diff options
Diffstat (limited to 'server/providers/ldap')
-rw-r--r-- | server/providers/ldap/ldap_child.c | 30 | ||||
-rw-r--r-- | server/providers/ldap/sdap_child_helpers.c | 42 |
2 files changed, 19 insertions, 53 deletions
diff --git a/server/providers/ldap/ldap_child.c b/server/providers/ldap/ldap_child.c index 448a9cc6a..0d34be2ca 100644 --- a/server/providers/ldap/ldap_child.c +++ b/server/providers/ldap/ldap_child.c @@ -48,14 +48,10 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, size_t p = 0; uint32_t len; - /* realm_str size and length */ DEBUG(7, ("total buffer size: %d\n", size)); - if ((p + sizeof(uint32_t)) > size) { - DEBUG(1, ("Error: buffer too big!\n")); - return EINVAL; - } - memcpy(&len, buf + p, sizeof(uint32_t)); - p += sizeof(uint32_t); + + /* realm_str size and length */ + COPY_UINT32_CHECK(&len, buf + p, p, size); DEBUG(7, ("realm_str size: %d\n", len)); if (len) { @@ -67,9 +63,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, } /* princ_str size and length */ - if ((p + sizeof(uint32_t)) > size) return EINVAL; - memcpy(&len, buf + p, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_CHECK(&len, buf + p, p, size); DEBUG(7, ("princ_str size: %d\n", len)); if (len) { @@ -81,9 +75,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size, } /* keytab_name size and length */ - if ((p + sizeof(uint32_t)) > size) return EINVAL; - memcpy(&len, buf + p, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_CHECK(&len, buf + p, p, size); DEBUG(7, ("keytab_name size: %d\n", len)); if (len) { @@ -101,24 +93,18 @@ static int pack_buffer(struct response *r, int result, const char *msg) { int len; int p = 0; - uint32_t c; len = strlen(msg); r->size = 2 * sizeof(uint32_t) + len; /* result */ - c = result; - memcpy(&r->buf[p], &c, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_VALUE(&r->buf[p], result, p); /* message size */ - c = len; - memcpy(&r->buf[p], &c, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_VALUE(&r->buf[p], len, p); /* message itself */ - memcpy(&r->buf[p], msg, len); - p += len; + COPY_MEM(&r->buf[p], msg, p, len); return EOK; } diff --git a/server/providers/ldap/sdap_child_helpers.c b/server/providers/ldap/sdap_child_helpers.c index 7f743d7fa..0a95c8a0d 100644 --- a/server/providers/ldap/sdap_child_helpers.c +++ b/server/providers/ldap/sdap_child_helpers.c @@ -135,7 +135,6 @@ static errno_t create_tgt_req_send_buffer(TALLOC_CTX *mem_ctx, { struct io_buffer *buf; size_t rp; - int len; buf = talloc(mem_ctx, struct io_buffer); if (buf == NULL) { @@ -167,41 +166,26 @@ static errno_t create_tgt_req_send_buffer(TALLOC_CTX *mem_ctx, /* realm */ if (realm_str) { - len = strlen(realm_str); - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); - memcpy(&buf->data[rp], realm_str, len); - rp += len; + COPY_UINT32_VALUE(&buf->data[rp], strlen(realm_str), rp); + COPY_MEM(&buf->data[rp], realm_str, rp, strlen(realm_str)); } else { - len = 0; - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); + COPY_UINT32_VALUE(&buf->data[rp], 0, rp); } /* principal */ if (princ_str) { - len = strlen(princ_str); - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); - memcpy(&buf->data[rp], princ_str, len); - rp += len; + COPY_UINT32_VALUE(&buf->data[rp], strlen(princ_str), rp); + COPY_MEM(&buf->data[rp], princ_str, rp, strlen(princ_str)); } else { - len = 0; - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); + COPY_UINT32_VALUE(&buf->data[rp], 0, rp); } /* keytab */ if (keytab_name) { - len = strlen(keytab_name); - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); - memcpy(&buf->data[rp], keytab_name, len); - rp += len; + COPY_UINT32_VALUE(&buf->data[rp], strlen(keytab_name), rp); + COPY_MEM(&buf->data[rp], keytab_name, rp, strlen(realm_str)); } else { - len = 0; - memcpy(&buf->data[rp], &len, sizeof(uint32_t)); - rp += sizeof(uint32_t); + COPY_UINT32_VALUE(&buf->data[rp], 0, rp); } *io_buf = buf; @@ -218,14 +202,10 @@ static int parse_child_response(TALLOC_CTX *mem_ctx, char *ccn; /* operation result code */ - if ((p + sizeof(uint32_t)) > size) return EINVAL; - memcpy(&res, buf + p, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_CHECK(&res, buf + p, p, size); /* ccache name size */ - if ((p + sizeof(uint32_t)) > size) return EINVAL; - memcpy(&len, buf + p, sizeof(uint32_t)); - p += sizeof(uint32_t); + COPY_UINT32_CHECK(&len, buf + p, p, size); if ((p + len ) > size) return EINVAL; |