diff options
author | Jeremy Allison <jra@samba.org> | 2010-08-12 14:24:01 -0700 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2011-01-13 17:58:50 +0100 |
commit | 6dc20e50d0bbd122e47b67bac74a9e6d4af60aea (patch) | |
tree | 4c66e4dfe210453798bd5a382d598a8ea85373e4 | |
parent | 4447ae9ccd9091776cd2fbed955e856073f253eb (diff) | |
download | samba-6dc20e50d0bbd122e47b67bac74a9e6d4af60aea.tar.gz samba-6dc20e50d0bbd122e47b67bac74a9e6d4af60aea.tar.xz samba-6dc20e50d0bbd122e47b67bac74a9e6d4af60aea.zip |
Fix bug #7617 - smbd coredump due to uninitialized variables in the performance counter code.
In the file rpc_server.c, function _winreg_QueryValue()
uint8_t *outbuf
Should be :
uint8_t *outbuf = NULL;
As it is later freed by
if (free_buf) SAFE_FREE(outbuf);
in some cases, this frees the unintialized outbuf, which causes a coredump.
(cherry picked from commit 84fd910c347ddfad6f01edbe7f6e25546c8382ee)
(cherry picked from commit 80e65236158d6f1690bf9f153c0eb12d81d56b8a)
(cherry picked from commit 78d1a15920de4ef3f230511257ee2f334f89a642)
-rw-r--r-- | source3/rpc_server/srv_winreg_nt.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 3de9f0e623a..e4087d7526c 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -210,8 +210,8 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle ); prs_struct prs_hkpd; - uint8_t *outbuf; - uint32_t outbuf_size; + uint8_t *outbuf = NULL; + uint32_t outbuf_size = 0; DATA_BLOB val_blob; bool free_buf = False; |