The Samba-Bugzilla – Attachment 14730 Details for
Bug 13680
Fix out of bound array access and uninitialized variables
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for 4.9
static_analysis_fixes.v4-9-test.patch (text/plain), 5.37 KB, created by
Andreas Schneider
on 2018-12-10 17:15:16 UTC
(
hide
)
Description:
patch for 4.9
Filename:
MIME Type:
Creator:
Andreas Schneider
Created:
2018-12-10 17:15:16 UTC
Size:
5.37 KB
patch
obsolete
>From 0bd36d040129f511762b89555d98851a9dcaf3f6 Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 12 Nov 2018 10:09:23 +0100 >Subject: [PATCH 1/5] s3:rpcclient: Initialize domain_name > >This could be passed uninitialized to dcerpc_netr_DsRGetDCName() > >Found by cppcheck. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 56ac8944eb58f234422b4bd4dd9a64b8e51e874d) >--- > source3/rpcclient/cmd_netlogon.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c >index 8d62ef7e095..631740562c6 100644 >--- a/source3/rpcclient/cmd_netlogon.c >+++ b/source3/rpcclient/cmd_netlogon.c >@@ -216,7 +216,7 @@ static WERROR cmd_netlogon_dsr_getdcname(struct rpc_pipe_client *cli, > WERROR werr = WERR_OK; > uint32_t flags = DS_RETURN_DNS_NAME; > const char *server_name = cli->desthost; >- const char *domain_name; >+ const char *domain_name = NULL; > struct GUID domain_guid = GUID_zero(); > struct GUID site_guid = GUID_zero(); > struct netr_DsRGetDCNameInfo *info = NULL; >-- >2.19.2 > > >From f14942265b08710d4e9bf6b17219f65b5ea79e01 Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 12 Nov 2018 10:13:51 +0100 >Subject: [PATCH 2/5] librpc:ndr: Initialize inblob > >Found by cppcheck. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 9c37ed26f0a814f77c934ae190f48d0a1e673f83) >--- > librpc/ndr/ndr_backupkey.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > >diff --git a/librpc/ndr/ndr_backupkey.c b/librpc/ndr/ndr_backupkey.c >index 827bc694230..adb6e393287 100644 >--- a/librpc/ndr/ndr_backupkey.c >+++ b/librpc/ndr/ndr_backupkey.c >@@ -58,7 +58,9 @@ _PUBLIC_ void ndr_print_bkrp_BackupKey(struct ndr_print *ndr, const char *name, > ndr->flags |= LIBNDR_PRINT_SET_VALUES; > } > if (flags & NDR_IN) { >- union bkrp_data_in_blob inblob; >+ union bkrp_data_in_blob inblob = { >+ .empty._empty_ = '\0', >+ }; > DATA_BLOB blob; > uint32_t level; > enum ndr_err_code ndr_err; >-- >2.19.2 > > >From 865ad3bb69c487589f24c755b2082fe51e5a261a Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 12 Nov 2018 10:16:06 +0100 >Subject: [PATCH 3/5] libgpo: Make sure status is intialized > >Found by cppcheck. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 159f753732cdc1e4491f93617779861fb9d73bc7) >--- > libgpo/gpo_ldap.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c >index fec00053b49..f087203f28a 100644 >--- a/libgpo/gpo_ldap.c >+++ b/libgpo/gpo_ldap.c >@@ -474,7 +474,7 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads, > const char *guid_name, > struct GROUP_POLICY_OBJECT *gpo) > { >- ADS_STATUS status; >+ ADS_STATUS status = ADS_ERROR(LDAP_NO_SUCH_OBJECT); > LDAPMessage *res = NULL; > char *dn; > const char *filter; >-- >2.19.2 > > >From b40b21c5b2f6ed6e4e123cb55d9279f88b3e5c3b Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 12 Nov 2018 10:17:37 +0100 >Subject: [PATCH 4/5] lib:util Always initialize start and space > >Found by cppcheck. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 050d1e7d53c068efac109ec4ff7a686d152e6a45) >--- > lib/util/talloc_report.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > >diff --git a/lib/util/talloc_report.c b/lib/util/talloc_report.c >index 63213a014b6..bed0fd91e43 100644 >--- a/lib/util/talloc_report.c >+++ b/lib/util/talloc_report.c >@@ -33,8 +33,8 @@ static char *talloc_vasprintf_append_largebuf(char *buf, ssize_t *pstr_len, > const char *fmt, va_list ap) > { > ssize_t str_len = *pstr_len; >- size_t buflen, needed, space; >- char *start, *tmpbuf; >+ size_t buflen, needed, space = 0; >+ char *start = NULL, *tmpbuf = NULL; > va_list ap2; > int printlen; > >@@ -52,9 +52,6 @@ static char *talloc_vasprintf_append_largebuf(char *buf, ssize_t *pstr_len, > if (buflen > str_len) { > start = buf + str_len; > space = buflen - str_len; >- } else { >- start = NULL; >- space = 0; > } > > va_copy(ap2, ap); >-- >2.19.2 > > >From 01c2b8c1920744b9b46e3b2010f0487f23aa865b Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 12 Nov 2018 10:21:15 +0100 >Subject: [PATCH 5/5] ctdb: Fix an out of bound array access > >Found by cppcheck. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 008b9652cacdfd99e68db9d88f4e0c33eefa87e9) >--- > ctdb/common/logging.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/ctdb/common/logging.c b/ctdb/common/logging.c >index dc8c4f75058..55e5d541735 100644 >--- a/ctdb/common/logging.c >+++ b/ctdb/common/logging.c >@@ -85,7 +85,7 @@ const char *debug_level_to_string(int log_level) > { > int i; > >- for (i=0; ARRAY_SIZE(log_string_map); i++) { >+ for (i=0; i < ARRAY_SIZE(log_string_map); i++) { > if (log_string_map[i].log_level == log_level) { > return log_string_map[i].log_string; > } >-- >2.19.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
asn
:
review?
(
jra
)
Actions:
View
Attachments on
bug 13680
: 14730