The branch, v3-5-test has been updated via 80e6523... Fix bug #7617 - smbd coredump due to uninitialized variables in the performance counter code. from 1793994... s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the secure channel.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log ----------------------------------------------------------------- commit 80e65236158d6f1690bf9f153c0eb12d81d56b8a Author: Jeremy Allison <j...@samba.org> Date: Thu Aug 12 14:24:01 2010 -0700 Fix bug #7617 - smbd coredump due to uninitialized variables in the performance counter code. In the file rpc_server.c, function _winreg_QueryValue() uint8_t *outbuf Should be : uint8_t *outbuf = NULL; As it is later freed by if (free_buf) SAFE_FREE(outbuf); in some cases, this frees the unintialized outbuf, which causes a coredump. (cherry picked from commit 84fd910c347ddfad6f01edbe7f6e25546c8382ee) ----------------------------------------------------------------------- Summary of changes: source3/rpc_server/srv_winreg_nt.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 04c9c8c..e840a8f 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -220,8 +220,8 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle ); prs_struct prs_hkpd; - uint8_t *outbuf; - uint32_t outbuf_size; + uint8_t *outbuf = NULL; + uint32_t outbuf_size = 0; DATA_BLOB val_blob; bool free_buf = False; -- Samba Shared Repository