summaryrefslogtreecommitdiffstats
path: root/server/providers/ldap
diff options
context:
space:
mode:
Diffstat (limited to 'server/providers/ldap')
-rw-r--r--server/providers/ldap/ldap_child.c30
-rw-r--r--server/providers/ldap/sdap_child_helpers.c42
2 files changed, 19 insertions, 53 deletions
diff --git a/server/providers/ldap/ldap_child.c b/server/providers/ldap/ldap_child.c
index 448a9cc6a..0d34be2ca 100644
--- a/server/providers/ldap/ldap_child.c
+++ b/server/providers/ldap/ldap_child.c
@@ -48,14 +48,10 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size,
size_t p = 0;
uint32_t len;
- /* realm_str size and length */
DEBUG(7, ("total buffer size: %d\n", size));
- if ((p + sizeof(uint32_t)) > size) {
- DEBUG(1, ("Error: buffer too big!\n"));
- return EINVAL;
- }
- memcpy(&len, buf + p, sizeof(uint32_t));
- p += sizeof(uint32_t);
+
+ /* realm_str size and length */
+ COPY_UINT32_CHECK(&len, buf + p, p, size);
DEBUG(7, ("realm_str size: %d\n", len));
if (len) {
@@ -67,9 +63,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size,
}
/* princ_str size and length */
- if ((p + sizeof(uint32_t)) > size) return EINVAL;
- memcpy(&len, buf + p, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_CHECK(&len, buf + p, p, size);
DEBUG(7, ("princ_str size: %d\n", len));
if (len) {
@@ -81,9 +75,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size,
}
/* keytab_name size and length */
- if ((p + sizeof(uint32_t)) > size) return EINVAL;
- memcpy(&len, buf + p, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_CHECK(&len, buf + p, p, size);
DEBUG(7, ("keytab_name size: %d\n", len));
if (len) {
@@ -101,24 +93,18 @@ static int pack_buffer(struct response *r, int result, const char *msg)
{
int len;
int p = 0;
- uint32_t c;
len = strlen(msg);
r->size = 2 * sizeof(uint32_t) + len;
/* result */
- c = result;
- memcpy(&r->buf[p], &c, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_VALUE(&r->buf[p], result, p);
/* message size */
- c = len;
- memcpy(&r->buf[p], &c, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_VALUE(&r->buf[p], len, p);
/* message itself */
- memcpy(&r->buf[p], msg, len);
- p += len;
+ COPY_MEM(&r->buf[p], msg, p, len);
return EOK;
}
diff --git a/server/providers/ldap/sdap_child_helpers.c b/server/providers/ldap/sdap_child_helpers.c
index 7f743d7fa..0a95c8a0d 100644
--- a/server/providers/ldap/sdap_child_helpers.c
+++ b/server/providers/ldap/sdap_child_helpers.c
@@ -135,7 +135,6 @@ static errno_t create_tgt_req_send_buffer(TALLOC_CTX *mem_ctx,
{
struct io_buffer *buf;
size_t rp;
- int len;
buf = talloc(mem_ctx, struct io_buffer);
if (buf == NULL) {
@@ -167,41 +166,26 @@ static errno_t create_tgt_req_send_buffer(TALLOC_CTX *mem_ctx,
/* realm */
if (realm_str) {
- len = strlen(realm_str);
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
- memcpy(&buf->data[rp], realm_str, len);
- rp += len;
+ COPY_UINT32_VALUE(&buf->data[rp], strlen(realm_str), rp);
+ COPY_MEM(&buf->data[rp], realm_str, rp, strlen(realm_str));
} else {
- len = 0;
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
+ COPY_UINT32_VALUE(&buf->data[rp], 0, rp);
}
/* principal */
if (princ_str) {
- len = strlen(princ_str);
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
- memcpy(&buf->data[rp], princ_str, len);
- rp += len;
+ COPY_UINT32_VALUE(&buf->data[rp], strlen(princ_str), rp);
+ COPY_MEM(&buf->data[rp], princ_str, rp, strlen(princ_str));
} else {
- len = 0;
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
+ COPY_UINT32_VALUE(&buf->data[rp], 0, rp);
}
/* keytab */
if (keytab_name) {
- len = strlen(keytab_name);
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
- memcpy(&buf->data[rp], keytab_name, len);
- rp += len;
+ COPY_UINT32_VALUE(&buf->data[rp], strlen(keytab_name), rp);
+ COPY_MEM(&buf->data[rp], keytab_name, rp, strlen(realm_str));
} else {
- len = 0;
- memcpy(&buf->data[rp], &len, sizeof(uint32_t));
- rp += sizeof(uint32_t);
+ COPY_UINT32_VALUE(&buf->data[rp], 0, rp);
}
*io_buf = buf;
@@ -218,14 +202,10 @@ static int parse_child_response(TALLOC_CTX *mem_ctx,
char *ccn;
/* operation result code */
- if ((p + sizeof(uint32_t)) > size) return EINVAL;
- memcpy(&res, buf + p, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_CHECK(&res, buf + p, p, size);
/* ccache name size */
- if ((p + sizeof(uint32_t)) > size) return EINVAL;
- memcpy(&len, buf + p, sizeof(uint32_t));
- p += sizeof(uint32_t);
+ COPY_UINT32_CHECK(&len, buf + p, p, size);
if ((p + len ) > size) return EINVAL;
generated by cgit (git 2.34.1) at 2024-06-21 09:18:54 +0000