The branch, master has been updated
via eb8c8a0... s4:registry - util.c - add harder checks for inputs on
"reg_val_data_string"
via 508c218... Revert "s4-smbtorture: skip extended SetValue test
against Samba (both dont survive)."
via bb1ac0c... s4:registry - ldb.c - provide a mechanism for storing
UTF8/binary REG_DWORD values
via fbce5de... s4:registry - ldb.c - provide a mechansim for storing
UTF8/binary REG_SZ/REG_EXPAND_SZ values
via 95bfd17... s4:registry - ldb.c - fix up a strange LDB filter
via f72790d... s4:registry - ldb.c - fix up the memory handling in
"reg_ldb_unpack_value"
via 33eb1c9... s4:registry - ldb.c - check more for possible "Out of
memory" circumstances
via 9b3c457... s4:registry - ldb.c - remove superfluous "query" variable
via cd3c870... s4:registry - ldb.c - Consider result values in
"reg_ldb_pack_value"
via 3c6792b... s4:registry - ldb.c - Move the "val" structure
from 727fb85... s3: Remove some unused #defines
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit eb8c8a0ecaa9bfd29f090db21fccdad7751767ae
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sun Mar 14 17:40:14 2010 +0100
s4:registry - util.c - add harder checks for inputs on "reg_val_data_string"
("NULL" result is error on most data types).
commit 508c218eb2f4bf8c45dc9d481576c87ed4fecbd3
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 13:37:18 2010 +0100
Revert "s4-smbtorture: skip extended SetValue test against Samba (both dont
survive)."
This reverts commit 40e2c04f8aba605e951810751222559ea0d32ebd.
s4 should support now also the extended "SetValue" tests.
commit bb1ac0c75c2f42dff972bae36b3814e5ad1142f9
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sun Mar 14 17:18:29 2010 +0100
s4:registry - ldb.c - provide a mechanism for storing UTF8/binary REG_DWORD
values
We need to support this as gd's WINREG torture test shows.
commit fbce5ded301a79846356b3809275e10b0a4b6860
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sun Mar 14 10:30:19 2010 +0100
s4:registry - ldb.c - provide a mechansim for storing UTF8/binary
REG_SZ/REG_EXPAND_SZ values
We need to support this as gd's WINREG torture test shows.
commit 95bfd17e080e439ab3185a1544c64bbe17067306
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 21:13:59 2010 +0100
s4:registry - ldb.c - fix up a strange LDB filter
commit f72790daaa6ecef922edcfba38effdc8e5885782
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 20:03:03 2010 +0100
s4:registry - ldb.c - fix up the memory handling in "reg_ldb_unpack_value"
Don't substitute existing data blobs with new ones and make sure, that the
result objects in the data blob don't have memory dependencies of the LDB
value
input.
commit 33eb1c95e55bb26aee7ee3876e38136eb56ef36e
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 19:37:13 2010 +0100
s4:registry - ldb.c - check more for possible "Out of memory" circumstances
commit 9b3c45754e9f610a095e6e1b191bb33235e8c314
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 19:30:43 2010 +0100
s4:registry - ldb.c - remove superfluous "query" variable
commit cd3c870333d49460c9598a9928622454cd2cefc5
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 19:29:03 2010 +0100
s4:registry - ldb.c - Consider result values in "reg_ldb_pack_value"
Break on errors and return NULL and otherwise the message pointer.
commit 3c6792bc76323f821bc9e44ea3d724ce39e9081f
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Sat Mar 13 18:39:54 2010 +0100
s4:registry - ldb.c - Move the "val" structure
Move it into the REG_SZ/REG_EXPAND_SZ case block since it's used only there.
Plus convert it from static into dynamic talloc'ed.
-----------------------------------------------------------------------
Summary of changes:
source4/lib/registry/ldb.c | 188 ++++++++++++++++++++++++++++++++++--------
source4/lib/registry/util.c | 28 ++++---
source4/torture/rpc/winreg.c | 14 ++-
3 files changed, 179 insertions(+), 51 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c
index 0213c54..9e77f1f 100644
--- a/source4/lib/registry/ldb.c
+++ b/source4/lib/registry/ldb.c
@@ -61,9 +61,22 @@ static void reg_ldb_unpack_value(TALLOC_CTX *mem_ctx,
case REG_SZ:
case REG_EXPAND_SZ:
if (val != NULL) {
- convert_string_talloc(mem_ctx, CH_UTF8, CH_UTF16,
- val->data, val->length,
- (void **)&data->data,
&data->length, false);
+ if (val->data[0] != '\0') {
+ /* The data should be provided as UTF16 string
*/
+ convert_string_talloc(mem_ctx, CH_UTF8,
CH_UTF16,
+ val->data, val->length,
+ (void **)&data->data,
&data->length, false);
+ } else {
+ /* Provide a possibility to store also UTF8
+ * REG_SZ/REG_EXPAND_SZ values. This is done
+ * by adding a '\0' in front of the data */
+ data->data = talloc_size(mem_ctx, val->length -
1);
+ if (data->data != NULL) {
+ memcpy(data->data, val->data + 1,
+ val->length - 1);
+ }
+ data->length = val->length - 1;
+ }
} else {
data->data = NULL;
data->length = 0;
@@ -72,9 +85,25 @@ static void reg_ldb_unpack_value(TALLOC_CTX *mem_ctx,
case REG_DWORD:
if (val != NULL) {
- uint32_t tmp = strtoul((char *)val->data, NULL, 0);
- *data = data_blob_talloc(mem_ctx, NULL, 4);
- SIVAL(data->data, 0, tmp);
+ if (val->data[0] != '\0') {
+ /* The data is a plain DWORD */
+ uint32_t tmp = strtoul((char *)val->data, NULL,
0);
+ data->data = talloc_size(mem_ctx,
sizeof(uint32_t) + 1);
+ if (data->data != NULL) {
+ SIVAL(data->data, 0, tmp);
+ }
+ data->length = sizeof(uint32_t);
+ } else {
+ /* Provide a possibility to store also UTF8
+ * REG_DWORD values. This is done by adding a
+ * '\0' in front of the data */
+ data->data = talloc_size(mem_ctx, val->length -
1);
+ if (data->data != NULL) {
+ memcpy(data->data, val->data + 1,
+ val->length - 1);
+ }
+ data->length = val->length - 1;
+ }
} else {
data->data = NULL;
data->length = 0;
@@ -84,7 +113,9 @@ static void reg_ldb_unpack_value(TALLOC_CTX *mem_ctx,
case REG_BINARY:
default:
if (val != NULL) {
- *data = data_blob_talloc(mem_ctx, val->data,
val->length);
+ data->data = talloc_memdup(mem_ctx, val->data,
+ val->length);
+ data->length = val->length;
} else {
data->data = NULL;
data->length = 0;
@@ -98,34 +129,105 @@ static struct ldb_message *reg_ldb_pack_value(struct
ldb_context *ctx,
const char *name,
uint32_t type, DATA_BLOB data)
{
- struct ldb_val val;
- struct ldb_message *msg = talloc_zero(mem_ctx, struct ldb_message);
- char *type_s;
+ struct ldb_message *msg;
+ char *name_dup, *type_str;
+ int ret;
- ldb_msg_add_string(msg, "value", talloc_strdup(mem_ctx, name));
+ msg = talloc_zero(mem_ctx, struct ldb_message);
+ if (msg == NULL) {
+ return NULL;
+ }
+
+ name_dup = talloc_strdup(msg, name);
+ if (name_dup == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+
+ ret = ldb_msg_add_string(msg, "value", name_dup);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(msg);
+ return NULL;
+ }
switch (type) {
case REG_SZ:
case REG_EXPAND_SZ:
if ((data.length > 0) && (data.data != NULL)
&& (data.data[0] != '\0')) {
- convert_string_talloc(mem_ctx, CH_UTF16, CH_UTF8,
- (void *)data.data,
- data.length,
- (void **)&val.data,
&val.length, false);
- ldb_msg_add_value(msg, "data", &val, NULL);
+ struct ldb_val *val;
+ bool ret2;
+
+ val = talloc_zero(msg, struct ldb_val);
+ if (val == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+
+ if (data.length % 2 == 0) {
+ /* The data is provided as UTF16 string */
+ ret2 = convert_string_talloc(mem_ctx, CH_UTF16,
CH_UTF8,
+ (void *)data.data,
data.length,
+ (void
**)&val->data, &val->length,
+ false);
+ if (!ret2) {
+ talloc_free(msg);
+ return NULL;
+ }
+ } else {
+ /* Provide a possibility to store also UTF8
+ * REG_SZ/REG_EXPAND_SZ values. This is done
+ * by adding a '\0' in front of the data */
+ val->data = talloc_size(msg, data.length + 1);
+ if (val->data == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+ val->data[0] = '\0';
+ memcpy(val->data + 1, data.data, data.length);
+ val->length = data.length + 1;
+ }
+ ret = ldb_msg_add_value(msg, "data", val, NULL);
} else {
- ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE,
NULL);
+ ret = ldb_msg_add_empty(msg, "data",
LDB_FLAG_MOD_DELETE, NULL);
}
break;
case REG_DWORD:
if ((data.length > 0) && (data.data != NULL)) {
- ldb_msg_add_string(msg, "data",
- talloc_asprintf(mem_ctx, "0x%x",
- IVAL(data.data, 0)));
+ if (data.length == sizeof(uint32_t)) {
+ char *conv_str;
+
+ conv_str = talloc_asprintf(msg, "0x%x",
IVAL(data.data, 0));
+ if (conv_str == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+ ret = ldb_msg_add_string(msg, "data", conv_str);
+ } else {
+ /* Provide a possibility to store also UTF8
+ * REG_DWORD values. This is done by adding a
+ * '\0' in front of the data */
+ struct ldb_val *val;
+
+ val = talloc_zero(msg, struct ldb_val);
+ if (val == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+
+ val->data = talloc_size(msg, data.length + 1);
+ if (val->data == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+ val->data[0] = '\0';
+ memcpy(val->data + 1, data.data, data.length);
+ val->length = data.length + 1;
+ ret = ldb_msg_add_value(msg, "data", val, NULL);
+ }
} else {
- ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE,
NULL);
+ ret = ldb_msg_add_empty(msg, "data",
LDB_FLAG_MOD_DELETE, NULL);
}
break;
@@ -133,15 +235,29 @@ static struct ldb_message *reg_ldb_pack_value(struct
ldb_context *ctx,
default:
if ((data.length > 0) && (data.data != NULL)
&& (data.data[0] != '\0')) {
- ldb_msg_add_value(msg, "data", &data, NULL);
+ ret = ldb_msg_add_value(msg, "data", &data, NULL);
} else {
- ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE,
NULL);
+ ret = ldb_msg_add_empty(msg, "data",
LDB_FLAG_MOD_DELETE, NULL);
}
break;
}
- type_s = talloc_asprintf(mem_ctx, "%u", type);
- ldb_msg_add_string(msg, "type", type_s);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(msg);
+ return NULL;
+ }
+
+ type_str = talloc_asprintf(mem_ctx, "%u", type);
+ if (type_str == NULL) {
+ talloc_free(msg);
+ return NULL;
+ }
+
+ ret = ldb_msg_add_string(msg, "type", type_str);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(msg);
+ return NULL;
+ }
return msg;
}
@@ -312,7 +428,7 @@ static WERROR ldb_get_default_value(TALLOC_CTX *mem_ctx,
struct hive_key *k,
struct ldb_result *res;
int ret;
- ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_BASE, attrs, "%s",
"");
+ ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_BASE, attrs,
"(key=*)");
if (ret != LDB_SUCCESS) {
DEBUG(0, ("Error getting default value for '%s': %s\n",
@@ -367,7 +483,6 @@ static WERROR ldb_get_value(TALLOC_CTX *mem_ctx, struct
hive_key *k,
struct ldb_context *c = kd->ldb;
struct ldb_result *res;
int ret;
- char *query;
if (name == NULL) {
return WERR_INVALID_PARAM;
@@ -378,9 +493,8 @@ static WERROR ldb_get_value(TALLOC_CTX *mem_ctx, struct
hive_key *k,
return ldb_get_default_value(mem_ctx, k, NULL, data_type, data);
} else {
/* normal value */
- query = talloc_asprintf(mem_ctx, "(value=%s)", name);
- ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_ONELEVEL,
NULL, "%s", query);
- talloc_free(query);
+ ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_ONELEVEL,
+ NULL, "(value=%s)", name);
if (ret != LDB_SUCCESS) {
DEBUG(0, ("Error getting values for '%s': %s\n",
@@ -410,6 +524,7 @@ static WERROR ldb_open_key(TALLOC_CTX *mem_ctx, const
struct hive_key *h,
struct ldb_context *c = kd->ldb;
ldap_path = reg_path_to_ldb(mem_ctx, h, name, NULL);
+ W_ERROR_HAVE_NO_MEMORY(ldap_path);
ret = ldb_search(c, mem_ctx, &res, ldap_path, LDB_SCOPE_BASE, NULL,
"(key=*)");
@@ -489,8 +604,10 @@ static WERROR ldb_add_key(TALLOC_CTX *mem_ctx, const
struct hive_key *parent,
int ret;
msg = ldb_msg_new(mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(msg);
msg->dn = reg_path_to_ldb(msg, parent, name, NULL);
+ W_ERROR_HAVE_NO_MEMORY(msg->dn);
ldb_msg_add_string(msg, "key", talloc_strdup(mem_ctx, name));
if (classname != NULL)
@@ -510,6 +627,7 @@ static WERROR ldb_add_key(TALLOC_CTX *mem_ctx, const struct
hive_key *parent,
DEBUG(2, ("key added: %s\n", ldb_dn_get_linearized(msg->dn)));
newkd = talloc_zero(mem_ctx, struct ldb_key_data);
+ W_ERROR_HAVE_NO_MEMORY(newkd);
newkd->ldb = talloc_reference(newkd, parentkd->ldb);
newkd->key.ops = ®_backend_ldb;
newkd->dn = talloc_steal(newkd, msg->dn);
@@ -536,7 +654,9 @@ static WERROR ldb_del_value (struct hive_key *key, const
char *child)
mem_ctx = talloc_init("ldb_del_value");
msg = talloc_zero(mem_ctx, struct ldb_message);
+ W_ERROR_HAVE_NO_MEMORY(msg);
msg->dn = ldb_dn_copy(msg, kd->dn);
+ W_ERROR_HAVE_NO_MEMORY(msg->dn);
ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE, NULL);
ldb_msg_add_empty(msg, "type", LDB_FLAG_MOD_DELETE, NULL);
@@ -598,10 +718,7 @@ static WERROR ldb_del_key(const struct hive_key *key,
const char *name)
}
ldap_path = reg_path_to_ldb(mem_ctx, key, name, NULL);
- if (!ldap_path) {
- talloc_free(mem_ctx);
- return WERR_FOOBAR;
- }
+ W_ERROR_HAVE_NO_MEMORY(ldap_path);
/* Search for subkeys */
ret = ldb_search(c, mem_ctx, &res_keys, ldap_path, LDB_SCOPE_ONELEVEL,
@@ -705,7 +822,10 @@ static WERROR ldb_set_value(struct hive_key *parent,
TALLOC_CTX *mem_ctx = talloc_init("ldb_set_value");
msg = reg_ldb_pack_value(kd->ldb, mem_ctx, name, type, data);
+ W_ERROR_HAVE_NO_MEMORY(msg);
+
msg->dn = ldb_dn_copy(msg, kd->dn);
+ W_ERROR_HAVE_NO_MEMORY(msg->dn);
if ((name != NULL) && (name[0] != '\0')) {
/* For a default value, we add/overwrite the attributes to/of
the hive.
diff --git a/source4/lib/registry/util.c b/source4/lib/registry/util.c
index 7da53d3..6ff6194 100644
--- a/source4/lib/registry/util.c
+++ b/source4/lib/registry/util.c
@@ -71,23 +71,27 @@ _PUBLIC_ char *reg_val_data_string(TALLOC_CTX *mem_ctx,
switch (type) {
case REG_EXPAND_SZ:
case REG_SZ:
- convert_string_talloc_convenience(mem_ctx,
- iconv_convenience,
- CH_UTF16, CH_UNIX,
- data.data,
- data.length,
- (void **)&ret,
- NULL, false);
+ if (data.length % 2 == 0) {
+ convert_string_talloc_convenience(mem_ctx,
+
iconv_convenience,
+ CH_UTF16,
CH_UNIX,
+ data.data,
+ data.length,
+ (void **)&ret,
+ NULL, false);
+ }
break;
case REG_BINARY:
ret = data_blob_hex_string_upper(mem_ctx, &data);
break;
case REG_DWORD:
- if (IVAL(data.data, 0) == 0) {
- ret = talloc_strdup(mem_ctx, "0");
- } else {
- ret = talloc_asprintf(mem_ctx, "0x%x",
- IVAL(data.data, 0));
+ if (data.length == sizeof(uint32_t)) {
+ if (IVAL(data.data, 0) == 0) {
+ ret = talloc_strdup(mem_ctx, "0");
+ } else {
+ ret = talloc_asprintf(mem_ctx, "0x%x",
+ IVAL(data.data,
0));
+ }
}
break;
case REG_NONE:
diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c
index 538def6..15d4535 100644
--- a/source4/torture/rpc/winreg.c
+++ b/source4/torture/rpc/winreg.c
@@ -2043,9 +2043,8 @@ static bool test_SetValue_extended(struct dcerpc_pipe *p,
};
int t, l;
- if (torture_setting_bool(tctx, "samba3", false) ||
- torture_setting_bool(tctx, "samba4", false)) {
- torture_skip(tctx, "skipping extended SetValue test against
Samba");
+ if (torture_setting_bool(tctx, "samba3", false)) {
+ torture_skip(tctx, "skipping extended SetValue test against
Samba 3");
}
torture_comment(tctx, "Testing SetValue (extended formats)\n");
@@ -2152,8 +2151,13 @@ static bool test_Open(struct torture_context *tctx,
struct dcerpc_pipe *p,
if (created) {
torture_assert(tctx, test_SetValue_simple(p, tctx, &newhandle),
"simple SetValue test failed");
- torture_assert(tctx, test_SetValue_extended(p, tctx,
&newhandle),
- "extended SetValue test failed");
+ if (!test_SetValue_extended(p, tctx, &newhandle)) {
+ if (torture_setting_bool(tctx, "samba3", false)) {
+ torture_warning(tctx, "extended SetValue test
failed");
+ } else {
+ torture_fail(tctx, "extended SetValue test
failed");
+ }
+ }
}
if (created && !test_CloseKey(p, tctx, &newhandle))
--
Samba Shared Repository
