r22675: Simo's patch for 0 size allocation. Still need

to examine parse_misc.c fix.
Jeremy.
(This used to be commit 80d981265cd3bc9d73c5da3c514ec736e2dfa73a)

diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index a82e6b350b2c19c74ffa67aecf550eb1bc0c8139..47e8ec5aefac54c781f9515ce4efefae05677f54 100644 (file)
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -616,7 +616,7 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
        uid_to_sid(&owner_sid, sbuf.st_uid);
        gid_to_sid(&group_sid, sbuf.st_gid);
 
-       if (num_aces) {
+       if (afs_acl->num_aces) {
                nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
 
                if (nt_ace_list == NULL)

diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c
index 5222eba8f36b5eabb2811d9ff26a515c80238afd..73a30f608747f8a73e0f552363ded65f819ec9cf 100644 (file)
--- a/source3/nsswitch/idmap.c
+++ b/source3/nsswitch/idmap.c
@@ -1025,17 +1025,16 @@ static NTSTATUS idmap_backends_sids_to_unixids(struct id_map **ids)
        DEBUG(10, ("Query backends to map sids->ids\n"));
 
        /* split list per domain */
-
-       if (num_domains) {
-               dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
-               IDMAP_CHECK_ALLOC(dom_ids);
-               counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
-               IDMAP_CHECK_ALLOC(counters);
-       } else {
-               dom_ids = NULL;
-               counters = NULL;
+       if (num_domains == 0) {
+               DEBUG(1, ("No domains available?\n"));
+               return NT_STATUS_UNSUCCESSFUL;
        }
 
+       dom_ids = TALLOC_ZERO_ARRAY(ctx, struct id_map **, num_domains);
+       IDMAP_CHECK_ALLOC(dom_ids);
+       counters = TALLOC_ZERO_ARRAY(ctx, int, num_domains);
+       IDMAP_CHECK_ALLOC(counters);
+
        /* partition the requests by domain */
 
        for (i = 0; ids[i]; i++) {

diff --git a/source3/nsswitch/winbindd_async.c b/source3/nsswitch/winbindd_async.c
index a8a92c3caead17b9dcbf370b22b7735d40f35bf0..393479c63d3ec3fd0a5943a8220703b509ea281e 100644 (file)
--- a/source3/nsswitch/winbindd_async.c
+++ b/source3/nsswitch/winbindd_async.c
@@ -273,6 +273,11 @@ enum winbindd_result winbindd_dual_sids2xids(struct winbindd_domain *domain,
 
        DEBUG(3, ("[%5lu]: sids to unix ids\n", (unsigned long)state->pid));
 
+       if (state->request.extra_len == 0) {
+               DEBUG(0, ("Invalid buffer size!\n"));
+               return WINBINDD_ERROR;
+       }
+
        sids = (DOM_SID *)state->request.extra_data.data;
        num = state->request.extra_len / sizeof(DOM_SID);
 

diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c
index 2df27c2da5b51d2e822ea8739b8fd5e91c2b96e6..d183670f5fb3128a19be93988939bea78fbfb9eb 100644 (file)
--- a/source3/rpc_client/cli_svcctl.c
+++ b/source3/rpc_client/cli_svcctl.c
@@ -209,8 +209,12 @@ WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX
                return out.status;
                
        /* pull out the data */
-       if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) ) 
-               return WERR_NOMEM;
+       if (out.returned) {
+               if ( !(services = TALLOC_ARRAY( mem_ctx, ENUM_SERVICES_STATUS, out.returned )) ) 
+                       return WERR_NOMEM;
+       } else {
+               services = NULL;
+       }
                
        for ( i=0; i<out.returned; i++ ) {
                svcctl_io_enum_services_status( "", &services[i], &out.buffer, 0 );

diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index a85f0548bf119c00fdbbba020b0eea2850ae23c2..bde1ef81da4e6e57692dbe872f53a5964b527634 100644 (file)
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -825,7 +825,11 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p,
        *pp_mapped_count = 0;
        *pp_ref = NULL;
        *pp_names = NULL;
-       
+
+       if (num_sids == 0) {
+               return NT_STATUS_OK;
+       }
+
        names = TALLOC_ZERO_P(p->mem_ctx, LSA_TRANS_NAME_ENUM2);
        sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids);
        ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
@@ -845,12 +849,10 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p,
                return status;
        }
 
-       if (num_sids > 0) {
-               names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
-               names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
-               if ((names->name == NULL) || (names->uni_name == NULL)) {
-                       return NT_STATUS_NO_MEMORY;
-               }
+       names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME2, num_sids);
+       names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
+       if ((names->name == NULL) || (names->uni_name == NULL)) {
+               return NT_STATUS_NO_MEMORY;
        }
 
        for (i=0; i<MAX_REF_DOMAINS; i++) {