The branch, v3-2-test has been updated via b59b436997fba47afd02ffb6f1194dfaef229d44 (commit) via 3fc85d22590550f0539215d020e4411bf5b14363 (commit) from 097af0309d7c3e9342058ba5266667293b23c80d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log ----------------------------------------------------------------- commit b59b436997fba47afd02ffb6f1194dfaef229d44 Author: Volker Lendecke <[EMAIL PROTECTED]> Date: Mon Mar 17 21:00:16 2008 +0100 Some simplifications commit 3fc85d22590550f0539215d020e4411bf5b14363 Author: Marc VanHeyningen <[EMAIL PROTECTED]> Date: Fri Mar 14 14:26:28 2008 -0800 Coverity fixes ----------------------------------------------------------------------- Summary of changes: source/client/client.c | 5 ++++- source/include/rpc_client.h | 12 ++++-------- source/lib/sock_exec.c | 2 +- source/libads/kerberos.c | 6 ++++-- source/libads/krb5_setpw.c | 17 ++++++++++++++--- source/libads/ldap.c | 5 ++++- source/nsswitch/wins.c | 10 ++++++++-- source/passdb/pdb_ldap.c | 14 ++++++++++---- source/passdb/pdb_smbpasswd.c | 6 ++++-- source/printing/nt_printing.c | 31 +++++++++++++++++++------------ source/registry/reg_backend_printing.c | 3 ++- source/registry/regfio.c | 5 ++++- source/rpc_client/cli_pipe.c | 23 +++++++++++++---------- source/rpc_client/ndr.c | 5 +---- source/rpc_parse/parse_buffer.c | 6 ++++-- source/rpc_parse/parse_misc.c | 27 ++++++++++++++++++--------- source/rpc_parse/parse_prs.c | 2 +- source/rpc_server/srv_pipe.c | 16 ++++++++-------- source/rpc_server/srv_pipe_hnd.c | 6 +++--- source/rpc_server/srv_spoolss_nt.c | 6 +++++- source/rpc_server/srv_winreg_nt.c | 6 ++++-- source/services/services_db.c | 7 ++++++- source/smbd/notify.c | 2 +- source/smbd/uid.c | 8 +++++++- source/utils/net_rpc.c | 7 +++++-- source/utils/rpccheck.c | 3 ++- source/utils/smbget.c | 7 ++++++- 27 files changed, 162 insertions(+), 85 deletions(-) Changeset truncated at 500 lines: diff --git a/source/client/client.c b/source/client/client.c index a285bcc..0b4438d 100644 --- a/source/client/client.c +++ b/source/client/client.c @@ -4899,7 +4899,10 @@ static int do_message_op(void) } smb_encrypt = get_cmdline_auth_info_smb_encrypt(); - init_names(); + if (!init_names()) { + fprintf(stderr, "init_names() failed\n"); + exit(1); + } if(new_name_resolve_order) lp_set_name_resolve_order(new_name_resolve_order); diff --git a/source/include/rpc_client.h b/source/include/rpc_client.h index e1ebb25..c552271 100644 --- a/source/include/rpc_client.h +++ b/source/include/rpc_client.h @@ -36,6 +36,8 @@ #include "librpc/gen_ndr/cli_dssetup.h" #include "librpc/gen_ndr/cli_ntsvcs.h" +#define prs_init_empty( _ps_, _ctx_, _io_ ) (void) prs_init((_ps_), 0, (_ctx_), (_io_)) + /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */ #define CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \ @@ -45,10 +47,7 @@ if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \ return NT_STATUS_NO_MEMORY;\ }\ - if (!prs_init( &r_ps, 0, ctx, UNMARSHALL )) {\ - prs_mem_free( &q_ps );\ - return NT_STATUS_NO_MEMORY;\ - }\ + prs_init_empty( &r_ps, ctx, UNMARSHALL );\ if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\ if ( q_io_fn("", &q_in, &q_ps, 0) ) {\ NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \ @@ -96,10 +95,7 @@ if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \ return WERR_NOMEM;\ }\ - if (!prs_init( &r_ps, 0, ctx, UNMARSHALL )) {\ - prs_mem_free( &q_ps );\ - return WERR_NOMEM;\ - }\ + prs_init_empty( &r_ps, ctx, UNMARSHALL );\ if ( q_io_fn("", &q_in, &q_ps, 0) ) {\ NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \ if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\ diff --git a/source/lib/sock_exec.c b/source/lib/sock_exec.c index 278a174..2333d7c 100644 --- a/source/lib/sock_exec.c +++ b/source/lib/sock_exec.c @@ -48,7 +48,7 @@ static int socketpair_tcp(int fd[2]) #endif sock2.sin_family = PF_INET; - bind(listener, (struct sockaddr *)&sock2, sizeof(sock2)); + if (bind(listener, (struct sockaddr *)&sock2, sizeof(sock2)) != 0) goto failed; if (listen(listener, 1) != 0) goto failed; diff --git a/source/libads/kerberos.c b/source/libads/kerberos.c index ee25fb5..66f203b 100644 --- a/source/libads/kerberos.c +++ b/source/libads/kerberos.c @@ -606,9 +606,11 @@ bool kerberos_secrets_store_salting_principal(const char *service, krb5_principal princ = NULL; char *princ_s = NULL; char *unparsed_name = NULL; + krb5_error_code code; - krb5_init_context(&context); - if (!context) { + if (((code = krb5_init_context(&context)) != 0) || (context == NULL)) { + DEBUG(5, ("kerberos_secrets_store_salting_pricipal: kdb5_init_context failed: %s\n", + error_message(code))); return False; } if (strchr_m(service, '@')) { diff --git a/source/libads/krb5_setpw.c b/source/libads/krb5_setpw.c index 852251a..719f3bd 100644 --- a/source/libads/krb5_setpw.c +++ b/source/libads/krb5_setpw.c @@ -438,10 +438,21 @@ static ADS_STATUS do_krb5_kpasswd_request(krb5_context context, return ADS_ERROR_SYSTEM(rc); } addr_len = sizeof(remote_addr); - getpeername(sock, (struct sockaddr *)&remote_addr, &addr_len); + if (getpeername(sock, (struct sockaddr *)&remote_addr, &addr_len) != 0) { + close(sock); + SAFE_FREE(ap_req.data); + krb5_auth_con_free(context, auth_context); + DEBUG(1,("getpeername() failed (%s)\n", error_message(errno))); + return ADS_ERROR_SYSTEM(errno); + } addr_len = sizeof(local_addr); - getsockname(sock, (struct sockaddr *)&local_addr, &addr_len); - + if (getsockname(sock, (struct sockaddr *)&local_addr, &addr_len) != 0) { + close(sock); + SAFE_FREE(ap_req.data); + krb5_auth_con_free(context, auth_context); + DEBUG(1,("getsockname() failed (%s)\n", error_message(errno))); + return ADS_ERROR_SYSTEM(errno); + } if (!setup_kaddr(&remote_kaddr, &remote_addr) || !setup_kaddr(&local_kaddr, &local_addr)) { DEBUG(1,("do_krb5_kpasswd_request: " diff --git a/source/libads/ldap.c b/source/libads/ldap.c index d6b9ba6..9ec06e5 100644 --- a/source/libads/ldap.c +++ b/source/libads/ldap.c @@ -588,7 +588,10 @@ static char **ads_push_strvals(TALLOC_CTX *ctx, const char **in_vals) if (!values) return NULL; for (i=0; in_vals[i]; i++) { - push_utf8_talloc(ctx, &values[i], in_vals[i]); + if (push_utf8_talloc(ctx, &values[i], in_vals[i]) == (size_t) -1) { + TALLOC_FREE(values); + return NULL; + } } return values; } diff --git a/source/nsswitch/wins.c b/source/nsswitch/wins.c index e74cfaf..36415c4 100644 --- a/source/nsswitch/wins.c +++ b/source/nsswitch/wins.c @@ -58,9 +58,15 @@ static int wins_lookup_open_socket_in(void) if (res == -1) return -1; - setsockopt(res,SOL_SOCKET,SO_REUSEADDR,(char *)&val,sizeof(val)); + if (setsockopt(res,SOL_SOCKET,SO_REUSEADDR,(char *)&val,sizeof(val)) != 0) { + close(res); + return -1; + } #ifdef SO_REUSEPORT - setsockopt(res,SOL_SOCKET,SO_REUSEPORT,(char *)&val,sizeof(val)); + if (setsockopt(res,SOL_SOCKET,SO_REUSEPORT,(char *)&val,sizeof(val)) != 0) { + close(res); + return -1; + } #endif /* SO_REUSEPORT */ /* now we've got a socket - we need to bind it */ diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index d941abb..cf5b72b 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -1726,10 +1726,16 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods, return NT_STATUS_UNSUCCESSFUL; } - ber_printf (ber, "{"); - ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn); - ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password); - ber_printf (ber, "n}"); + if ((ber_printf (ber, "{") < 0) || + (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn) < 0) || + (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password) < 0) || + (ber_printf (ber, "n}") < 0)) { + DEBUG(0,("ldapsam_modify_entry: ber_printf returns a value <0\n")); + ber_free(ber,1); + SAFE_FREE(utf8_dn); + SAFE_FREE(utf8_password); + return NT_STATUS_UNSUCCESSFUL; + } if ((rc = ber_flatten (ber, &bv))<0) { DEBUG(0,("ldapsam_modify_entry: ber_flatten returns a value <0\n")); diff --git a/source/passdb/pdb_smbpasswd.c b/source/passdb/pdb_smbpasswd.c index 70944a9..f72638b 100644 --- a/source/passdb/pdb_smbpasswd.c +++ b/source/passdb/pdb_smbpasswd.c @@ -1251,8 +1251,10 @@ static bool build_sam_account(struct smbpasswd_privates *smbpasswd_state, /* set remaining fields */ - pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET); - pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET); + if (!pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET)) + return False; + if (!pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET)) + return False; pdb_set_acct_ctrl (sam_pass, pw_buf->acct_ctrl, PDB_SET); pdb_set_pass_last_set_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET); pdb_set_pass_can_change_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET); diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c index d5803b7..68b0359 100644 --- a/source/printing/nt_printing.c +++ b/source/printing/nt_printing.c @@ -344,7 +344,6 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, int result, i; uint32 sd_size; size_t size_new_sec; - DOM_SID sid; if (!data.dptr || data.dsize == 0) { return 0; @@ -358,7 +357,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, ZERO_STRUCT( ps ); - prs_init( &ps, 0, ctx, UNMARSHALL ); + prs_init_empty( &ps, ctx, UNMARSHALL ); prs_give_memory( &ps, (char *)data.dptr, data.dsize, False ); if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_orig, &ps, 1 ) ) { @@ -405,10 +404,10 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, /* create a new SEC_DESC with the appropriate owner and group SIDs */ - string_to_sid(&sid, "S-1-5-32-544" ); new_sec = make_sec_desc( ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, - &sid, &sid, - NULL, NULL, &size_new_sec ); + &global_sid_Builtin_Administrators, + &global_sid_Builtin_Administrators, + NULL, NULL, &size_new_sec ); if (!new_sec) { prs_mem_free( &ps ); return 0; @@ -431,7 +430,10 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key, sd_size = ndr_size_security_descriptor(sd_store->sd, 0) + sizeof(SEC_DESC_BUF); - prs_init(&ps, sd_size, ctx, MARSHALL); + if ( !prs_init(&ps, sd_size, ctx, MARSHALL) ) { + DEBUG(0,("sec_desc_upg_fn: Failed to allocate prs memory for %s\n", key.dptr )); + return 0; + } if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) { DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr )); @@ -4551,7 +4553,7 @@ static bool convert_driver_init( TALLOC_CTX *ctx, NT_DEVICEMODE *nt_devmode, uin ZERO_STRUCT(devmode); - prs_init(&ps, 0, ctx, UNMARSHALL); + prs_init_empty(&ps, ctx, UNMARSHALL); ps.data_p = (char *)data; ps.buffer_size = data_len; @@ -5396,9 +5398,13 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr) /* Store the security descriptor in a tdb */ - prs_init(&ps, - (uint32)ndr_size_security_descriptor(new_secdesc_ctr->sd, 0) - + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL); + if (!prs_init(&ps, + (uint32)ndr_size_security_descriptor(new_secdesc_ctr->sd, 0) + + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL) ) { + status = WERR_NOMEM; + goto out; + } + prs_init_done = true; @@ -5546,8 +5552,9 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s /* Save default security descriptor for later */ - prs_init(&ps, (uint32)ndr_size_security_descriptor((*secdesc_ctr)->sd, 0) + - sizeof(SEC_DESC_BUF), ctx, MARSHALL); + if (!prs_init(&ps, (uint32)ndr_size_security_descriptor((*secdesc_ctr)->sd, 0) + + sizeof(SEC_DESC_BUF), ctx, MARSHALL)) + return False; if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) { tdb_prs_store(tdb_printers, kbuf, &ps); diff --git a/source/registry/reg_backend_printing.c b/source/registry/reg_backend_printing.c index a4da103..582989d 100644 --- a/source/registry/reg_backend_printing.c +++ b/source/registry/reg_backend_printing.c @@ -443,7 +443,8 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR * /* use a prs_struct for converting the devmode and security descriptor to REG_BINARY */ - prs_init( &prs, RPC_MAX_PDU_FRAG_LEN, values, MARSHALL); + if (!prs_init( &prs, RPC_MAX_PDU_FRAG_LEN, values, MARSHALL)) + return; /* stream the device mode */ diff --git a/source/registry/regfio.c b/source/registry/regfio.c index 1c3aad7..9eb2c58 100644 --- a/source/registry/regfio.c +++ b/source/registry/regfio.c @@ -123,7 +123,10 @@ static int read_block( REGF_FILE *file, prs_struct *ps, uint32 file_offset, uint return -1; } - prs_init( ps, block_size, file->mem_ctx, UNMARSHALL ); + if (!prs_init( ps, block_size, file->mem_ctx, UNMARSHALL )) { + DEBUG(0,("read_block: prs_init() failed! (%s)\n", strerror(errno) )); + return -1; + } buffer = prs_data_p( ps ); bytes_read = returned = 0; diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index c89c553..1fd06f8 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -683,7 +683,7 @@ static NTSTATUS cli_pipe_reset_current_pdu(struct rpc_pipe_client *cli, RPC_HDR /* Common case. */ if (current_pdu_len == (uint32)prhdr->frag_len) { prs_mem_free(current_pdu); - prs_init(current_pdu, 0, prs_get_mem_context(current_pdu), UNMARSHALL); + prs_init_empty(current_pdu, prs_get_mem_context(current_pdu), UNMARSHALL); /* Make current_pdu dynamic with no memory. */ prs_give_memory(current_pdu, 0, 0, True); return NT_STATUS_OK; @@ -757,7 +757,7 @@ static NTSTATUS rpc_api_pipe(struct rpc_pipe_client *cli, #endif /* Set up the current pdu parse struct. */ - prs_init(¤t_pdu, 0, prs_get_mem_context(rbuf), UNMARSHALL); + prs_init_empty(¤t_pdu, prs_get_mem_context(rbuf), UNMARSHALL); /* Create setup parameters - must be in native byte order. */ setup[0] = TRANSACT_DCERPCCMD; @@ -1183,7 +1183,8 @@ static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli, NTSTATUS ret = NT_STATUS_OK; ZERO_STRUCT(hdr_auth); - prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL); + if (!prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL)) + return NT_STATUS_NO_MEMORY; switch (auth_type) { case PIPE_AUTH_TYPE_SCHANNEL: @@ -1468,7 +1469,8 @@ NTSTATUS rpc_api_pipe_req(struct rpc_pipe_client *cli, return NT_STATUS_INVALID_PARAMETER; } - prs_init(&outgoing_pdu, cli->max_xmit_frag, prs_get_mem_context(in_data), MARSHALL); + if (!prs_init(&outgoing_pdu, cli->max_xmit_frag, prs_get_mem_context(in_data), MARSHALL)) + return NT_STATUS_NO_MEMORY; while (1) { RPC_HDR hdr; @@ -1811,7 +1813,7 @@ static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli, return nt_status; } - prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL); + prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL); nt_status = create_rpc_bind_auth3(cli, rpc_call_id, auth_type, auth_level, @@ -1865,7 +1867,8 @@ static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id, NTSTATUS ret = NT_STATUS_OK; ZERO_STRUCT(hdr_auth); - prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL); + if (!prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL)) + return NT_STATUS_NO_MEMORY; /* We may change the pad length before marshalling. */ init_rpc_hdr_auth(&hdr_auth, RPC_SPNEGO_AUTH_TYPE, (int)auth_level, 0, 1); @@ -1958,7 +1961,7 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli, tmp_blob = data_blob_null; /* Ensure it's safe to free this just in case. */ /* Now prepare the alter context pdu. */ - prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL); + prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL); nt_status = create_rpc_alter_context(rpc_call_id, abstract, @@ -1976,7 +1979,7 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli, /* Initialize the returning data struct. */ prs_mem_free(rbuf); - prs_init(rbuf, 0, cli->mem_ctx, UNMARSHALL); + prs_init_empty(rbuf, cli->mem_ctx, UNMARSHALL); nt_status = rpc_api_pipe(cli, &rpc_out, rbuf, RPC_ALTCONTRESP); if (!NT_STATUS_IS_OK(nt_status)) { @@ -2049,7 +2052,7 @@ static NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli, return NT_STATUS_INVALID_PARAMETER; } - prs_init(&rpc_out, 0, cli->mem_ctx, MARSHALL); + prs_init_empty(&rpc_out, cli->mem_ctx, MARSHALL); rpc_call_id = get_rpc_call_id(); @@ -2065,7 +2068,7 @@ static NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli, } /* Initialize the incoming data struct. */ - prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); + prs_init_empty(&rbuf, cli->mem_ctx, UNMARSHALL); /* send data on \PIPE\. receive a response */ status = rpc_api_pipe(cli, &rpc_out, &rbuf, RPC_BINDACK); diff --git a/source/rpc_client/ndr.c b/source/rpc_client/ndr.c index a64ead8..ae705b3 100644 --- a/source/rpc_client/ndr.c +++ b/source/rpc_client/ndr.c @@ -58,10 +58,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli, talloc_free(push); - if (!prs_init( &r_ps, 0, mem_ctx, UNMARSHALL )) { - prs_mem_free( &q_ps ); - return NT_STATUS_NO_MEMORY; - } + prs_init_empty( &r_ps, mem_ctx, UNMARSHALL ); status = rpc_api_pipe_req(cli, opnum, &q_ps, &r_ps); diff --git a/source/rpc_parse/parse_buffer.c b/source/rpc_parse/parse_buffer.c index e98822d..9a68e54 100644 --- a/source/rpc_parse/parse_buffer.c +++ b/source/rpc_parse/parse_buffer.c @@ -34,8 +34,10 @@ void rpcbuf_init(RPC_BUFFER *buffer, uint32 size, TALLOC_CTX *ctx) { buffer->size = size; buffer->string_at_end = size; - prs_init(&buffer->prs, size, ctx, MARSHALL); - buffer->struct_start = prs_offset(&buffer->prs); + if (prs_init(&buffer->prs, size, ctx, MARSHALL)) + buffer->struct_start = prs_offset(&buffer->prs); + else + buffer->struct_start = NULL; } /******************************************************************* diff --git a/source/rpc_parse/parse_misc.c b/source/rpc_parse/parse_misc.c index 418f857..3850c44 100644 --- a/source/rpc_parse/parse_misc.c +++ b/source/rpc_parse/parse_misc.c @@ -285,7 +285,8 @@ bool smb_io_strhdr(const char *desc, STRHDR *hdr, prs_struct *ps, int depth) prs_debug(ps, depth, desc, "smb_io_strhdr"); depth++; - prs_align(ps); + if(!prs_align(ps)) + return False; if(!prs_uint16("str_str_len", ps, depth, &hdr->str_str_len)) return False; @@ -1761,10 +1762,14 @@ bool smb_io_bufhdr2(const char *desc, BUFHDR2 *hdr, prs_struct *ps, int depth) prs_debug(ps, depth, desc, "smb_io_bufhdr2"); depth++; - prs_align(ps); - prs_uint32("info_level", ps, depth, &(hdr->info_level)); - prs_uint32("length ", ps, depth, &(hdr->length )); - prs_uint32("buffer ", ps, depth, &(hdr->buffer )); + if (!prs_align(ps)) + return False; + if (!prs_uint32("info_level", ps, depth, &(hdr->info_level))) + return False; + if (!prs_uint32("length ", ps, depth, &(hdr->length ))) + return False; + if (!prs_uint32("buffer ", ps, depth, &(hdr->buffer ))) + return False; return True; } @@ -1777,9 +1782,12 @@ bool smb_io_bufhdr4(const char *desc, BUFHDR4 *hdr, prs_struct *ps, int depth) prs_debug(ps, depth, desc, "smb_io_bufhdr4"); depth++; - prs_align(ps); - prs_uint32("size", ps, depth, &hdr->size); - prs_uint32("buffer", ps, depth, &hdr->buffer); + if (!prs_align(ps)) + return False; + if (!prs_uint32("size", ps, depth, &hdr->size)) + return False; + if (!prs_uint32("buffer", ps, depth, &hdr->buffer)) + return False; return True; } @@ -1793,7 +1801,8 @@ bool smb_io_rpc_blob(const char *desc, RPC_DATA_BLOB *blob, prs_struct *ps, int prs_debug(ps, depth, desc, "smb_io_rpc_blob"); depth++; - prs_align(ps); + if (!prs_align(ps)) + return False; if ( !prs_uint32("buf_len", ps, depth, &blob->buf_len) ) return False; diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c index 638d71a..072132f 100644 --- a/source/rpc_parse/parse_prs.c -- Samba Shared Repository