The branch, v3-6-test has been updated via 49f16f9... s3-spoolss: Make sure we convert a 4 byte value to uint32_t. (cherry picked from commit e9eb263391b2be16924b7e6ea935fdf44b1a0ead) via a9aceb2... s3-spoolss: Fixed setting driver version correctly. via d1e92cd... pidl: Samba3/ClientNDR - Correctly copy arrays, if r.out.size < r.in.size. via 429578c... s3-spoolss: Use the correct value for the data length. (cherry picked from commit 174a46837d728e67e8a8226db143f9018f5faf2d) via 24e88b5... s3-spoolss: Increased debug level for trace output. (cherry picked from commit e8d386704e4c126b979ffe6c8b588fb311cc2e34) via 2a00250... s3-spoolss: Fixed debug statements and increased level. (cherry picked from commit b2be8f2267a2fdee2d9fce6a100225eea8e7928b) from 034a6ef... s3: fail db_open_ctdb if ctdb is not around
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log ----------------------------------------------------------------- commit 49f16f9b4b914a4c6e2d0f9185b44d4f22188b5b Author: Andreas Schneider <a...@samba.org> Date: Fri Aug 6 13:49:37 2010 +0200 s3-spoolss: Make sure we convert a 4 byte value to uint32_t. (cherry picked from commit e9eb263391b2be16924b7e6ea935fdf44b1a0ead) commit a9aceb24238d5a954ff3a95ab614f27b1f8d08fd Author: Andreas Schneider <a...@samba.org> Date: Fri Aug 6 13:49:01 2010 +0200 s3-spoolss: Fixed setting driver version correctly. We are in a loop here, so setting tmp to 0 at the beginning of each iteration sets info8->version to 0 if we enumerate over another value. (cherry picked from commit 043c6f46583fac13588baf207582a08cfa802a28) commit d1e92cd2944983ecabd0511ff7c8221c1033a3a8 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Aug 5 10:04:57 2010 +0200 pidl: Samba3/ClientNDR - Correctly copy arrays, if r.out.size < r.in.size. metze Signed-off-by: Andreas Schneider <a...@samba.org> (cherry picked from commit 33d1879d5b50e2d98c1bb13b835e7cfb178e3336) commit 429578c3bdeb4e2d884f0bab24a778bc50c8e20f Author: Andreas Schneider <a...@samba.org> Date: Thu Aug 5 11:36:37 2010 +0200 s3-spoolss: Use the correct value for the data length. (cherry picked from commit 174a46837d728e67e8a8226db143f9018f5faf2d) commit 24e88b52b0bc61e1349d305a0d7904475ac988ca Author: Andreas Schneider <a...@samba.org> Date: Thu Jul 29 20:48:01 2010 +0200 s3-spoolss: Increased debug level for trace output. (cherry picked from commit e8d386704e4c126b979ffe6c8b588fb311cc2e34) commit 2a00250c135ec246e144291bea1b4ed70237336b Author: Andreas Schneider <a...@samba.org> Date: Thu Jul 29 20:45:07 2010 +0200 s3-spoolss: Fixed debug statements and increased level. (cherry picked from commit b2be8f2267a2fdee2d9fce6a100225eea8e7928b) ----------------------------------------------------------------------- Summary of changes: pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm | 56 ++++++++++++++++++++++++++----- source3/rpc_server/srv_spoolss_util.c | 21 +++++++----- 2 files changed, 59 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm index 68579d2..1738424 100644 --- a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm +++ b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm @@ -15,7 +15,7 @@ use strict; use Parse::Pidl qw(fatal warning error); use Parse::Pidl::Util qw(has_property ParseExpr); use Parse::Pidl::Samba4 qw(DeclLong); -use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv); +use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv); use vars qw($VERSION); $VERSION = '0.01'; @@ -71,12 +71,27 @@ sub HeaderProperties($$) } } -sub ParseOutputArgument($$$;$$) +sub ParseInvalidResponse($$) { - my ($self, $fn, $e, $r, $o) = @_; + my ($self, $type) = @_; + + if ($type eq "sync") { + $self->pidl("return NT_STATUS_INVALID_NETWORK_RESPONSE;"); + } elsif ($type eq "async") { + $self->pidl("tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);"); + $self->pidl("return;"); + } else { + die("ParseInvalidResponse($type)"); + } +} + +sub ParseOutputArgument($$$;$$$) +{ + my ($self, $fn, $e, $r, $o, $invalid_response_type) = @_; my $level = 0; $r = "r." unless defined($r); $o = "" unless defined($o); + $invalid_response_type = "sync" unless defined($invalid_response_type); if ($e->{LEVELS}[0]->{TYPE} ne "POINTER" and $e->{LEVELS}[0]->{TYPE} ne "ARRAY") { $self->pidl("return NT_STATUS_NOT_SUPPORTED;"); @@ -97,17 +112,37 @@ sub ParseOutputArgument($$$;$$) # Since the data is being copied into a user-provided data # structure, the user should be able to know the size beforehand # to allocate a structure of the right size. - my $env = GenerateFunctionInEnv($fn, $r); + my $in_env = GenerateFunctionInEnv($fn, $r); + my $out_env = GenerateFunctionOutEnv($fn, $r); my $l = $e->{LEVELS}[$level]; unless (defined($l->{SIZE_IS})) { - error($e->{ORIGINAL}, "no size known for [out] array `$e->{NAME}'"); $self->pidl('#error No size known for [out] array `$e->{NAME}'); + error($e->{ORIGINAL}, "no size known for [out] array `$e->{NAME}'"); } else { - my $size_is = ParseExpr($l->{SIZE_IS}, $env, $e->{ORIGINAL}); + my $in_size_is = ParseExpr($l->{SIZE_IS}, $in_env, $e->{ORIGINAL}); + my $out_size_is = ParseExpr($l->{SIZE_IS}, $out_env, $e->{ORIGINAL}); + my $out_length_is = $out_size_is; + if (defined($l->{LENGTH_IS})) { + $out_length_is = ParseExpr($l->{LENGTH_IS}, $out_env, $e->{ORIGINAL}); + } + if ($out_size_is ne $in_size_is) { + $self->pidl("if (($out_size_is) > ($in_size_is)) {"); + $self->indent; + $self->ParseInvalidResponse($invalid_response_type); + $self->deindent; + $self->pidl("}"); + } + if ($out_length_is ne $out_size_is) { + $self->pidl("if (($out_length_is) > ($out_size_is)) {"); + $self->indent; + $self->ParseInvalidResponse($invalid_response_type); + $self->deindent; + $self->pidl("}"); + } if (has_property($e, "charset")) { - $self->pidl("memcpy(discard_const_p(uint8_t *, $o$e->{NAME}), ${r}out.$e->{NAME}, ($size_is) * sizeof(*$o$e->{NAME}));"); + $self->pidl("memcpy(discard_const_p(uint8_t *, $o$e->{NAME}), ${r}out.$e->{NAME}, ($out_length_is) * sizeof(*$o$e->{NAME}));"); } else { - $self->pidl("memcpy($o$e->{NAME}, ${r}out.$e->{NAME}, ($size_is) * sizeof(*$o$e->{NAME}));"); + $self->pidl("memcpy($o$e->{NAME}, ${r}out.$e->{NAME}, ($out_length_is) * sizeof(*$o$e->{NAME}));"); } } } else { @@ -281,7 +316,10 @@ sub ParseFunctionAsyncDone($$$) foreach my $e (@{$fn->{ELEMENTS}}) { next unless (grep(/out/, @{$e->{DIRECTION}})); - $self->ParseOutputArgument($fn, $e, "state->tmp.", "state->orig.out."); + $self->ParseOutputArgument($fn, $e, + "state->tmp.", + "state->orig.out.", + "async"); } $self->pidl(""); diff --git a/source3/rpc_server/srv_spoolss_util.c b/source3/rpc_server/srv_spoolss_util.c index 887d79b..f8b29fc 100644 --- a/source3/rpc_server/srv_spoolss_util.c +++ b/source3/rpc_server/srv_spoolss_util.c @@ -499,7 +499,7 @@ static WERROR winreg_printer_enumvalues(TALLOC_CTX *mem_ctx, val.value_name_len = strlen_m_term(val.value_name) * 2; val.type = type; - val.data_length = data_size; + val.data_length = length; val.data = NULL; if (val.data_length) { val.data = talloc(enum_values, DATA_BLOB); @@ -507,7 +507,7 @@ static WERROR winreg_printer_enumvalues(TALLOC_CTX *mem_ctx, result = WERR_NOMEM; goto error; } - *val.data = data_blob_talloc(enum_values, data, data_size); + *val.data = data_blob_talloc(val.data, data, val.data_length); } enum_values[i] = val; @@ -908,7 +908,7 @@ static WERROR winreg_printer_query_binary(TALLOC_CTX *mem_ctx, &value_len, &result); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("winreg_printer_query_dword: Could not query value %s: %s\n", + DEBUG(2, ("winreg_printer_query_binary: Could not query value %s: %s\n", wvalue.name, nt_errstr(status))); if (!W_ERROR_IS_OK(result)) { goto done; @@ -938,7 +938,7 @@ static WERROR winreg_printer_query_binary(TALLOC_CTX *mem_ctx, &value_len, &result); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("winreg_printer_query_dword: Could not query value %s: %s\n", + DEBUG(2, ("winreg_printer_query_binary: Could not query value %s: %s\n", wvalue.name, nt_errstr(status))); if (!W_ERROR_IS_OK(result)) { result = ntstatus_to_werror(status); @@ -979,7 +979,7 @@ static WERROR winreg_printer_query_dword(TALLOC_CTX *mem_ctx, &value_len, &result); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("winreg_printer_query_dword: Could not query value %s: %s\n", + DEBUG(2, ("winreg_printer_query_dword: Could not query value %s: %s\n", wvalue.name, nt_errstr(status))); if (!W_ERROR_IS_OK(result)) { goto done; @@ -1015,7 +1015,7 @@ static WERROR winreg_printer_query_dword(TALLOC_CTX *mem_ctx, &value_len, &result); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("winreg_printer_query_dword: Could not query value %s: %s\n", + DEBUG(2, ("winreg_printer_query_dword: Could not query value %s: %s\n", wvalue.name, nt_errstr(status))); if (!W_ERROR_IS_OK(result)) { result = ntstatus_to_werror(status); @@ -1110,7 +1110,7 @@ static WERROR winreg_enumval_to_dword(TALLOC_CTX *mem_ctx, return WERR_INVALID_DATATYPE; } - if (v->data_length == 0) { + if (v->data_length != 4) { *dw = 0; return WERR_OK; } @@ -3152,7 +3152,8 @@ WERROR winreg_printer_get_changeid(TALLOC_CTX *mem_ctx, goto done; } - DEBUG(0, ("winreg_printer_get_changeid: get changeid from %s\n", path)); + DEBUG(10, ("winreg_printer_get_changeid: get changeid from %s\n", path)); + result = winreg_printer_query_dword(tmp_ctx, winreg_pipe, &key_hnd, @@ -4052,8 +4053,10 @@ WERROR winreg_get_driver(TALLOC_CTX *mem_ctx, result = winreg_enumval_to_dword(info8, v, "Version", &tmp); + if (NT_STATUS_IS_OK(result)) { + info8->version = (enum spoolss_DriverOSVersion) tmp; + } CHECK_ERROR(result); - info8->version = tmp; result = winreg_enumval_to_sz(info8, v, "Driver", -- Samba Shared Repository