The branch, master has been updated
via eeb05bf... s4:winreg RPC - don't crash when incoming data wasn't
correctly specified
via bb507d1... s4:lib/registry/ldb.c - fix up registry backend to be
more robust
from 41be390... Fix the shell script in the root case. When run as root,
make test now detects CAP_DAC_OVERRIDE being left on in error.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit eeb05bf746b0eeeba94fe51180e0ebf855c6967a
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Wed Mar 10 09:22:42 2010 +0100
s4:winreg RPC - don't crash when incoming data wasn't correctly specified
Also found by the WINREG torture test enhancements by gd.
commit bb507d1d49917fcdeebb8fc3c40b6fabf4055b7d
Author: Matthias Dieter Wallnöfer <mwallnoe...@yahoo.de>
Date: Wed Mar 10 09:10:53 2010 +0100
s4:lib/registry/ldb.c - fix up registry backend to be more robust
This should let the new WINREG tests written by gd at least pass against us.
-----------------------------------------------------------------------
Summary of changes:
source4/lib/registry/ldb.c | 14 +++++---------
source4/rpc_server/winreg/rpc_winreg.c | 10 ++++++++--
2 files changed, 13 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/registry/ldb.c b/source4/lib/registry/ldb.c
index 12722c9..a27c94e 100644
--- a/source4/lib/registry/ldb.c
+++ b/source4/lib/registry/ldb.c
@@ -183,11 +183,7 @@ static struct ldb_dn *reg_path_to_ldb(TALLOC_CTX *mem_ctx,
local_ctx = talloc_new(mem_ctx);
- if (add) {
- ret = ldb_dn_new(mem_ctx, ldb, add);
- } else {
- ret = ldb_dn_new(mem_ctx, ldb, NULL);
- }
+ ret = ldb_dn_new(mem_ctx, ldb, add);
if (!ldb_dn_validate(ret)) {
talloc_free(ret);
talloc_free(local_ctx);
@@ -202,7 +198,7 @@ static struct ldb_dn *reg_path_to_ldb(TALLOC_CTX *mem_ctx,
if (begin) keyname = begin + 1;
else keyname = mypath;
- if(strlen(keyname)) {
+ if (keyname[0] != '\0') {
if (!ldb_dn_add_base_fmt(ret, "key=%s",
reg_ldb_escape(local_ctx,
keyname)))
@@ -373,7 +369,7 @@ static WERROR ldb_get_value(TALLOC_CTX *mem_ctx, struct
hive_key *k,
int ret;
char *query;
- if (strlen(name) == 0) {
+ if ((name == NULL) || (name[0] == '\0')) {
/* default value */
return ldb_get_default_value(mem_ctx, k, NULL, data_type, data);
} else {
@@ -531,7 +527,7 @@ static WERROR ldb_del_value (struct hive_key *key, const
char *child)
struct ldb_message *msg;
struct ldb_dn *childdn;
- if (strlen(child) == 0) {
+ if ((child == NULL) || (child[0] == '\0')) {
/* default value */
mem_ctx = talloc_init("ldb_del_value");
@@ -707,7 +703,7 @@ static WERROR ldb_set_value(struct hive_key *parent,
msg = reg_ldb_pack_value(kd->ldb, mem_ctx, name, type, data);
msg->dn = ldb_dn_copy(msg, kd->dn);
- if (name[0] != '\0') {
+ if ((name != NULL) && (name[0] != '\0')) {
/* For a default value, we add/overwrite the attributes to/of
the hive.
For a normal value, we create a new child. */
if (!ldb_dn_add_child_fmt(msg->dn, "value=%s",
diff --git a/source4/rpc_server/winreg/rpc_winreg.c
b/source4/rpc_server/winreg/rpc_winreg.c
index 13c311c..c12c0c5 100644
--- a/source4/rpc_server/winreg/rpc_winreg.c
+++ b/source4/rpc_server/winreg/rpc_winreg.c
@@ -496,9 +496,15 @@ static WERROR dcesrv_winreg_QueryValue(struct
dcesrv_call_state *dce_call,
if (!W_ERROR_IS_OK(result)) {
/* if the lookup wasn't successful, send client query
back */
- value_type = *r->in.type;
+ value_type = 0;
+ if (r->in.type != NULL) {
+ value_type = *r->in.type;
+ }
value_data.data = r->in.data;
- value_data.length = *r->in.data_length;
+ value_data.length = 0;
+ if (r->in.data_length != NULL) {
+ value_data.length = *r->in.data_length;
+ }
}
r->out.type = talloc(mem_ctx, uint32_t);
--
Samba Shared Repository
