The Samba-Bugzilla – Attachment 14945 Details for
Bug 13818
An out of scope usage of a stack variable may cause corruption in EnumPrinter*
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v4-8-test
tmp48.diff.txt (text/plain), 1.60 KB, created by
Stefan Metzmacher
on 2019-03-19 10:42:28 UTC
(
hide
)
Description:
Patch for v4-8-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2019-03-19 10:42:28 UTC
Size:
1.60 KB
patch
obsolete
>From 33e66c0f7f576ad5deaababe5441ce8e69d010a3 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 1 Mar 2019 15:48:18 +0100 >Subject: [PATCH] ndr_spoolss_buf: fix out of scope use of stack variable in > NDR_SPOOLSS_PUSH_ENUM_OUT() >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13818 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: David Disseldorp <ddiss@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Björn Jacke <bjacke@samba.org> >Reviewed-by: Günther Deschner <gd@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 6da3664f8a11397fd3fb38e89c2432b8bf321e59) >--- > librpc/ndr/ndr_spoolss_buf.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/librpc/ndr/ndr_spoolss_buf.c b/librpc/ndr/ndr_spoolss_buf.c >index c1d175fcbe5f..244d692dca8b 100644 >--- a/librpc/ndr/ndr_spoolss_buf.c >+++ b/librpc/ndr/ndr_spoolss_buf.c >@@ -43,7 +43,8 @@ > } while(0) > > #define NDR_SPOOLSS_PUSH_ENUM_OUT(fn) do { \ >- struct ndr_push *_ndr_info;\ >+ DATA_BLOB _data_blob_info = data_blob_null;\ >+ struct ndr_push *_ndr_info = NULL;\ > _r.in.level = r->in.level;\ > _r.in.buffer = r->in.buffer;\ > _r.in.offered = r->in.offered;\ >@@ -56,7 +57,6 @@ > "SPOOLSS Buffer: *r->out.info but there's no r->in.buffer");\ > }\ > if (r->in.buffer) {\ >- DATA_BLOB _data_blob_info;\ > _ndr_info = ndr_push_init_ctx(ndr);\ > NDR_ERR_HAVE_NO_MEMORY(_ndr_info);\ > _ndr_info->flags= ndr->flags;\ >-- >2.17.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=14945">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
bjacke
:
review+
gd
:
review+
Actions:
View
Attachments on
bug 13818
:
14943
|
14944
| 14945