The branch, master has been updated
via 538cbfe libcli: Overflow array index read possible, in auth code.
via 72f9932 s3:printing: Fix a possible NULL dereference.
via 68d5f27 s3:passdb: Fix the use of uninitialized scalar variable.
from 2b77b07 s3/libsmb: Free memdup'd local variable
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 538cbfe0e90b7c7ed0f8421b323cac4dacd83f04
Author: Ira Cooper <[email protected]>
Date: Thu Feb 13 14:45:23 2014 -0500
libcli: Overflow array index read possible, in auth code.
The values have to be signed here to allow for the values to go negative,
to prevent the overflow.
Coverity-Id: 1167990
Signed-off-by: Ira Cooper <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
Autobuild-User(master): Ira Cooper <[email protected]>
Autobuild-Date(master): Mon Feb 24 07:23:03 CET 2014 on sn-devel-104
commit 72f9932d4f70f76360490b315f95aa8dedc98390
Author: Poornima Gurusiddaiah <[email protected]>
Date: Fri Feb 14 03:27:12 2014 +0000
s3:printing: Fix a possible NULL dereference.
Coverity-Id: 710708
Signed-off-by: Poornima Gurusiddaiah <[email protected]>
Reviewed-by: Ira Cooper <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 68d5f2746466e43148f19e668093a64e8c610a51
Author: Poornima Gurusiddaiah <[email protected]>
Date: Fri Feb 14 03:56:56 2014 +0000
s3:passdb: Fix the use of uninitialized scalar variable.
Coverity-id: 1107228,1107227
Signed-off-by: Poornima Gurusiddaiah <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ira Cooper <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
libcli/auth/netlogon_creds_cli.c | 4 ++--
source3/passdb/py_passdb.c | 10 ++--------
source3/printing/printspoolss.c | 2 +-
3 files changed, 5 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index d73335d..7e88255 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1766,8 +1766,8 @@ struct tevent_req
*netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx
if (new_version != NULL) {
struct NL_PASSWORD_VERSION version;
- uint32_t len = IVAL(state->samr_crypt_password.data, 512);
- uint32_t ofs = 512 - len;
+ int32_t len = IVAL(state->samr_crypt_password.data, 512);
+ int32_t ofs = 512 - len;
uint8_t *p;
if (ofs < 12) {
diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c
index 2d3b637..dec45c3 100644
--- a/source3/passdb/py_passdb.c
+++ b/source3/passdb/py_passdb.c
@@ -2483,7 +2483,6 @@ static PyObject
*py_pdb_set_account_policy(pytalloc_Object *self, PyObject *args
static PyObject *py_pdb_search_users(pytalloc_Object *self, PyObject *args)
{
TALLOC_CTX *frame = talloc_stackframe();
- NTSTATUS status;
struct pdb_methods *methods;
unsigned int acct_flags;
struct pdb_search *search;
@@ -2505,9 +2504,7 @@ static PyObject *py_pdb_search_users(pytalloc_Object
*self, PyObject *args)
}
if (!methods->search_users(methods, search, acct_flags)) {
- PyErr_Format(py_pdb_error, "Unable to search users, (%d,%s)",
- NT_STATUS_V(status),
- get_friendly_nt_error_msg(status));
+ PyErr_Format(py_pdb_error, "Unable to search users");
talloc_free(frame);
return NULL;
}
@@ -2550,7 +2547,6 @@ static PyObject *py_pdb_search_users(pytalloc_Object
*self, PyObject *args)
static PyObject *py_pdb_search_groups(pytalloc_Object *self)
{
TALLOC_CTX *frame = talloc_stackframe();
- NTSTATUS status;
struct pdb_methods *methods;
struct pdb_search *search;
struct samr_displayentry *entry;
@@ -2566,9 +2562,7 @@ static PyObject *py_pdb_search_groups(pytalloc_Object
*self)
}
if (!methods->search_groups(methods, search)) {
- PyErr_Format(py_pdb_error, "Unable to search groups, (%d,%s)",
- NT_STATUS_V(status),
- get_friendly_nt_error_msg(status));
+ PyErr_Format(py_pdb_error, "Unable to search groups");
talloc_free(frame);
return NULL;
}
diff --git a/source3/printing/printspoolss.c b/source3/printing/printspoolss.c
index 26d8a00..5dba635 100644
--- a/source3/printing/printspoolss.c
+++ b/source3/printing/printspoolss.c
@@ -248,7 +248,7 @@ done:
}
}
/* We need to delete the job from spoolss too */
- if (pf->jobid) {
+ if (pf && pf->jobid) {
print_spool_terminate(fsp->conn, pf);
}
}
--
Samba Shared Repository
