summaryrefslogtreecommitdiffstats
path: root/source/rpc_parse
diff options
context:
space:
mode:
Diffstat (limited to 'source/rpc_parse')
-rw-r--r--source/rpc_parse/parse_buffer.c9
-rw-r--r--source/rpc_parse/parse_prs.c39
-rw-r--r--source/rpc_parse/parse_spoolss.c8
3 files changed, 25 insertions, 31 deletions
diff --git a/source/rpc_parse/parse_buffer.c b/source/rpc_parse/parse_buffer.c
index 36d8eda8474..b2208096541 100644
--- a/source/rpc_parse/parse_buffer.c
+++ b/source/rpc_parse/parse_buffer.c
@@ -371,19 +371,14 @@ BOOL smb_io_relarraystr(const char *desc, RPC_BUFFER *buffer, int depth, uint16
/* we're going to add two more bytes here in case this
is the last string in the array and we need to add
an extra NULL for termination */
- if (l_chaine > 0)
- {
- uint16 *tc2;
-
+ if (l_chaine > 0) {
realloc_size = (l_chaine2+l_chaine+2)*sizeof(uint16);
/* Yes this should be realloc - it's freed below. JRA */
- if((tc2=(uint16 *)SMB_REALLOC(chaine2, realloc_size)) == NULL) {
- SAFE_FREE(chaine2);
+ if((chaine2=(uint16 *)SMB_REALLOC(chaine2, realloc_size)) == NULL) {
return False;
}
- else chaine2 = tc2;
memcpy(chaine2+l_chaine2, chaine.buffer, (l_chaine+1)*sizeof(uint16));
l_chaine2+=l_chaine+1;
}
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c
index c4f9f512ab7..4683f1dbd07 100644
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -207,16 +207,21 @@ BOOL prs_set_buffer_size(prs_struct *ps, uint32 newsize)
return prs_force_grow(ps, newsize - ps->buffer_size);
if (newsize < ps->buffer_size) {
- char *new_data_p = SMB_REALLOC(ps->data_p, newsize);
- /* if newsize is zero, Realloc acts like free() & returns NULL*/
- if (new_data_p == NULL && newsize != 0) {
- DEBUG(0,("prs_set_buffer_size: Realloc failure for size %u.\n",
- (unsigned int)newsize));
- DEBUG(0,("prs_set_buffer_size: Reason %s\n",strerror(errno)));
- return False;
- }
- ps->data_p = new_data_p;
ps->buffer_size = newsize;
+
+ /* newsize == 0 acts as a free and set pointer to NULL */
+ if (newsize == 0) {
+ SAFE_FREE(ps->data_p);
+ } else {
+ ps->data_p = SMB_REALLOC(ps->data_p, newsize);
+
+ if (ps->data_p == NULL) {
+ DEBUG(0,("prs_set_buffer_size: Realloc failure for size %u.\n",
+ (unsigned int)newsize));
+ DEBUG(0,("prs_set_buffer_size: Reason %s\n",strerror(errno)));
+ return False;
+ }
+ }
}
return True;
@@ -230,7 +235,6 @@ BOOL prs_set_buffer_size(prs_struct *ps, uint32 newsize)
BOOL prs_grow(prs_struct *ps, uint32 extra_space)
{
uint32 new_size;
- char *new_data;
ps->grow_size = MAX(ps->grow_size, ps->data_offset + extra_space);
@@ -261,11 +265,11 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space)
new_size = MAX(RPC_MAX_PDU_FRAG_LEN,extra_space);
- if((new_data = SMB_MALLOC(new_size)) == NULL) {
+ if((ps->data_p = SMB_MALLOC(new_size)) == NULL) {
DEBUG(0,("prs_grow: Malloc failure for size %u.\n", (unsigned int)new_size));
return False;
}
- memset(new_data, '\0', (size_t)new_size );
+ memset(ps->data_p, '\0', (size_t)new_size );
} else {
/*
* If the current buffer size is bigger than the space needed, just
@@ -273,16 +277,15 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space)
*/
new_size = MAX(ps->buffer_size*2, ps->buffer_size + extra_space);
- if ((new_data = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
+ if ((ps->data_p = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
DEBUG(0,("prs_grow: Realloc failure for size %u.\n",
(unsigned int)new_size));
return False;
}
- memset(&new_data[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
+ memset(&ps->data_p[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
}
ps->buffer_size = new_size;
- ps->data_p = new_data;
return True;
}
@@ -296,7 +299,6 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space)
BOOL prs_force_grow(prs_struct *ps, uint32 extra_space)
{
uint32 new_size = ps->buffer_size + extra_space;
- char *new_data;
if(!UNMARSHALLING(ps) || !ps->is_dynamic) {
DEBUG(0,("prs_force_grow: Buffer overflow - unable to expand buffer by %u bytes.\n",
@@ -304,16 +306,15 @@ BOOL prs_force_grow(prs_struct *ps, uint32 extra_space)
return False;
}
- if((new_data = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
+ if((ps->data_p = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
DEBUG(0,("prs_force_grow: Realloc failure for size %u.\n",
(unsigned int)new_size));
return False;
}
- memset(&new_data[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
+ memset(&ps->data_p[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
ps->buffer_size = new_size;
- ps->data_p = new_data;
return True;
}
diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c
index 5a17860814d..5a308bc77d3 100644
--- a/source/rpc_parse/parse_spoolss.c
+++ b/source/rpc_parse/parse_spoolss.c
@@ -4968,7 +4968,7 @@ BOOL spool_io_printer_driver_info_level_6(const char *desc, SPOOL_PRINTER_DRIVER
********************************************************************/
static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
{
- fstring f, *tar;
+ fstring f;
int n = 0;
char *src;
@@ -4981,11 +4981,9 @@ static BOOL uniarray_2_dosarray(BUFFER5 *buf5, fstring **ar)
while (src < ((char *)buf5->buffer) + buf5->buf_len*2) {
rpcstr_pull(f, src, sizeof(f)-1, -1, STR_TERMINATE);
src = skip_unibuf(src, 2*buf5->buf_len - PTR_DIFF(src,buf5->buffer));
- tar = SMB_REALLOC_ARRAY(*ar, fstring, n+2);
- if (!tar)
+ *ar = SMB_REALLOC_ARRAY(*ar, fstring, n+2);
+ if (!*ar)
return False;
- else
- *ar = tar;
fstrcpy((*ar)[n], f);
n++;
}
generated by cgit (git 2.34.1) at 2025-02-07 12:42:59 +0000