r16418: Pull in more Klocwork fixes (up to r16415)

author: Gerald Carter <jerry@samba.org> 2006-06-20 16:59:48 +0000
committer: Gerald Carter <jerry@samba.org> 2006-06-20 16:59:48 +0000
commit: 71402ccf50c38ff092e7331c6817bbf975fde412 (patch)
tree: 49ed8a84c63734b906f1b792225f12fc1dc1d659 /source/rpc_parse
parent: aa39f8aeab4ff08fd083cf913576f24104b08fde (diff)
download: samba-71402ccf50c38ff092e7331c6817bbf975fde412.tar.gz
samba-71402ccf50c38ff092e7331c6817bbf975fde412.tar.xz
samba-71402ccf50c38ff092e7331c6817bbf975fde412.zip
6 files changed, 64 insertions, 87 deletions
diff --git a/source/rpc_parse/parse_lsa.c b/source/rpc_parse/parse_lsa.c
index 12f18d319b4..ae4cff53e4b 100644
--- a/source/rpc_parse/parse_lsa.c
+++ b/source/rpc_parse/parse_lsa.c
@@ -738,6 +738,9 @@ static BOOL lsa_io_dom_query_2(const char *desc, DOM_QUERY_2 *d_q, prs_struct *p
 
 		if (UNMARSHALLING(ps)) {
 			d_q->auditsettings = TALLOC_ZERO_ARRAY(ps->mem_ctx, uint32, d_q->count2);
+			if (!d_q->auditsettings) {
+				return False;
+			}
 		}
 
 		if (!prs_uint32s(False, "auditsettings", ps, depth, d_q->auditsettings, d_q->count2))
diff --git a/source/rpc_parse/parse_misc.c b/source/rpc_parse/parse_misc.c
index b56f36f5900..cb7c06eb459 100644
--- a/source/rpc_parse/parse_misc.c
+++ b/source/rpc_parse/parse_misc.c
@@ -227,56 +227,6 @@ BOOL smb_io_dom_sid(const char *desc, DOM_SID *sid, prs_struct *ps, int depth)
 }
 
 /*******************************************************************
- Inits a DOM_SID structure.
-
- BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 
- identauth >= 2^32 can be detected because it will be specified in hex
-********************************************************************/
-
-void init_dom_sid(DOM_SID *sid, const char *str_sid)
-{
-	pstring domsid;
-	int identauth;
-	char *p;
-
-	if (str_sid == NULL) {
-		DEBUG(4,("netlogon domain SID: none\n"));
-		sid->sid_rev_num = 0;
-		sid->num_auths = 0;
-		return;
-	}
-		
-	pstrcpy(domsid, str_sid);
-
-	DEBUG(4,("init_dom_sid %d SID:  %s\n", __LINE__, domsid));
-
-	/* assume, but should check, that domsid starts "S-" */
-	p = strtok(domsid+2,"-");
-	sid->sid_rev_num = atoi(p);
-
-	/* identauth in decimal should be <  2^32 */
-	/* identauth in hex     should be >= 2^32 */
-	identauth = atoi(strtok(0,"-"));
-
-	DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
-	DEBUG(4,("netlogon %s ia %d\n", p, identauth));
-
-	sid->id_auth[0] = 0;
-	sid->id_auth[1] = 0;
-	sid->id_auth[2] = (identauth & 0xff000000) >> 24;
-	sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
-	sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
-	sid->id_auth[5] = (identauth & 0x000000ff);
-
-	sid->num_auths = 0;
-
-	while ((p = strtok(0, "-")) != NULL && sid->num_auths < MAXSUBAUTHS)
-		sid->sub_auths[sid->num_auths++] = atoi(p);
-
-	DEBUG(4,("init_dom_sid: %d SID:  %s\n", __LINE__, domsid));
-}
-
-/*******************************************************************
  Inits a DOM_SID2 structure.
 ********************************************************************/
 
diff --git a/source/rpc_parse/parse_ntsvcs.c b/source/rpc_parse/parse_ntsvcs.c
index 24bf3a455bf..599257e8020 100644
--- a/source/rpc_parse/parse_ntsvcs.c
+++ b/source/rpc_parse/parse_ntsvcs.c
@@ -299,8 +299,12 @@ BOOL ntsvcs_io_q_get_hw_profile_info(const char *desc, NTSVCS_Q_GET_HW_PROFILE_I
 
 	q_u->buffer_size = 0x000000a8;
 
-	if ( UNMARSHALLING(ps) )
+	if ( UNMARSHALLING(ps) ) {
 		q_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, q_u->buffer_size );
+		if (!q_u->buffer) {
+			return False;
+		}
+	}
 
 	if ( !prs_uint8s(True, "buffer", ps, depth, q_u->buffer, q_u->buffer_size) )
 		return False;
@@ -329,8 +333,12 @@ BOOL ntsvcs_io_r_get_hw_profile_info(const char *desc, NTSVCS_R_GET_HW_PROFILE_I
 	if ( !prs_align(ps) )
 		return False;
 
-	if ( UNMARSHALLING(ps) )
+	if ( UNMARSHALLING(ps) ) {
 		r_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, r_u->buffer_size );
+		if (!r_u->buffer) {
+			return False;
+		}
+	}
 
 	if ( !prs_uint8s(True, "buffer", ps, depth, r_u->buffer, r_u->buffer_size) )
 		return False;
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c
index f2b002c48cf..14e190892d7 100644
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -1469,11 +1469,12 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *me
     kbuf.dptr = keystr;
     kbuf.dsize = strlen(keystr)+1;
 
+    prs_init(ps, 0, mem_ctx, UNMARSHALL);
+
     dbuf = tdb_fetch(tdb, kbuf);
     if (!dbuf.dptr)
 	    return -1;
 
-    prs_init(ps, 0, mem_ctx, UNMARSHALL);
     prs_give_memory(ps, dbuf.dptr, dbuf.dsize, True);
 
     return 0;
diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index d661b225e06..9026d503c30 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -6471,8 +6471,14 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr,
 void init_sam_user_info20A(SAM_USER_INFO_20 *usr, struct samu *pw)
 {
 	const char *munged_dial = pdb_get_munged_dial(pw);
-	DATA_BLOB blob = base64_decode_data_blob(munged_dial);
-	
+	DATA_BLOB blob;
+
+	if (munged_dial) {
+		blob = base64_decode_data_blob(munged_dial);
+	} else {
+		blob = data_blob(NULL, 0);
+	}
+
 	init_unistr2_from_datablob(&usr->uni_munged_dial, &blob);
 	init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
 	data_blob_free(&blob);
diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c
index ec2d6b84300..2884883e893 100644
--- a/source/rpc_parse/parse_spoolss.c
+++ b/source/rpc_parse/parse_spoolss.c
@@ -4989,6 +4989,7 @@ BOOL spool_io_printer_driver_info_level_6(const char *desc, SPOOL_PRINTER_DRIVER
  dynamically allocate memory
  
 ********************************************************************/  
+
 static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
 {
 	fstring f;
@@ -4999,25 +5000,27 @@ static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
 		return False;
 
 	src = (char *)buf5->buffer;
-	*ar = NULL;
+	*ar = SMB_MALLOC_ARRAY(fstring, 1);
+	if (!*ar) {
+		return False;
+	}
 
 	while (src < ((char *)buf5->buffer) + buf5->buf_len*2) {
 		rpcstr_pull(f, src, sizeof(f)-1, -1, STR_TERMINATE);
 		src = skip_unibuf(src, 2*buf5->buf_len - PTR_DIFF(src,buf5->buffer));
 		*ar = SMB_REALLOC_ARRAY(*ar, fstring, n+2);
-		if (!*ar)
+		if (!*ar) {
 			return False;
+		}
 		fstrcpy((*ar)[n], f);
 		n++;
 	}
+
 	fstrcpy((*ar)[n], "");
  
 	return True;
 }
 
-
-
-
 /*******************************************************************
  read a UNICODE array with null terminated strings 
  and null terminated array 
@@ -5115,9 +5118,6 @@ BOOL make_spoolss_driver_info_3(TALLOC_CTX *mem_ctx,
 				DRIVER_INFO_3 *info3)
 {
 	uint32		len = 0;
-	uint16		*ptr = info3->dependentfiles;
-	BOOL		done = False;
-	BOOL		null_char = False;
 	SPOOL_PRINTER_DRIVER_INFO_LEVEL_3 *inf;
 
 	if (!(inf=TALLOC_ZERO_P(mem_ctx, SPOOL_PRINTER_DRIVER_INFO_LEVEL_3)))
@@ -5142,31 +5142,35 @@ BOOL make_spoolss_driver_info_3(TALLOC_CTX *mem_ctx,
 	init_unistr2_from_unistr(&inf->monitorname, &info3->monitorname);
 	init_unistr2_from_unistr(&inf->defaultdatatype, &info3->defaultdatatype);
 
-	while (!done)
-	{
-		switch (*ptr)
-		{
-			case 0:
-				/* the null_char BOOL is used to help locate
-				   two '\0's back to back */
-				if (null_char)
-					done = True;
-				else
-					null_char = True;
-				break;
+	if (info3->dependentfiles) {
+		BOOL done = False;
+		BOOL null_char = False;
+		uint16 *ptr = info3->dependentfiles;
+
+		while (!done) {
+			switch (*ptr) {
+				case 0:
+					/* the null_char BOOL is used to help locate
+					   two '\0's back to back */
+					if (null_char) {
+						done = True;
+					} else {
+						null_char = True;
+					}
+					break;
 					
-			default:
-				null_char = False;
-				;;
-				break;				
+				default:
+					null_char = False;
+					break;				
+			}
+			len++;
+			ptr++;
 		}
-		len++;
-		ptr++;
 	}
+
 	inf->dependentfiles_ptr = (info3->dependentfiles != NULL) ? 1 : 0;
-	inf->dependentfilessize = len;
-	if(!make_spoolss_buffer5(mem_ctx, &inf->dependentfiles, len, info3->dependentfiles))
-	{
+	inf->dependentfilessize = (info3->dependentfiles != NULL) ? len : 0;
+	if(!make_spoolss_buffer5(mem_ctx, &inf->dependentfiles, len, info3->dependentfiles)) {
 		SAFE_FREE(inf);
 		return False;
 	}
@@ -5179,13 +5183,18 @@ BOOL make_spoolss_driver_info_3(TALLOC_CTX *mem_ctx,
 /*******************************************************************
  make a BUFFER5 struct from a uint16*
  ******************************************************************/
+
 BOOL make_spoolss_buffer5(TALLOC_CTX *mem_ctx, BUFFER5 *buf5, uint32 len, uint16 *src)
 {
 
 	buf5->buf_len = len;
-	if((buf5->buffer=(uint16*)TALLOC_MEMDUP(mem_ctx, src, sizeof(uint16)*len)) == NULL) {
-		DEBUG(0,("make_spoolss_buffer5: Unable to malloc memory for buffer!\n"));
-		return False;
+	if (src) {
+		if((buf5->buffer=(uint16*)TALLOC_MEMDUP(mem_ctx, src, sizeof(uint16)*len)) == NULL) {
+			DEBUG(0,("make_spoolss_buffer5: Unable to malloc memory for buffer!\n"));
+			return False;
+		}
+	} else {
+		buf5->buffer=NULL;
 	}
 	
 	return True;
author	Gerald Carter <jerry@samba.org>	2006-06-20 16:59:48 +0000
committer	Gerald Carter <jerry@samba.org>	2006-06-20 16:59:48 +0000
commit	71402ccf50c38ff092e7331c6817bbf975fde412 (patch)
tree	49ed8a84c63734b906f1b792225f12fc1dc1d659 /source/rpc_parse
parent	aa39f8aeab4ff08fd083cf913576f24104b08fde (diff)
download	samba-71402ccf50c38ff092e7331c6817bbf975fde412.tar.gz samba-71402ccf50c38ff092e7331c6817bbf975fde412.tar.xz samba-71402ccf50c38ff092e7331c6817bbf975fde412.zip