The Samba-Bugzilla – Attachment 5025 Details for
Bug 6934
generated s3 pidl client did not deal with sizes correctly
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
port of patch from master to v3-3-test
v3-3-test.patch (text/plain), 13.15 KB, created by
Guenther Deschner
on 2009-11-30 08:08:12 UTC
(
hide
)
Description:
port of patch from master to v3-3-test
Filename:
MIME Type:
Creator:
Guenther Deschner
Created:
2009-11-30 08:08:12 UTC
Size:
13.15 KB
patch
obsolete
>From f27d0fe293db4b8cca688a3fe63be4b893160b6c Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 25 Nov 2009 14:21:32 +0100 >Subject: [PATCH 1/3] pidl:NDR/Parser: $size can be 'foo / 2' so we need to add '(' and ')' > >foo / 5 * sizeof(bar)' isn't the same as >'(foo / 2) * sizeof(bar)'. > >metze >(cherry picked from commit ab1c92950f3cfdc8c52b772ecef23a5477f48f9d) >--- > source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > >diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm >index 01acf79..2a9ffa2 100644 >--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm >+++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm >@@ -2087,7 +2087,7 @@ sub AllocateArrayLevel($$$$$$) > $self->pidl("}"); > if (grep(/in/,@{$e->{DIRECTION}}) and > grep(/out/,@{$e->{DIRECTION}})) { >- $self->pidl("memcpy(r->out.$e->{NAME}, r->in.$e->{NAME}, $size * sizeof(*r->in.$e->{NAME}));"); >+ $self->pidl("memcpy(r->out.$e->{NAME}, r->in.$e->{NAME}, ($size) * sizeof(*r->in.$e->{NAME}));"); > } > return; > } >-- >1.6.5.2 > > >From 63cc7f6e42ee4970164155b405601ce30ca03e9c Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 27 Nov 2009 11:37:01 +0100 >Subject: [PATCH 2/3] pidl:Samba3/ClientNDR: $size can be 'foo / 2' so we need to add '(' and ')' > >foo / 5 * sizeof(bar)' isn't the same as >'(foo / 2) * sizeof(bar)'. > >metze >--- > source/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm | 2 +- > source/pidl/tests/samba3-cli.pl | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > >diff --git a/source/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm b/source/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm >index bd2d7c1..83b1391 100644 >--- a/source/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm >+++ b/source/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm >@@ -93,7 +93,7 @@ sub ParseOutputArgument($$$) > # to allocate a structure of the right size. > my $env = GenerateFunctionInEnv($fn, "r."); > my $size_is = ParseExpr($e->{LEVELS}[$level]->{SIZE_IS}, $env, $e->{ORIGINAL}); >- $self->pidl("memcpy($e->{NAME}, r.out.$e->{NAME}, $size_is * sizeof(*$e->{NAME}));"); >+ $self->pidl("memcpy($e->{NAME}, r.out.$e->{NAME}, ($size_is) * sizeof(*$e->{NAME}));"); > } else { > $self->pidl("*$e->{NAME} = *r.out.$e->{NAME};"); > } >diff --git a/source/pidl/tests/samba3-cli.pl b/source/pidl/tests/samba3-cli.pl >index dd4b273..cf899ff 100755 >--- a/source/pidl/tests/samba3-cli.pl >+++ b/source/pidl/tests/samba3-cli.pl >@@ -123,4 +123,4 @@ my $e = { NAME => "foo", ORIGINAL => { FILE => "f", LINE => -1 }, > LEVELS => [ { TYPE => "ARRAY", SIZE_IS => "mysize" }, { TYPE => "DATA", DATA_TYPE => "int" } ]}; > > $x->ParseOutputArgument($fn, $e); >-is($x->{res}, "memcpy(foo, r.out.foo, mysize * sizeof(*foo));\n"); >+is($x->{res}, "memcpy(foo, r.out.foo, (mysize) * sizeof(*foo));\n"); >-- >1.6.5.2 > > >From 20cf5ccb6d61b2760dbec7f18136fb0a4a94d03e Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 27 Nov 2009 16:49:48 +0100 >Subject: [PATCH 3/3] s3: re-run make samba3-idl. > >Guenther > >Fix bug #6934. >--- > source/librpc/gen_ndr/cli_echo.c | 4 ++-- > source/librpc/gen_ndr/cli_epmapper.c | 4 ++-- > source/librpc/gen_ndr/cli_eventlog.c | 2 +- > source/librpc/gen_ndr/cli_ntsvcs.c | 2 +- > source/librpc/gen_ndr/cli_srvsvc.c | 2 +- > source/librpc/gen_ndr/cli_svcctl.c | 20 ++++++++++---------- > source/librpc/gen_ndr/cli_winreg.c | 8 ++++---- > source/librpc/gen_ndr/ndr_winreg.c | 4 ++-- > 8 files changed, 23 insertions(+), 23 deletions(-) > >diff --git a/source/librpc/gen_ndr/cli_echo.c b/source/librpc/gen_ndr/cli_echo.c >index a775825..5d35e66 100644 >--- a/source/librpc/gen_ndr/cli_echo.c >+++ b/source/librpc/gen_ndr/cli_echo.c >@@ -82,7 +82,7 @@ NTSTATUS rpccli_echo_EchoData(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(out_data, r.out.out_data, r.in.len * sizeof(*out_data)); >+ memcpy(out_data, r.out.out_data, (r.in.len) * sizeof(*out_data)); > > /* Return result */ > return NT_STATUS_OK; >@@ -162,7 +162,7 @@ NTSTATUS rpccli_echo_SourceData(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(data, r.out.data, r.in.len * sizeof(*data)); >+ memcpy(data, r.out.data, (r.in.len) * sizeof(*data)); > > /* Return result */ > return NT_STATUS_OK; >diff --git a/source/librpc/gen_ndr/cli_epmapper.c b/source/librpc/gen_ndr/cli_epmapper.c >index 19673ab..4171bd4 100644 >--- a/source/librpc/gen_ndr/cli_epmapper.c >+++ b/source/librpc/gen_ndr/cli_epmapper.c >@@ -135,7 +135,7 @@ NTSTATUS rpccli_epm_Lookup(struct rpc_pipe_client *cli, > /* Return variables */ > *entry_handle = *r.out.entry_handle; > *num_ents = *r.out.num_ents; >- memcpy(entries, r.out.entries, r.in.max_ents * sizeof(*entries)); >+ memcpy(entries, r.out.entries, (r.in.max_ents) * sizeof(*entries)); > > /* Return result */ > return NT_STATUS_OK; >@@ -184,7 +184,7 @@ NTSTATUS rpccli_epm_Map(struct rpc_pipe_client *cli, > /* Return variables */ > *entry_handle = *r.out.entry_handle; > *num_towers = *r.out.num_towers; >- memcpy(towers, r.out.towers, r.in.max_towers * sizeof(*towers)); >+ memcpy(towers, r.out.towers, (r.in.max_towers) * sizeof(*towers)); > > /* Return result */ > return NT_STATUS_OK; >diff --git a/source/librpc/gen_ndr/cli_eventlog.c b/source/librpc/gen_ndr/cli_eventlog.c >index 08456fc..842b739 100644 >--- a/source/librpc/gen_ndr/cli_eventlog.c >+++ b/source/librpc/gen_ndr/cli_eventlog.c >@@ -435,7 +435,7 @@ NTSTATUS rpccli_eventlog_ReadEventLogW(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(data, r.out.data, r.in.number_of_bytes * sizeof(*data)); >+ memcpy(data, r.out.data, (r.in.number_of_bytes) * sizeof(*data)); > *sent_size = *r.out.sent_size; > *real_size = *r.out.real_size; > >diff --git a/source/librpc/gen_ndr/cli_ntsvcs.c b/source/librpc/gen_ndr/cli_ntsvcs.c >index 4b86923..b5f108c 100644 >--- a/source/librpc/gen_ndr/cli_ntsvcs.c >+++ b/source/librpc/gen_ndr/cli_ntsvcs.c >@@ -597,7 +597,7 @@ NTSTATUS rpccli_PNP_GetDeviceRegProp(struct rpc_pipe_client *cli, > > /* Return variables */ > *unknown1 = *r.out.unknown1; >- memcpy(buffer, r.out.buffer, *r.in.buffer_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (*r.in.buffer_size) * sizeof(*buffer)); > *buffer_size = *r.out.buffer_size; > *needed = *r.out.needed; > >diff --git a/source/librpc/gen_ndr/cli_srvsvc.c b/source/librpc/gen_ndr/cli_srvsvc.c >index fbf9813..0910284 100644 >--- a/source/librpc/gen_ndr/cli_srvsvc.c >+++ b/source/librpc/gen_ndr/cli_srvsvc.c >@@ -1631,7 +1631,7 @@ NTSTATUS rpccli_srvsvc_NetPathCanonicalize(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(can_path, r.out.can_path, r.in.maxbuf * sizeof(*can_path)); >+ memcpy(can_path, r.out.can_path, (r.in.maxbuf) * sizeof(*can_path)); > *pathtype = *r.out.pathtype; > > /* Return result */ >diff --git a/source/librpc/gen_ndr/cli_svcctl.c b/source/librpc/gen_ndr/cli_svcctl.c >index e5fd4da..2a73c6a 100644 >--- a/source/librpc/gen_ndr/cli_svcctl.c >+++ b/source/librpc/gen_ndr/cli_svcctl.c >@@ -225,7 +225,7 @@ NTSTATUS rpccli_svcctl_QueryServiceObjectSecurity(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(buffer, r.out.buffer, r.in.buffer_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (r.in.buffer_size) * sizeof(*buffer)); > *needed = *r.out.needed; > > /* Return result */ >@@ -685,7 +685,7 @@ NTSTATUS rpccli_svcctl_EnumDependentServicesW(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(service_status, r.out.service_status, r.in.buf_size * sizeof(*service_status)); >+ memcpy(service_status, r.out.service_status, (r.in.buf_size) * sizeof(*service_status)); > *bytes_needed = *r.out.bytes_needed; > *services_returned = *r.out.services_returned; > >@@ -742,7 +742,7 @@ NTSTATUS rpccli_svcctl_EnumServicesStatusW(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(service, r.out.service, r.in.buf_size * sizeof(*service)); >+ memcpy(service, r.out.service, (r.in.buf_size) * sizeof(*service)); > *bytes_needed = *r.out.bytes_needed; > *services_returned = *r.out.services_returned; > if (resume_handle && r.out.resume_handle) { >@@ -1385,7 +1385,7 @@ NTSTATUS rpccli_svcctl_EnumServicesStatusA(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(service, r.out.service, r.in.buf_size * sizeof(*service)); >+ memcpy(service, r.out.service, (r.in.buf_size) * sizeof(*service)); > *bytes_needed = *r.out.bytes_needed; > *services_returned = *r.out.services_returned; > if (resume_handle && r.out.resume_handle) { >@@ -1534,7 +1534,7 @@ NTSTATUS rpccli_svcctl_QueryServiceConfigA(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(query, r.out.query, r.in.buf_size * sizeof(*query)); >+ memcpy(query, r.out.query, (r.in.buf_size) * sizeof(*query)); > *bytes_needed = *r.out.bytes_needed; > > /* Return result */ >@@ -1961,7 +1961,7 @@ NTSTATUS rpccli_svcctl_QueryServiceConfig2A(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(buffer, r.out.buffer, r.in.buf_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (r.in.buf_size) * sizeof(*buffer)); > *bytes_needed = *r.out.bytes_needed; > > /* Return result */ >@@ -2012,7 +2012,7 @@ NTSTATUS rpccli_svcctl_QueryServiceConfig2W(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(buffer, r.out.buffer, r.in.buf_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (r.in.buf_size) * sizeof(*buffer)); > *bytes_needed = *r.out.bytes_needed; > > /* Return result */ >@@ -2063,7 +2063,7 @@ NTSTATUS rpccli_svcctl_QueryServiceStatusEx(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(buffer, r.out.buffer, r.in.buf_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (r.in.buf_size) * sizeof(*buffer)); > *bytes_needed = *r.out.bytes_needed; > > /* Return result */ >@@ -2122,7 +2122,7 @@ NTSTATUS rpccli_EnumServicesStatusExA(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(services, r.out.services, r.in.buf_size * sizeof(*services)); >+ memcpy(services, r.out.services, (r.in.buf_size) * sizeof(*services)); > *bytes_needed = *r.out.bytes_needed; > *service_returned = *r.out.service_returned; > if (resume_handle && r.out.resume_handle) { >@@ -2186,7 +2186,7 @@ NTSTATUS rpccli_EnumServicesStatusExW(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(services, r.out.services, r.in.buf_size * sizeof(*services)); >+ memcpy(services, r.out.services, (r.in.buf_size) * sizeof(*services)); > *bytes_needed = *r.out.bytes_needed; > *service_returned = *r.out.service_returned; > if (resume_handle && r.out.resume_handle) { >diff --git a/source/librpc/gen_ndr/cli_winreg.c b/source/librpc/gen_ndr/cli_winreg.c >index 29f7e50..bdf52f7 100644 >--- a/source/librpc/gen_ndr/cli_winreg.c >+++ b/source/librpc/gen_ndr/cli_winreg.c >@@ -544,7 +544,7 @@ NTSTATUS rpccli_winreg_EnumValue(struct rpc_pipe_client *cli, > *type = *r.out.type; > } > if (value && r.out.value) { >- memcpy(value, r.out.value, *r.in.size * sizeof(*value)); >+ memcpy(value, r.out.value, (*r.in.size) * sizeof(*value)); > } > if (size && r.out.size) { > *size = *r.out.size; >@@ -915,7 +915,7 @@ NTSTATUS rpccli_winreg_QueryValue(struct rpc_pipe_client *cli, > *type = *r.out.type; > } > if (data && r.out.data) { >- memcpy(data, r.out.data, *r.in.data_size * sizeof(*data)); >+ memcpy(data, r.out.data, (*r.in.data_size) * sizeof(*data)); > } > if (data_size && r.out.data_size) { > *data_size = *r.out.data_size; >@@ -1481,9 +1481,9 @@ NTSTATUS rpccli_winreg_QueryMultipleValues(struct rpc_pipe_client *cli, > } > > /* Return variables */ >- memcpy(values, r.out.values, r.in.num_values * sizeof(*values)); >+ memcpy(values, r.out.values, (r.in.num_values) * sizeof(*values)); > if (buffer && r.out.buffer) { >- memcpy(buffer, r.out.buffer, *r.in.buffer_size * sizeof(*buffer)); >+ memcpy(buffer, r.out.buffer, (*r.in.buffer_size) * sizeof(*buffer)); > } > *buffer_size = *r.out.buffer_size; > >diff --git a/source/librpc/gen_ndr/ndr_winreg.c b/source/librpc/gen_ndr/ndr_winreg.c >index cc0d800..e43ea22 100644 >--- a/source/librpc/gen_ndr/ndr_winreg.c >+++ b/source/librpc/gen_ndr/ndr_winreg.c >@@ -3676,7 +3676,7 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd > if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { > NDR_PULL_ALLOC_N(ndr, r->in.values, ndr_get_array_size(ndr, &r->in.values)); > } >- memcpy(r->out.values, r->in.values, ndr_get_array_size(ndr, &r->in.values) * sizeof(*r->in.values)); >+ memcpy(r->out.values, r->in.values, (ndr_get_array_size(ndr, &r->in.values)) * sizeof(*r->in.values)); > _mem_save_values_1 = NDR_PULL_GET_MEM_CTX(ndr); > NDR_PULL_SET_MEM_CTX(ndr, r->in.values, 0); > for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { >@@ -3738,7 +3738,7 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd > if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { > NDR_PULL_ALLOC_N(ndr, r->out.values, ndr_get_array_size(ndr, &r->out.values)); > } >- memcpy(r->out.values, r->in.values, ndr_get_array_size(ndr, &r->out.values) * sizeof(*r->in.values)); >+ memcpy(r->out.values, r->in.values, (ndr_get_array_size(ndr, &r->out.values)) * sizeof(*r->in.values)); > _mem_save_values_1 = NDR_PULL_GET_MEM_CTX(ndr); > NDR_PULL_SET_MEM_CTX(ndr, r->out.values, 0); > for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { >-- >1.6.5.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 6934
:
5018
| 5025