librpc/ndr: don't overwrite the content in ndr_push_relative_ptr2_end()

author Stefan Metzmacher <metze@samba.org>

Fri, 19 Feb 2010 07:11:24 +0000 (08:11 +0100)

committer Stefan Metzmacher <metze@samba.org>

Fri, 19 Feb 2010 07:12:42 +0000 (08:12 +0100)
author Stefan Metzmacher <metze@samba.org>
Fri, 19 Feb 2010 07:11:24 +0000 (08:11 +0100)
committer Stefan Metzmacher <metze@samba.org>
Fri, 19 Feb 2010 07:12:42 +0000 (08:12 +0100)
diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c

index b6110d52b4b9d86b21dfb1216291fed0b9091573..4d763e0eadd9743ab84ab275f22e198c4366ec65 100644 (file)
--- a/librpc/ndr/ndr.c
+++ b/librpc/ndr/ndr.c
@@ -1253,11 +1253,17 @@ _PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2_end(struct ndr_push *ndr, cons
         }
  
         if (len > 0) {
+               uint32_t clear_size = correct_offset - begin_offset;
+
+               clear_size = MIN(clear_size, len);
+
                 /* now move the marshalled buffer to the end of the main buffer */
                 memmove(ndr->data + correct_offset, ndr->data + begin_offset, len);
  
-               /* and wipe out old buffer within the main buffer */
-               memset(ndr->data + begin_offset, '\0', len);
+               if (clear_size) {
+                       /* and wipe out old buffer within the main buffer */
+                       memset(ndr->data + begin_offset, '\0', clear_size);
+               }
         }
  
         /* and set the end offset for the next buffer */
author	Stefan Metzmacher <metze@samba.org>
	Fri, 19 Feb 2010 07:11:24 +0000 (08:11 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 19 Feb 2010 07:12:42 +0000 (08:12 +0100)