all away */ >- >- TALLOC_FREE( subkeys ); > > verbose_output("[%s]\n", path); > >+ /* values is a talloc()'d child of subkeys here so just throw it all away */ >+ TALLOC_FREE(subkeys); >+ > return True; > } > >-- >1.9.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 9629
:
10241
|
10405
|
10494