[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-14-g8d1b819

Fri, 19 Jun 2009 07:29:39 -0700 

The branch, master has been updated
       via  8d1b81926d95f149936f3eb0a50355707d6c8bfa (commit)
      from  4ad43a21344b43f1c9fe459165098bcab1695711 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8d1b81926d95f149936f3eb0a50355707d6c8bfa
Author: Volker Lendecke <v...@samba.org>
Date:   Fri Jun 19 16:00:23 2009 +0200

    Fix Coverity IDs 922 and 933
    
    In copy_internals(), if the !CAN_WRITE(conn) kicks in, we end up
    dereferencing a NULL smb_filename.
    
    This adds a simple protection around it.
    
    Tim, please check!
    
    Volker

-----------------------------------------------------------------------

Summary of changes:
 source3/include/proto.h |    2 +-
 source3/smbd/filename.c |    7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 74406fd..ffd2858 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6372,7 +6372,7 @@ NTSTATUS create_synthetic_smb_fname_split(TALLOC_CTX *ctx,
                                          const char *fname,
                                          SMB_STRUCT_STAT *psbuf,
                                          struct smb_filename **smb_fname_out);
-char *smb_fname_str_dbg(const struct smb_filename *smb_fname);
+const char *smb_fname_str_dbg(const struct smb_filename *smb_fname);
 NTSTATUS copy_smb_filename(TALLOC_CTX *ctx,
                           const struct smb_filename *smb_fname_in,
                           struct smb_filename **smb_fname_out);
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e1e5454..9854407 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -164,14 +164,17 @@ NTSTATUS create_synthetic_smb_fname_split(TALLOC_CTX *ctx,
 /**
  * Return a string using the debug_ctx()
  */
-char *smb_fname_str_dbg(const struct smb_filename *smb_fname)
+const char *smb_fname_str_dbg(const struct smb_filename *smb_fname)
 {
        char *fname = NULL;
        NTSTATUS status;
 
+       if (smb_fname == NULL) {
+               return "";
+       }
        status = get_full_smb_filename(debug_ctx(), smb_fname, &fname);
        if (!NT_STATUS_IS_OK(status)) {
-               fname = talloc_strdup(debug_ctx(), "");
+               return "";
        }
        return fname;
 }


-- 
Samba Shared Repository

Reply via email to