From e6676a9a6928deb03c2a43a66c1245dd05d03e71 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Mar 2006 17:21:30 +0000 Subject: [PATCH] r14387: Try and fix the coverity issues (#53, #54) with negative sink by ensuring all uses of rpcstr_push are consistent with a size_t dest size arg. Jeremy. (This used to be commit f65d7afe1977d9d85046732842f9643716c15088) --- source3/lib/util_unistr.c | 4 ++-- source3/libmsrpc/libmsrpc_internal.c | 3 +-- source3/rpc_parse/parse_misc.c | 2 +- source3/rpc_server/srv_spoolss_nt.c | 2 +- source3/smbd/msdfs.c | 8 ++++---- source3/smbd/trans2.c | 4 ++-- 6 files changed, 11 insertions(+), 12 deletions(-) diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index 892782b181c..9713c0ccb73 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -229,7 +229,7 @@ void init_valid_table(void) null termination if applied ********************************************************************/ -size_t dos_PutUniCode(char *dst,const char *src, ssize_t len, BOOL null_terminate) +size_t dos_PutUniCode(char *dst,const char *src, size_t len, BOOL null_terminate) { int flags = null_terminate ? STR_UNICODE|STR_NOALIGN|STR_TERMINATE : STR_UNICODE|STR_NOALIGN; @@ -308,7 +308,7 @@ char *rpcstr_pull_unistr2_talloc(TALLOC_CTX *mem_ctx, const UNISTR2 *src) /* Converts a string from internal samba format to unicode */ -int rpcstr_push(void* dest, const char *src, int dest_len, int flags) +int rpcstr_push(void* dest, const char *src, size_t dest_len, int flags) { return push_ucs2(NULL, dest, src, dest_len, flags|STR_UNICODE|STR_NOALIGN); } diff --git a/source3/libmsrpc/libmsrpc_internal.c b/source3/libmsrpc/libmsrpc_internal.c index ac61424e70b..f57063dc42e 100644 --- a/source3/libmsrpc/libmsrpc_internal.c +++ b/source3/libmsrpc/libmsrpc_internal.c @@ -100,7 +100,6 @@ RPC_DATA_BLOB *cac_MakeRpcDataBlob(TALLOC_CTX *mem_ctx, uint32 data_type, REG_VA RPC_DATA_BLOB *blob = NULL; int i; uint32 size = 0; - uint32 len = 0; uint8 *multi = NULL; uint32 multi_idx = 0; @@ -149,7 +148,7 @@ RPC_DATA_BLOB *cac_MakeRpcDataBlob(TALLOC_CTX *mem_ctx, uint32 data_type, REG_VA /*do it using rpcstr_push()*/ multi_idx = 0; for(i = 0; i < data.reg_multi_sz.num_strings; i++) { - len = strlen(data.reg_multi_sz.strings[i]) + 1; + size_t len = strlen(data.reg_multi_sz.strings[i]) + 1; rpcstr_push((multi + multi_idx), data.reg_multi_sz.strings[i], len * 2, STR_TERMINATE); diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 8f5ca273655..037764e1382 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -597,7 +597,7 @@ void init_rpc_blob_str(RPC_DATA_BLOB *str, const char *buf, int len) /* set up string lengths. */ str->buf_len = create_rpc_blob(str, len*2); - rpcstr_push(str->buffer, buf, str->buf_len, STR_TERMINATE); + rpcstr_push(str->buffer, buf, (size_t)str->buf_len, STR_TERMINATE); } diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 9fd51c9e273..38d28279560 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -8013,7 +8013,7 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S goto done; } - *out_value_len = (uint32)rpcstr_push((char *)*out_value, regval_name(val), in_value_len, 0); + *out_value_len = (uint32)rpcstr_push((char *)*out_value, regval_name(val), (size_t)in_value_len, 0); /* type */ diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 257a6105c5d..4606441c3a9 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -609,7 +609,7 @@ static int setup_ver2_dfs_referral(char *pathname, char **ppdata, DEBUG(10,("setting up version2 referral\nRequested path:\n")); - requestedpathlen = rpcstr_push(uni_requestedpath, pathname, -1, + requestedpathlen = rpcstr_push(uni_requestedpath, pathname, sizeof(pstring), STR_TERMINATE); if (DEBUGLVL(10)) { @@ -680,7 +680,7 @@ static int setup_ver2_dfs_referral(char *pathname, char **ppdata, SSVAL(pdata,offset+18,uni_reqpathoffset2-offset); /* copy referred path into current offset */ unilen = rpcstr_push(pdata+uni_curroffset, ref->alternate_path, - (size_t)-1, STR_UNICODE); + sizeof(pstring), STR_UNICODE); SSVAL(pdata,offset+20,uni_curroffset-offset); @@ -709,7 +709,7 @@ static int setup_ver3_dfs_referral(char *pathname, char **ppdata, DEBUG(10,("setting up version3 referral\n")); - reqpathlen = rpcstr_push(uni_reqpath, pathname, (size_t)-1, STR_TERMINATE); + reqpathlen = rpcstr_push(uni_reqpath, pathname, sizeof(pstring), STR_TERMINATE); if (DEBUGLVL(10)) { dump_data(0, (char *) uni_reqpath,reqpathlen); @@ -764,7 +764,7 @@ static int setup_ver3_dfs_referral(char *pathname, char **ppdata, SSVAL(pdata,offset+14,uni_reqpathoffset2-offset); /* copy referred path into current offset */ unilen = rpcstr_push(pdata+uni_curroffset,ref->alternate_path, - -1, STR_UNICODE | STR_TERMINATE); + sizeof(pstring), STR_UNICODE | STR_TERMINATE); SSVAL(pdata,offset+16,uni_curroffset-offset); /* copy 0x10 bytes of 00's in the ServiceSite GUID */ memset(pdata+offset+18,'\0',16); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 9cd2d44de5c..8429cd71491 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3221,7 +3221,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd /* Pathname with leading '\'. */ { size_t byte_len; - byte_len = dos_PutUniCode(pdata+4,dos_fname,max_data_bytes,False); + byte_len = dos_PutUniCode(pdata+4,dos_fname,(size_t)max_data_bytes,False); DEBUG(10,("call_trans2qfilepathinfo: SMB_FILE_NAME_INFORMATION\n")); SIVAL(pdata,0,byte_len); data_size = 4 + byte_len; @@ -3265,7 +3265,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd if (mode & aDIR) { data_size = 0; } else { - size_t byte_len = dos_PutUniCode(pdata+24,"::$DATA", 0xE, False); + size_t byte_len = dos_PutUniCode(pdata+24,"::$DATA", (size_t)0xE, False); SIVAL(pdata,0,0); /* ??? */ SIVAL(pdata,4,byte_len); /* Byte length of unicode string ::$DATA */ SOFF_T(pdata,8,file_size); -- 2.34.1