The Samba-Bugzilla – Attachment 2724 Details for
Bug 4637
The security fix for CVE-2007-2446 has broken my Samba domain
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
parse_prs.c patch for 3.0.24
look2 (text/plain), 2.37 KB, created by
Gerald (Jerry) Carter (dead mail address)
on 2007-05-23 11:26:23 UTC
(
hide
)
Description:
parse_prs.c patch for 3.0.24
Filename:
MIME Type:
Creator:
Gerald (Jerry) Carter (dead mail address)
Created:
2007-05-23 11:26:23 UTC
Size:
2.37 KB
patch
obsolete
>=== modified file 'source/rpc_parse/parse_prs.c' >--- source/rpc_parse/parse_prs.c 2007-05-12 18:41:54 +0000 >+++ source/rpc_parse/parse_prs.c 2007-05-23 16:24:52 +0000 >@@ -642,8 +642,12 @@ > return True; > > if (UNMARSHALLING(ps)) { >- if ( !(*data = (void *)PRS_ALLOC_MEM(ps, char, data_size)) ) >- return False; >+ if (data_size) { >+ if ( !(*data = (void *)PRS_ALLOC_MEM(ps, char, data_size)) ) >+ return False; >+ } else { >+ *data = NULL; >+ } > } > > return prs_fn(name, ps, depth, *data); >@@ -1014,16 +1018,16 @@ > if (q == NULL) > return False; > >+ /* If the string is empty, we don't have anything to stream */ >+ if (str->buf_len==0) >+ return True; >+ > if (UNMARSHALLING(ps)) { > str->buffer = PRS_ALLOC_MEM(ps,uint16,str->buf_len); > if (str->buffer == NULL) > return False; > } > >- /* If the string is empty, we don't have anything to stream */ >- if (str->buf_len==0) >- return True; >- > p = (char *)str->buffer; > > dbg_rw_punival(charmode, name, depth, ps, q, p, str->buf_len); >@@ -1053,6 +1057,8 @@ > buf->buffer = PRS_ALLOC_MEM(ps, uint16, buf->buf_max_len); > if ( buf->buffer == NULL ) > return False; >+ } else { >+ buf->buffer = NULL; > } > } > >@@ -1080,9 +1086,13 @@ > if (str->str_str_len > str->str_max_len) { > return False; > } >- str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); >- if (str->buffer == NULL) >- return False; >+ if (str->str_max_len) { >+ str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); >+ if (str->buffer == NULL) >+ return False; >+ } else { >+ str->buffer = NULL; >+ } > } > > if (UNMARSHALLING(ps)) { >@@ -1127,9 +1137,13 @@ > if (str->uni_str_len > str->uni_max_len) { > return False; > } >- str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); >- if (str->buffer == NULL) >- return False; >+ if (str->uni_max_len) { >+ str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); >+ if (str->buffer == NULL) >+ return False; >+ } else { >+ str->buffer = NULL; >+ } > } > > p = (char *)str->buffer; >@@ -1154,9 +1168,13 @@ > return False; > > if (UNMARSHALLING(ps)) { >- str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); >- if (str->str.buffer == NULL) >- return False; >+ if (str->uni_str_len) { >+ str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); >+ if (str->str.buffer == NULL) >+ return False; >+ } else { >+ str->str.buffer = NULL; >+ } > } > > p = (char *)str->str.buffer; >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 4637
:
2706
|
2707
|
2710
|
2711
|
2712
|
2713
|
2722
| 2724 |
2725