git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
226544f
)
s3: net: Harden act_val_hex() act_val_sz() against errors.
author
Jeremy Allison
<jra@samba.org>
Mon, 25 Mar 2019 18:13:24 +0000
(11:13 -0700)
committer
Andrew Bartlett
<abartlet@samba.org>
Wed, 15 May 2019 21:26:12 +0000
(21:26 +0000)
Found by Michael Hanselmann using fuzzing tools
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13842
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source3/registry/reg_parse.c
patch
|
blob
|
history
diff --git
a/source3/registry/reg_parse.c
b/source3/registry/reg_parse.c
index 3093e6acf76d178d0ca000813a477f5bb4801a7b..caf2a063b02fcde49c0d5b5b57baad6ec7db60ed 100644
(file)
--- a/
source3/registry/reg_parse.c
+++ b/
source3/registry/reg_parse.c
@@
-117,6
+117,7
@@
static bool act_val_hex(struct reg_parse* p, cbuf* value, bool cont)
cbuf_swapptr(p->valblob, &dst, dlen);
} else {
DEBUG(0, ("iconvert_talloc failed\n"));
+ return false;
}
talloc_free(dst);
}
@@
-166,6
+167,7
@@
static bool act_val_sz(struct reg_parse* p, cbuf* value, bool cont)
} else {
DEBUG(0, ("convert_string_talloc failed: >%s<\n"
"use it as is\t", src));
+ return false;
}
talloc_free(dst);