2 files changed, 14 insertions, 6 deletions

diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index d277182043..b7fe19f9ab 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -201,6 +201,9 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space)
 	if(UNMARSHALLING(ps) || !ps->is_dynamic) {
 		DEBUG(0,("prs_grow: Buffer overflow - unable to expand buffer by %u bytes.\n",
 				(unsigned int)extra_space));
+		/* JRATEST */
+		smb_panic("prs_grow");
+		/* JRATEST */
 		return False;
 	}
 	
diff --git a/source3/rpc_parse/parse_sec.c b/source3/rpc_parse/parse_sec.c
index 51cf52f706..25450e0b19 100644
--- a/source3/rpc_parse/parse_sec.c
+++ b/source3/rpc_parse/parse_sec.c
@@ -431,11 +431,16 @@ BOOL sec_io_desc(char *desc, SEC_DESC **ppsd, prs_struct *ps, int depth)
 
 	psd = *ppsd;
 
-	if(UNMARSHALLING(ps) && psd == NULL) {
-		if((psd = (SEC_DESC *)malloc(sizeof(SEC_DESC))) == NULL)
-			return False;
-		ZERO_STRUCTP(psd);
-		*ppsd = psd;
+	if (psd == NULL) {
+		if(UNMARSHALLING(ps)) {
+			if((psd = (SEC_DESC *)malloc(sizeof(SEC_DESC))) == NULL)
+				return False;
+			ZERO_STRUCTP(psd);
+			*ppsd = psd;
+		} else {
+			/* Marshalling - just ignore. */
+			return True;
+		}
 	}
 
 	prs_debug(ps, depth, desc, "sec_io_desc");
@@ -629,7 +634,7 @@ BOOL sec_io_desc_buf(char *desc, SEC_DESC_BUF **ppsdb, prs_struct *ps, int depth
 	old_offset = prs_offset(ps);
 
 	/* reading, length is non-zero; writing, descriptor is non-NULL */
-	if ((psdb->len != 0 || MARSHALLING(ps)) && psdb->sec != NULL) {
+	if ((UNMARSHALLING(ps) && psdb->len != 0) || (MARSHALLING(ps) && psdb->sec != NULL)) {
 		if(!sec_io_desc("sec   ", &psdb->sec, ps, depth))
 			return False;
 	}