summaryrefslogtreecommitdiffstats
path: root/source
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-05-22 20:20:01 +0000
committerJeremy Allison <jra@samba.org>2007-05-22 20:20:01 +0000
commit6c0daaca49a0d4840481f0ff5f6b89c0b1b7be35 (patch)
tree44b7a8a27afdc6764e94a95746295de38bac14d1 /source
parent8b66cd6121e8f0b86338a130668b653bde9b9ffe (diff)
downloadsamba-6c0daaca49a0d4840481f0ff5f6b89c0b1b7be35.tar.gz
samba-6c0daaca49a0d4840481f0ff5f6b89c0b1b7be35.tar.xz
samba-6c0daaca49a0d4840481f0ff5f6b89c0b1b7be35.zip
r23080: Fix bug #4637 - we hads missed some cases where
we were calling PRS_ALLOC_MEM with zero count. Jeremy.
Diffstat (limited to 'source')
-rw-r--r--source/libads/authdata.c36
-rw-r--r--source/registry/regfio.c8
-rw-r--r--source/rpc_parse/parse_lsa.c20
-rw-r--r--source/rpc_parse/parse_net.c23
-rw-r--r--source/rpc_parse/parse_prs.c48
-rw-r--r--source/rpc_parse/parse_samr.c22
-rw-r--r--source/rpc_parse/parse_spoolss.c34
-rw-r--r--source/rpc_parse/parse_srv.c26
8 files changed, 133 insertions, 84 deletions
diff --git a/source/libads/authdata.c b/source/libads/authdata.c
index 71294941a60..8e951dde805 100644
--- a/source/libads/authdata.c
+++ b/source/libads/authdata.c
@@ -120,10 +120,14 @@ static BOOL pac_io_krb_sid_and_attr_array(const char *desc,
return False;
if (UNMARSHALLING(ps)) {
- array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num);
- if (!array->krb_sid_and_attrs) {
- DEBUG(3, ("No memory available\n"));
- return False;
+ if (num) {
+ array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num);
+ if (!array->krb_sid_and_attrs) {
+ DEBUG(3, ("No memory available\n"));
+ return False;
+ }
+ } else {
+ array->krb_sid_and_attrs = NULL;
}
}
@@ -184,10 +188,14 @@ static BOOL pac_io_group_membership_array(const char *desc,
return False;
if (UNMARSHALLING(ps)) {
- array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num);
- if (!array->group_membership) {
- DEBUG(3, ("No memory available\n"));
- return False;
+ if (num) {
+ array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num);
+ if (!array->group_membership) {
+ DEBUG(3, ("No memory available\n"));
+ return False;
+ }
+ } else {
+ array->group_membership = NULL;
}
}
@@ -456,10 +464,14 @@ static BOOL pac_io_pac_signature_data(const char *desc,
return False;
if (UNMARSHALLING(ps) && length) {
- data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen);
- if (!data->signature.buffer) {
- DEBUG(3, ("No memory available\n"));
- return False;
+ if (siglen) {
+ data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen);
+ if (!data->signature.buffer) {
+ DEBUG(3, ("No memory available\n"));
+ return False;
+ }
+ } else {
+ data->signature.buffer = NULL;
}
}
diff --git a/source/registry/regfio.c b/source/registry/regfio.c
index 3a554177a4c..3e3e7e480c5 100644
--- a/source/registry/regfio.c
+++ b/source/registry/regfio.c
@@ -642,8 +642,12 @@ static BOOL hbin_prs_lf_records( const char *desc, REGF_HBIN *hbin, int depth, R
return False;
if ( UNMARSHALLING(&hbin->ps) ) {
- if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) )
- return False;
+ if (lf->num_keys) {
+ if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) )
+ return False;
+ } else {
+ lf->hashes = NULL;
+ }
}
for ( i=0; i<lf->num_keys; i++ ) {
diff --git a/source/rpc_parse/parse_lsa.c b/source/rpc_parse/parse_lsa.c
index 06ccec4ab34..0add8b2bb0c 100644
--- a/source/rpc_parse/parse_lsa.c
+++ b/source/rpc_parse/parse_lsa.c
@@ -1178,7 +1178,7 @@ static BOOL lsa_io_sid_enum(const char *desc, LSA_SID_ENUM *sen, prs_struct *ps,
/* Mallocate memory if we're unpacking from the wire */
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && sen->num_entries) {
if ((sen->ptr_sid = PRS_ALLOC_MEM( ps, uint32, sen->num_entries)) == NULL) {
DEBUG(3, ("init_lsa_sid_enum(): out of memory for "
"ptr_sid\n"));
@@ -1361,7 +1361,7 @@ static BOOL lsa_io_trans_names(const char *desc, LSA_TRANS_NAME_ENUM *trn,
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && trn->num_entries2) {
if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME, trn->num_entries2)) == NULL) {
return False;
}
@@ -1423,7 +1423,7 @@ static BOOL lsa_io_trans_names2(const char *desc, LSA_TRANS_NAME_ENUM2 *trn,
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && trn->num_entries2) {
if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME2, trn->num_entries2)) == NULL) {
return False;
}
@@ -1700,7 +1700,7 @@ BOOL lsa_io_r_lookup_names(const char *desc, LSA_R_LOOKUP_NAMES *out, prs_struct
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && out->num_entries2) {
if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID, out->num_entries2))
== NULL) {
DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n"));
@@ -1825,7 +1825,7 @@ BOOL lsa_io_r_lookup_names2(const char *desc, LSA_R_LOOKUP_NAMES2 *out, prs_stru
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && out->num_entries2) {
if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID2, out->num_entries2))
== NULL) {
DEBUG(3, ("lsa_io_r_lookup_names2(): out of memory\n"));
@@ -1978,7 +1978,7 @@ BOOL lsa_io_r_lookup_names3(const char *desc, LSA_R_LOOKUP_NAMES3 *out, prs_stru
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && out->num_entries2) {
if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2))
== NULL) {
DEBUG(3, ("lsa_io_r_lookup_names3(): out of memory\n"));
@@ -2107,7 +2107,7 @@ BOOL lsa_io_r_lookup_names4(const char *desc, LSA_R_LOOKUP_NAMES4 *out, prs_stru
return False;
}
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && out->num_entries2) {
if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2))
== NULL) {
DEBUG(3, ("lsa_io_r_lookup_names4(): out of memory\n"));
@@ -2346,7 +2346,7 @@ BOOL lsa_io_r_enum_privs(const char *desc, LSA_R_ENUM_PRIVS *out, prs_struct *ps
if(!prs_uint32("count1", ps, depth, &out->count1))
return False;
- if (UNMARSHALLING(ps))
+ if (UNMARSHALLING(ps) && out->count1)
if (!(out->privs = PRS_ALLOC_MEM(ps, LSA_PRIV_ENTRY, out->count1)))
return False;
@@ -3908,7 +3908,7 @@ static BOOL smb_io_lsa_data_buf(const char *desc, LSA_DATA_BUF *buf,
prs_debug(ps, depth, desc, "smb_io_lsa_data_buf");
depth++;
- if ( UNMARSHALLING(ps) ) {
+ if ( UNMARSHALLING(ps) && length ) {
if ( !(buf->data = PRS_ALLOC_MEM( ps, uint8, length )) )
return False;
}
@@ -3922,7 +3922,7 @@ static BOOL smb_io_lsa_data_buf(const char *desc, LSA_DATA_BUF *buf,
if (!prs_uint32("length", ps, depth, &buf->length))
return False;
- if(!prs_uint8s(False, "data", ps, depth, buf->data, size))
+ if(!prs_uint8s(False, "data", ps, depth, buf->data, length))
return False;
return True;
diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c
index 2d6a5e89caa..28e10caeec1 100644
--- a/source/rpc_parse/parse_net.c
+++ b/source/rpc_parse/parse_net.c
@@ -1729,9 +1729,13 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
}
if (UNMARSHALLING(ps)) {
- usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups);
- if (usr->gids == NULL)
- return False;
+ if (usr->num_groups) {
+ usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups);
+ if (usr->gids == NULL)
+ return False;
+ } else {
+ usr->gids = NULL;
+ }
}
for (i = 0; i < usr->num_groups; i++) {
@@ -1764,10 +1768,15 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
return False;
if (UNMARSHALLING(ps)) {
- usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids);
- usr->other_sids_attrib =
- PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids);
-
+ if (usr->num_other_sids) {
+ usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids);
+ usr->other_sids_attrib =
+ PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids);
+ } else {
+ usr->other_sids = NULL;
+ usr->other_sids_attrib = NULL;
+ }
+
if ((num_other_sids != 0) &&
((usr->other_sids == NULL) ||
(usr->other_sids_attrib == NULL)))
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c
index 174a0223d3f..0edc7388de2 100644
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -644,8 +644,12 @@ BOOL prs_pointer( const char *name, prs_struct *ps, int depth,
return True;
if (UNMARSHALLING(ps)) {
- if ( !(*data = PRS_ALLOC_MEM(ps, char, data_size)) )
- return False;
+ if (data_size) {
+ if ( !(*data = PRS_ALLOC_MEM(ps, char, data_size)) )
+ return False;
+ } else {
+ *data = NULL;
+ }
}
return prs_fn(name, ps, depth, *data);
@@ -1016,16 +1020,16 @@ BOOL prs_buffer5(BOOL charmode, const char *name, prs_struct *ps, int depth, BUF
if (q == NULL)
return False;
+ /* If the string is empty, we don't have anything to stream */
+ if (str->buf_len==0)
+ return True;
+
if (UNMARSHALLING(ps)) {
str->buffer = PRS_ALLOC_MEM(ps,uint16,str->buf_len);
if (str->buffer == NULL)
return False;
}
- /* If the string is empty, we don't have anything to stream */
- if (str->buf_len==0)
- return True;
-
p = (char *)str->buffer;
dbg_rw_punival(charmode, name, depth, ps, q, p, str->buf_len);
@@ -1055,6 +1059,8 @@ BOOL prs_regval_buffer(BOOL charmode, const char *name, prs_struct *ps, int dept
buf->buffer = PRS_ALLOC_MEM(ps, uint16, buf->buf_max_len);
if ( buf->buffer == NULL )
return False;
+ } else {
+ buf->buffer = NULL;
}
}
@@ -1082,9 +1088,13 @@ BOOL prs_string2(BOOL charmode, const char *name, prs_struct *ps, int depth, STR
if (str->str_str_len > str->str_max_len) {
return False;
}
- str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len);
- if (str->buffer == NULL)
- return False;
+ if (str->str_max_len) {
+ str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len);
+ if (str->buffer == NULL)
+ return False;
+ } else {
+ str->buffer = NULL;
+ }
}
if (UNMARSHALLING(ps)) {
@@ -1129,9 +1139,13 @@ BOOL prs_unistr2(BOOL charmode, const char *name, prs_struct *ps, int depth, UNI
if (str->uni_str_len > str->uni_max_len) {
return False;
}
- str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len);
- if (str->buffer == NULL)
- return False;
+ if (str->uni_max_len) {
+ str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len);
+ if (str->buffer == NULL)
+ return False;
+ } else {
+ str->buffer = NULL;
+ }
}
p = (char *)str->buffer;
@@ -1156,9 +1170,13 @@ BOOL prs_unistr3(BOOL charmode, const char *name, UNISTR3 *str, prs_struct *ps,
return False;
if (UNMARSHALLING(ps)) {
- str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len);
- if (str->str.buffer == NULL)
- return False;
+ if (str->uni_str_len) {
+ str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len);
+ if (str->str.buffer == NULL)
+ return False;
+ } else {
+ str->str.buffer = NULL;
+ }
}
p = (char *)str->str.buffer;
diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index f73983f8329..6f50d2cbd74 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -3328,7 +3328,7 @@ BOOL samr_io_r_enum_domains(const char *desc, SAMR_R_ENUM_DOMAINS * r_u,
if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3))
return False;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && r_u->num_entries2) {
r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2);
r_u->uni_dom_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2);
}
@@ -3467,7 +3467,7 @@ BOOL samr_io_r_enum_dom_groups(const char *desc, SAMR_R_ENUM_DOM_GROUPS * r_u,
if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3))
return False;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && r_u->num_entries2) {
r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2);
r_u->uni_grp_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2);
}
@@ -4997,12 +4997,13 @@ BOOL samr_io_r_lookup_names(const char *desc, SAMR_R_LOOKUP_NAMES * r_u,
return False;
}
- if (UNMARSHALLING(ps))
+ if (UNMARSHALLING(ps) && r_u->num_rids2) {
r_u->rids = PRS_ALLOC_MEM(ps, uint32, r_u->num_rids2);
- if (!r_u->rids) {
- DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n"));
- return False;
+ if (!r_u->rids) {
+ DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n"));
+ return False;
+ }
}
for (i = 0; i < r_u->num_rids2; i++) {
@@ -5026,12 +5027,13 @@ BOOL samr_io_r_lookup_names(const char *desc, SAMR_R_LOOKUP_NAMES * r_u,
return False;
}
- if (UNMARSHALLING(ps))
+ if (UNMARSHALLING(ps) && r_u->num_types2) {
r_u->types = PRS_ALLOC_MEM(ps, uint32, r_u->num_types2);
- if (!r_u->types) {
- DEBUG(0, ("NULL types in samr_io_r_lookup_names\n"));
- return False;
+ if (!r_u->types) {
+ DEBUG(0, ("NULL types in samr_io_r_lookup_names\n"));
+ return False;
+ }
}
for (i = 0; i < r_u->num_types2; i++) {
diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c
index 060b53f44a9..00490fe798c 100644
--- a/source/rpc_parse/parse_spoolss.c
+++ b/source/rpc_parse/parse_spoolss.c
@@ -256,7 +256,7 @@ static BOOL smb_io_notify_option_type_ctr(const char *desc, SPOOL_NOTIFY_OPTION_
return False;
/* reading */
- if (UNMARSHALLING(ps))
+ if (UNMARSHALLING(ps) && ctr->count)
if((ctr->type=PRS_ALLOC_MEM(ps,SPOOL_NOTIFY_OPTION_TYPE,ctr->count)) == NULL)
return False;
@@ -415,7 +415,7 @@ BOOL smb_io_notify_info_data_strings(const char *desc,SPOOL_NOTIFY_INFO_DATA *da
if(!prs_uint32("string length", ps, depth, &data->notify_data.data.length))
return False;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && data->notify_data.data.length) {
data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16,
data->notify_data.data.length);
@@ -434,7 +434,7 @@ BOOL smb_io_notify_info_data_strings(const char *desc,SPOOL_NOTIFY_INFO_DATA *da
case NOTIFY_POINTER:
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && data->notify_data.data.length) {
data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16,
data->notify_data.data.length);
@@ -494,9 +494,13 @@ BOOL smb_io_notify_info_data_strings(const char *desc,SPOOL_NOTIFY_INFO_DATA *da
/* Tallocate memory for string */
- data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2);
- if (!data->notify_data.data.string)
- return False;
+ if (x) {
+ data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2);
+ if (!data->notify_data.data.string)
+ return False;
+ } else {
+ data->notify_data.data.string = NULL;
+ }
if(!prs_uint16uni(True,"string",ps,depth,data->notify_data.data.string,x))
return False;
@@ -6005,14 +6009,14 @@ BOOL spoolss_io_q_setprinterdata(const char *desc, SPOOL_Q_SETPRINTERDATA *q_u,
case REG_BINARY:
case REG_DWORD:
case REG_MULTI_SZ:
- if (q_u->max_len) {
- if (UNMARSHALLING(ps))
- q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len);
- if(q_u->data == NULL)
- return False;
- if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len))
- return False;
- }
+ if (q_u->max_len) {
+ if (UNMARSHALLING(ps))
+ q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len);
+ if(q_u->data == NULL)
+ return False;
+ if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len))
+ return False;
+ }
if(!prs_align(ps))
return False;
break;
@@ -7035,7 +7039,7 @@ static BOOL spoolss_io_printer_enum_values_ctr(const char *desc, prs_struct *ps,
/* first loop to write basic enum_value information */
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && ctr->size_of_array) {
ctr->values = PRS_ALLOC_MEM(ps, PRINTER_ENUM_VALUES, ctr->size_of_array);
if (!ctr->values)
return False;
diff --git a/source/rpc_parse/parse_srv.c b/source/rpc_parse/parse_srv.c
index f4e0e84d85a..b562b6d6f79 100644
--- a/source/rpc_parse/parse_srv.c
+++ b/source/rpc_parse/parse_srv.c
@@ -783,7 +783,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info0 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_0, num_entries)))
return False;
ctr->share.info0 = info0;
@@ -809,7 +809,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_1, num_entries)))
return False;
ctr->share.info1 = info1;
@@ -835,7 +835,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info2 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_2,num_entries)))
return False;
ctr->share.info2 = info2;
@@ -860,7 +860,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info501 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_501, num_entries)))
return False;
ctr->share.info501 = info501;
@@ -885,7 +885,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info502 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_502,num_entries)))
return False;
ctr->share.info502 = info502;
@@ -911,7 +911,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1004 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1004,num_entries)))
return False;
ctr->share.info1004 = info1004;
@@ -937,7 +937,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1005 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1005,num_entries)))
return False;
ctr->share.info1005 = info1005;
@@ -957,7 +957,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1006 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1006,num_entries)))
return False;
ctr->share.info1006 = info1006;
@@ -977,7 +977,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1007 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1007,num_entries)))
return False;
ctr->share.info1007 = info1007;
@@ -1003,7 +1003,7 @@ static BOOL srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info1501 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1501,num_entries)))
return False;
ctr->share.info1501 = info1501;
@@ -2466,7 +2466,7 @@ static BOOL srv_io_srv_file_ctr(const char *desc, SRV_FILE_INFO_CTR *ctr, prs_st
int num_entries = ctr->num_entries;
int i;
- if (UNMARSHALLING(ps)) {
+ if (UNMARSHALLING(ps) && num_entries) {
if (!(info3 = PRS_ALLOC_MEM(ps, FILE_INFO_3, num_entries)))
return False;
ctr->file.info3 = info3;
@@ -3246,7 +3246,7 @@ BOOL srv_io_r_net_disk_enum(const char *desc, SRV_R_NET_DISK_ENUM *r_n, prs_stru
r_n->disk_enum_ctr.entries_read = entries_read3;
- if(UNMARSHALLING(ps)) {
+ if(UNMARSHALLING(ps) && entries_read3) {
DISK_INFO *dinfo;
@@ -3255,7 +3255,7 @@ BOOL srv_io_r_net_disk_enum(const char *desc, SRV_R_NET_DISK_ENUM *r_n, prs_stru
r_n->disk_enum_ctr.disk_info = dinfo;
}
- for(i=0; i < r_n->disk_enum_ctr.entries_read; i++) {
+ for(i=0; i < entries_read3; i++) {
if(!prs_uint32("unknown", ps, depth, &r_n->disk_enum_ctr.disk_info[i].unknown))
return False;