The branch, v4-0-test has been updated
via c73a3b837ec16fbb846c6e63a45599fca99b3d0b (commit)
via 3ab9abf40605a4a6b220faeebaef81546a8d87a0 (commit)
via 92d5fb531db39be655f0cbd2d75b5f675a0a4cfa (commit)
via d62f2bcc85c13605c133db250e0a86d2d6ccc481 (commit)
from 0e2f6d481b3e35ed392b2b3340b244c77593819c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit c73a3b837ec16fbb846c6e63a45599fca99b3d0b
Merge: 3ab9abf40605a4a6b220faeebaef81546a8d87a0
0e2f6d481b3e35ed392b2b3340b244c77593819c
Author: Andrew Tridgell <[EMAIL PROTECTED]>
Date: Thu Apr 17 16:53:36 2008 +0200
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
v4-0-test
commit 3ab9abf40605a4a6b220faeebaef81546a8d87a0
Merge: 92d5fb531db39be655f0cbd2d75b5f675a0a4cfa
a38f413c557f3c85a5524607c69e9085a8289f47
Author: Andrew Tridgell <[EMAIL PROTECTED]>
Date: Thu Apr 17 15:21:08 2008 +0200
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into
v4-0-test
commit 92d5fb531db39be655f0cbd2d75b5f675a0a4cfa
Author: Andrew Tridgell <[EMAIL PROTECTED]>
Date: Thu Apr 17 15:20:39 2008 +0200
fix the overflow/wrap checks in Samba4 for new gcc optimisation behavior
The approach I have used is as set out in
https://www.securecoding.cert.org/confluence/display/seccode/ARR38-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+if+the+resulting+value+does+not+refer+to+an+element+within+the+array
commit d62f2bcc85c13605c133db250e0a86d2d6ccc481
Author: Andrew Tridgell <[EMAIL PROTECTED]>
Date: Thu Apr 17 14:47:07 2008 +0200
use uintptr_t instead of intptr_t where appropriate
-----------------------------------------------------------------------
Summary of changes:
source/cluster/ctdb/include/includes.h | 2 +-
source/lib/ldb/ldb_tdb/ldb_index.c | 4 ++--
source/lib/replace/libreplace_cc.m4 | 3 ++-
source/lib/replace/replace.c | 2 +-
source/lib/replace/replace.h | 2 +-
source/lib/util/util.h | 2 +-
source/libcli/raw/rawrequest.c | 6 +++---
source/libcli/raw/rawtrans.c | 6 +++---
source/libcli/smb2/request.c | 8 ++++----
source/librpc/ndr/ndr_basic.c | 4 ++--
source/smb_server/smb/request.c | 6 +++---
11 files changed, 23 insertions(+), 22 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/cluster/ctdb/include/includes.h
b/source/cluster/ctdb/include/includes.h
index 48c3c2e..0ed44cb 100644
--- a/source/cluster/ctdb/include/includes.h
+++ b/source/cluster/ctdb/include/includes.h
@@ -21,7 +21,7 @@ extern int LogLevel;
#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
#ifndef discard_const
-#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
#endif
struct timeval timeval_zero(void);
diff --git a/source/lib/ldb/ldb_tdb/ldb_index.c
b/source/lib/ldb/ldb_tdb/ldb_index.c
index d8776f4..1b6d9fe 100644
--- a/source/lib/ldb/ldb_tdb/ldb_index.c
+++ b/source/lib/ldb/ldb_tdb/ldb_index.c
@@ -545,7 +545,7 @@ static int ltdb_index_dn_one(struct ldb_module *module,
/* the attribute is indexed. Pull the list of DNs that match the
search criterion */
- val.data = (uint8_t *)((intptr_t)ldb_dn_get_casefold(parent_dn));
+ val.data = (uint8_t *)((uintptr_t)ldb_dn_get_casefold(parent_dn));
val.length = strlen((char *)val.data);
key = ltdb_index_key(ldb, LTDB_IDXONE, &val);
if (!key) {
@@ -1140,7 +1140,7 @@ int ltdb_index_one(struct ldb_module *module, const
struct ldb_message *msg, int
return LDB_ERR_OPERATIONS_ERROR;
}
- val.data = (uint8_t *)((intptr_t)ldb_dn_get_casefold(pdn));
+ val.data = (uint8_t *)((uintptr_t)ldb_dn_get_casefold(pdn));
if (val.data == NULL) {
talloc_free(pdn);
return LDB_ERR_OPERATIONS_ERROR;
diff --git a/source/lib/replace/libreplace_cc.m4
b/source/lib/replace/libreplace_cc.m4
index bf50568..0ce0958 100644
--- a/source/lib/replace/libreplace_cc.m4
+++ b/source/lib/replace/libreplace_cc.m4
@@ -132,7 +132,8 @@ AC_CHECK_SIZEOF(off_t)
AC_CHECK_SIZEOF(size_t)
AC_CHECK_SIZEOF(ssize_t)
-AC_CHECK_TYPE(intptr_t, unsigned long long)
+AC_CHECK_TYPE(intptr_t, long long)
+AC_CHECK_TYPE(uintptr_t, unsigned long long)
AC_CHECK_TYPE(ptrdiff_t, unsigned long long)
if test x"$ac_cv_type_long_long" != x"yes";then
diff --git a/source/lib/replace/replace.c b/source/lib/replace/replace.c
index 6930f9b..443da2a 100644
--- a/source/lib/replace/replace.c
+++ b/source/lib/replace/replace.c
@@ -458,7 +458,7 @@ char *rep_strcasestr(const char *haystack, const char
*needle)
for (s=haystack;*s;s++) {
if (toupper(*needle) == toupper(*s) &&
strncasecmp(s, needle, nlen) == 0) {
- return (char *)((intptr_t)s);
+ return (char *)((uintptr_t)s);
}
}
return NULL;
diff --git a/source/lib/replace/replace.h b/source/lib/replace/replace.h
index 5fe7939..bf95169 100644
--- a/source/lib/replace/replace.h
+++ b/source/lib/replace/replace.h
@@ -499,7 +499,7 @@ typedef int bool;
Also, please call this via the discard_const_p() macro interface, as that
makes the return type safe.
*/
-#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
/** Type-safe version of discard_const */
#define discard_const_p(type, ptr) ((type *)discard_const(ptr))
diff --git a/source/lib/util/util.h b/source/lib/util/util.h
index 3bf6b98..ffe83c1 100644
--- a/source/lib/util/util.h
+++ b/source/lib/util/util.h
@@ -64,7 +64,7 @@ extern const char *panic_action;
makes the return type safe.
*/
#ifndef discard_const
-#define discard_const(ptr) ((void *)((intptr_t)(ptr)))
+#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
#endif
/** Type-safe version of discard_const */
diff --git a/source/libcli/raw/rawrequest.c b/source/libcli/raw/rawrequest.c
index a42c710..ef856c6 100644
--- a/source/libcli/raw/rawrequest.c
+++ b/source/libcli/raw/rawrequest.c
@@ -700,10 +700,10 @@ DATA_BLOB smbcli_req_pull_blob(struct request_bufinfo
*bufinfo, TALLOC_CTX *mem_
static bool smbcli_req_data_oob(struct request_bufinfo *bufinfo, const uint8_t
*ptr, uint32_t count)
{
/* be careful with wraparound! */
- if (ptr < bufinfo->data ||
- ptr >= bufinfo->data + bufinfo->data_size ||
+ if ((uintptr_t)ptr < (uintptr_t)bufinfo->data ||
+ (uintptr_t)ptr >= (uintptr_t)bufinfo->data + bufinfo->data_size ||
count > bufinfo->data_size ||
- ptr + count > bufinfo->data + bufinfo->data_size) {
+ (uintptr_t)ptr + count > (uintptr_t)bufinfo->data +
bufinfo->data_size) {
return true;
}
return false;
diff --git a/source/libcli/raw/rawtrans.c b/source/libcli/raw/rawtrans.c
index 29881af..0f15b21 100644
--- a/source/libcli/raw/rawtrans.c
+++ b/source/libcli/raw/rawtrans.c
@@ -40,10 +40,10 @@ static bool raw_trans_oob(struct smbcli_request *req,
ptr = req->in.hdr + offset;
/* be careful with wraparound! */
- if (ptr < req->in.data ||
- ptr >= req->in.data + req->in.data_size ||
+ if ((uintptr_t)ptr < (uintptr_t)req->in.data ||
+ (uintptr_t)ptr >= (uintptr_t)req->in.data + req->in.data_size ||
count > req->in.data_size ||
- ptr + count > req->in.data + req->in.data_size) {
+ (uintptr_t)ptr + count > (uintptr_t)req->in.data +
req->in.data_size) {
return true;
}
return false;
diff --git a/source/libcli/smb2/request.c b/source/libcli/smb2/request.c
index 2471fca..f52b0ce 100644
--- a/source/libcli/smb2/request.c
+++ b/source/libcli/smb2/request.c
@@ -211,10 +211,10 @@ bool smb2_oob(struct smb2_request_buffer *buf, const
uint8_t *ptr, size_t size)
return false;
}
/* be careful with wraparound! */
- if (ptr < buf->body ||
- ptr >= buf->body + buf->body_size ||
+ if ((uintptr_t)ptr < (uintptr_t)buf->body ||
+ (uintptr_t)ptr >= (uintptr_t)buf->body + buf->body_size ||
size > buf->body_size ||
- ptr + size > buf->body + buf->body_size) {
+ (uintptr_t)ptr + size > (uintptr_t)buf->body + buf->body_size) {
return true;
}
return false;
@@ -669,7 +669,7 @@ NTSTATUS smb2_push_o16s16_string(struct smb2_request_buffer
*buf,
}
if (*str == 0) {
- blob.data = str;
+ blob.data = discard_const(str);
blob.length = 0;
return smb2_push_o16s16_blob(buf, ofs, blob);
}
diff --git a/source/librpc/ndr/ndr_basic.c b/source/librpc/ndr/ndr_basic.c
index 93a177f..1d2b47c 100644
--- a/source/librpc/ndr/ndr_basic.c
+++ b/source/librpc/ndr/ndr_basic.c
@@ -196,7 +196,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_hyper(struct ndr_pull
*ndr, int ndr_flags, u
*/
_PUBLIC_ enum ndr_err_code ndr_pull_pointer(struct ndr_pull *ndr, int
ndr_flags, void* *v)
{
- intptr_t h;
+ uintptr_t h;
NDR_PULL_ALIGN(ndr, sizeof(h));
NDR_PULL_NEED_BYTES(ndr, sizeof(h));
memcpy(&h, ndr->data+ndr->offset, sizeof(h));
@@ -393,7 +393,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_hyper(struct ndr_push
*ndr, int ndr_flags, u
*/
_PUBLIC_ enum ndr_err_code ndr_push_pointer(struct ndr_push *ndr, int
ndr_flags, void* v)
{
- intptr_t h = (intptr_t)v;
+ uintptr_t h = (intptr_t)v;
NDR_PUSH_ALIGN(ndr, sizeof(h));
NDR_PUSH_NEED_BYTES(ndr, sizeof(h));
memcpy(ndr->data+ndr->offset, &h, sizeof(h));
diff --git a/source/smb_server/smb/request.c b/source/smb_server/smb/request.c
index 8707351..c7fa2d7 100644
--- a/source/smb_server/smb/request.c
+++ b/source/smb_server/smb/request.c
@@ -651,10 +651,10 @@ bool req_data_oob(struct request_bufinfo *bufinfo, const
uint8_t *ptr, uint32_t
}
/* be careful with wraparound! */
- if (ptr < bufinfo->data ||
- ptr >= bufinfo->data + bufinfo->data_size ||
+ if ((uintptr_t)ptr < (uintptr_t)bufinfo->data ||
+ (uintptr_t)ptr >= (uintptr_t)bufinfo->data + bufinfo->data_size ||
count > bufinfo->data_size ||
- ptr + count > bufinfo->data + bufinfo->data_size) {
+ (uintptr_t)ptr + count > (uintptr_t)bufinfo->data +
bufinfo->data_size) {
return true;
}
return false;
--
Samba Shared Repository
