r20090: Fix a class of bugs found by James Peach. Ensure

we never mix malloc and talloc'ed contexts in the add_XX_to_array() and add_XX_to_array_unique() calls. Ensure that these calls always return False on out of memory, True otherwise and always check them. Ensure that the relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED not SAFE_FREE'd. James - this should fix your crash bug in both branches. Jeremy.
author: Jeremy Allison <jra@samba.org> 2006-12-09 02:58:18 +0000
committer: Jeremy Allison <jra@samba.org> 2006-12-09 02:58:18 +0000
commit: fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216 (patch)
tree: 263faaab16e57666fe3591efbb6ab6858205c58b /source/lib/util_str.c
parent: 423105aa77792c4fb9554fee4a462dbb57dafea6 (diff)
download: samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.tar.gz
samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.tar.xz
samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/source/lib/util_str.c b/source/lib/util_str.c
index fc13b75cc57..cd52faa52d9 100644
--- a/source/lib/util_str.c
+++ b/source/lib/util_str.c
@@ -2428,8 +2428,10 @@ BOOL add_string_to_array(TALLOC_CTX *mem_ctx,
 
 	*strings = TALLOC_REALLOC_ARRAY(mem_ctx, *strings, const char *, (*num)+1);
 
-	if ((*strings == NULL) || (dup_str == NULL))
+	if ((*strings == NULL) || (dup_str == NULL)) {
+		*num = 0;
 		return False;
+	}
 
 	(*strings)[*num] = dup_str;
 	*num += 1;
author	Jeremy Allison <jra@samba.org>	2006-12-09 02:58:18 +0000
committer	Jeremy Allison <jra@samba.org>	2006-12-09 02:58:18 +0000
commit	fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216 (patch)
tree	263faaab16e57666fe3591efbb6ab6858205c58b /source/lib/util_str.c
parent	423105aa77792c4fb9554fee4a462dbb57dafea6 (diff)
download	samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.tar.gz samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.tar.xz samba-fd8e93f6abd6a964481bcfdd0f2387c5c8a7a216.zip