The Samba-Bugzilla – Attachment 4281 Details for
Bug 6129
va_start always needs a va_end, missing in some instances
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated patch
0002-s4-Call-va_end-after-all-va_start-va_copy-cal.patch (text/plain), 3.90 KB, created by
Andrew Kroeger
on 2009-06-12 03:10:52 UTC
(
hide
)
Description:
Updated patch
Filename:
MIME Type:
Creator:
Andrew Kroeger
Created:
2009-06-12 03:10:52 UTC
Size:
3.90 KB
patch
obsolete
>From 7a0c613310cd637bc4b16545ee6e3f5d497dcb5d Mon Sep 17 00:00:00 2001 >From: Andrew Kroeger <andrew@id10ts.net> >Date: Thu, 11 Jun 2009 02:06:08 -0500 >Subject: [PATCH] s4: Call va_end() after all va_start()/va_copy() calls. > >This corrects the issues reaised in bug #6129, and some others that were not >originally identified. It also accounts for some code that was in the original >bug report but appears to have since been made common between S3 and S4. > >Thanks to Erik Hovland <erik@hovland.org> for the original bug report. >--- > examples/libsmbclient/smbwrapper/smbw.c | 14 +++++++++----- > lib/torture/torture.c | 2 ++ > libcli/auth/msrpc_parse.c | 4 ++++ > source4/lib/ldb/ldb_sqlite3/ldb_sqlite3.c | 1 + > 4 files changed, 16 insertions(+), 5 deletions(-) > >diff --git a/examples/libsmbclient/smbwrapper/smbw.c b/examples/libsmbclient/smbwrapper/smbw.c >index e2e44c1..1356c78 100644 >--- a/examples/libsmbclient/smbwrapper/smbw.c >+++ b/examples/libsmbclient/smbwrapper/smbw.c >@@ -55,12 +55,9 @@ smbw_ref -- manipulate reference counts > ******************************************************/ > int smbw_ref(int client_fd, Ref_Count_Type type, ...) > { >- va_list ap; >- > /* client id values begin at SMBC_BASE_FC. */ > client_fd -= SMBC_BASE_FD; > >- va_start(ap, type); > switch(type) > { > case SMBW_RCT_Increment: >@@ -73,9 +70,16 @@ int smbw_ref(int client_fd, Ref_Count_Type type, ...) > return smbw_ref_count[client_fd]; > > case SMBW_RCT_Set: >- return (smbw_ref_count[client_fd] = va_arg(ap, int)); >+ { >+ va_list ap; >+ int ret; >+ >+ va_start(ap, type); >+ ret = (smbw_ref_count[client_fd] = va_arg(ap, int)); >+ va_end(ap); >+ return ret; >+ } > } >- va_end(ap); > > /* never gets here */ > return -1; >diff --git a/lib/torture/torture.c b/lib/torture/torture.c >index 17adce9..99447e7 100644 >--- a/lib/torture/torture.c >+++ b/lib/torture/torture.c >@@ -107,6 +107,7 @@ void torture_comment(struct torture_context *context, const char *comment, ...) > > va_start(ap, comment); > tmp = talloc_vasprintf(context, comment, ap); >+ va_end(ap); > > context->results->ui_ops->comment(context, tmp); > >@@ -126,6 +127,7 @@ void torture_warning(struct torture_context *context, const char *comment, ...) > > va_start(ap, comment); > tmp = talloc_vasprintf(context, comment, ap); >+ va_end(ap); > > context->results->ui_ops->warning(context, tmp); > >diff --git a/libcli/auth/msrpc_parse.c b/libcli/auth/msrpc_parse.c >index 9125c1c..50e0d5c 100644 >--- a/libcli/auth/msrpc_parse.c >+++ b/libcli/auth/msrpc_parse.c >@@ -71,6 +71,7 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx, > (smb_ucs2_t **)(void *)&pointers[i].data, > s, &n); > if (!ret) { >+ va_end(ap); > return false; > } > pointers[i].length = n; >@@ -84,6 +85,7 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx, > pointers, (char **)(void *)&pointers[i].data, > s, &n); > if (!ret) { >+ va_end(ap); > return false; > } > pointers[i].length = n; >@@ -99,6 +101,7 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx, > (smb_ucs2_t **)(void *)&pointers[i].data, > s, &n); > if (!ret) { >+ va_end(ap); > return false; > } > pointers[i].length = n; >@@ -192,6 +195,7 @@ bool msrpc_gen(TALLOC_CTX *mem_ctx, > /* a helpful macro to avoid running over the end of our blob */ > #define NEED_DATA(amount) \ > if ((head_ofs + amount) > blob->length) { \ >+ va_end(ap); \ > return false; \ > } > >diff --git a/source4/lib/ldb/ldb_sqlite3/ldb_sqlite3.c b/source4/lib/ldb/ldb_sqlite3/ldb_sqlite3.c >index 8acbac4..d0573d3 100644 >--- a/source4/lib/ldb/ldb_sqlite3/ldb_sqlite3.c >+++ b/source4/lib/ldb/ldb_sqlite3/ldb_sqlite3.c >@@ -485,6 +485,7 @@ query_int(const struct lsqlite3_private * lsqlite3, > > /* Format the query */ > if ((p = sqlite3_vmprintf(pSql, args)) == NULL) { >+ va_end(args); > return SQLITE_NOMEM; > } > >-- >1.6.0.6 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=4281">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 6129
:
3946
| 4281