The branch, v3-3-test has been updated
via 75fff603625e0259f187e0fa47efd85887092fae (commit)
via 547c70e896b6890dd5f7b911e4e0ca107c8a3fa3 (commit)
from e1e3a0554fcaabacc5bec51c213622271a83ad04 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 75fff603625e0259f187e0fa47efd85887092fae
Author: Günther Deschner <[email protected]>
Date: Sat Jan 24 02:10:47 2009 +0100
s3-eventlog: fix various invalid memcpy in read_package_entry().
Guenther
commit 547c70e896b6890dd5f7b911e4e0ca107c8a3fa3
Author: Günther Deschner <[email protected]>
Date: Sat Jan 24 02:07:40 2009 +0100
s3-eventlog: fix buffer allocation in eventlog read call.
This broke with f6fa3080fee1b20df9f1968500840a88cf0ee592 back in April
2007...
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/rpc_parse/parse_eventlog.c | 4 +---
source/rpc_server/srv_eventlog_nt.c | 10 +++++-----
2 files changed, 6 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_parse/parse_eventlog.c
b/source/rpc_parse/parse_eventlog.c
index 2ff217e..694615d 100644
--- a/source/rpc_parse/parse_eventlog.c
+++ b/source/rpc_parse/parse_eventlog.c
@@ -166,6 +166,7 @@ bool eventlog_io_r_read_eventlog(const char *desc,
/* Now pad with whitespace until the end of the response buffer */
if (q_u->max_read_size - r_u->num_bytes_in_resp) {
+ r_u->end_of_entries_padding = PRS_ALLOC_MEM(ps, uint8_t,
q_u->max_read_size - r_u->num_bytes_in_resp);
if (!r_u->end_of_entries_padding) {
return False;
}
@@ -173,11 +174,8 @@ bool eventlog_io_r_read_eventlog(const char *desc,
if(!(prs_uint8s(False, "end of entries padding", ps,
depth, r_u->end_of_entries_padding,
(q_u->max_read_size -
r_u->num_bytes_in_resp)))) {
- free(r_u->end_of_entries_padding);
return False;
}
-
- free(r_u->end_of_entries_padding);
}
/* We had better be DWORD aligned here */
diff --git a/source/rpc_server/srv_eventlog_nt.c
b/source/rpc_server/srv_eventlog_nt.c
index 54d9dae..7c7d53f 100644
--- a/source/rpc_server/srv_eventlog_nt.c
+++ b/source/rpc_server/srv_eventlog_nt.c
@@ -542,30 +542,30 @@ static Eventlog_entry *read_package_entry( prs_struct *
ps,
return NULL;
}
offset = entry->data;
- memcpy( offset, &( entry->data_record.source_name ),
+ memcpy( offset, entry->data_record.source_name,
entry->data_record.source_name_len );
offset += entry->data_record.source_name_len;
- memcpy( offset, &( entry->data_record.computer_name ),
+ memcpy( offset, entry->data_record.computer_name,
entry->data_record.computer_name_len );
offset += entry->data_record.computer_name_len;
/* SID needs to be DWORD-aligned */
offset += entry->data_record.sid_padding;
entry->record.user_sid_offset =
sizeof( Eventlog_record ) + ( offset - entry->data );
- memcpy( offset, &( entry->data_record.sid ),
+ memcpy( offset, entry->data_record.sid,
entry->record.user_sid_length );
offset += entry->record.user_sid_length;
/* Now do the strings */
entry->record.string_offset =
sizeof( Eventlog_record ) + ( offset - entry->data );
- memcpy( offset, &( entry->data_record.strings ),
+ memcpy( offset, entry->data_record.strings,
entry->data_record.strings_len );
offset += entry->data_record.strings_len;
/* Now do the data */
entry->record.data_length = entry->data_record.user_data_len;
entry->record.data_offset =
sizeof( Eventlog_record ) + ( offset - entry->data );
- memcpy( offset, &( entry->data_record.user_data ),
+ memcpy( offset, entry->data_record.user_data,
entry->data_record.user_data_len );
offset += entry->data_record.user_data_len;
--
Samba Shared Repository
