Coverity fixes
authorMarc VanHeyningen <marc.vanheyningen@isilon.com>
Fri, 14 Mar 2008 22:26:28 +0000 (14:26 -0800)
committerVolker Lendecke <vl@samba.org>
Mon, 17 Mar 2008 19:52:25 +0000 (20:52 +0100)
27 files changed:
source/client/client.c
source/include/rpc_client.h
source/lib/sock_exec.c
source/libads/kerberos.c
source/libads/krb5_setpw.c
source/libads/ldap.c
source/nsswitch/wins.c
source/passdb/pdb_ldap.c
source/passdb/pdb_smbpasswd.c
source/printing/nt_printing.c
source/registry/reg_backend_printing.c
source/registry/regfio.c
source/rpc_client/cli_pipe.c
source/rpc_client/ndr.c
source/rpc_parse/parse_buffer.c
source/rpc_parse/parse_misc.c
source/rpc_parse/parse_prs.c
source/rpc_server/srv_pipe.c
source/rpc_server/srv_pipe_hnd.c
source/rpc_server/srv_spoolss_nt.c
source/rpc_server/srv_winreg_nt.c
source/services/services_db.c
source/smbd/notify.c
source/smbd/uid.c
source/utils/net_rpc.c
source/utils/rpccheck.c
source/utils/smbget.c

index a285bccfe746ebd6b1bdbf3c3dcee6034b6cb9e6..0b4438d6b2e1bb4dd0a4ebb0bc9ed1872fc8bb27 100644 (file)
@@ -4899,7 +4899,10 @@ static int do_message_op(void)
        }
 
        smb_encrypt = get_cmdline_auth_info_smb_encrypt();
-       init_names();
+       if (!init_names()) {
+               fprintf(stderr, "init_names() failed\n");
+               exit(1);
+       }
 
        if(new_name_resolve_order)
                lp_set_name_resolve_order(new_name_resolve_order);
index e1ebb2509d9135d13cbdb50f14ccd47169e3f29f..c552271ee76ef1d331e77cee617088e5c7b8f248 100644 (file)
@@ -36,6 +36,8 @@
 #include "librpc/gen_ndr/cli_dssetup.h"
 #include "librpc/gen_ndr/cli_ntsvcs.h"
 
+#define prs_init_empty( _ps_, _ctx_, _io_ ) (void) prs_init((_ps_), 0, (_ctx_), (_io_))
+
 /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */
 
 #define CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \
        if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
                return NT_STATUS_NO_MEMORY;\
        }\
-       if (!prs_init( &r_ps, 0, ctx, UNMARSHALL )) {\
-               prs_mem_free( &q_ps );\
-               return NT_STATUS_NO_MEMORY;\
-       }\
+       prs_init_empty( &r_ps, ctx, UNMARSHALL );\
        if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\
        if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
                NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
        if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \
                return WERR_NOMEM;\
        }\
-       if (!prs_init( &r_ps, 0, ctx, UNMARSHALL )) {\
-               prs_mem_free( &q_ps );\
-               return WERR_NOMEM;\
-       }\
+       prs_init_empty( &r_ps, ctx, UNMARSHALL );\
        if ( q_io_fn("", &q_in, &q_ps, 0) ) {\
                NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \
                if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\
index 278a174663aedc63b3607e7131f30956cd01099b..2333d7c73968ed7014ccb73def0511eef67cf442 100644 (file)
@@ -48,7 +48,7 @@ static int socketpair_tcp(int fd[2])
 #endif
         sock2.sin_family = PF_INET;
 
-        bind(listener, (struct sockaddr *)&sock2, sizeof(sock2));
+        if (bind(listener, (struct sockaddr *)&sock2, sizeof(sock2)) != 0) goto failed;
 
        if (listen(listener, 1) != 0) goto failed;
 
index ee25fb5551709276021bd6ed1f4edd15f594f21b..66f203b12d3d98d75ecf8c68ea7fbcfe778b6b67 100644 (file)
@@ -606,9 +606,11 @@ bool kerberos_secrets_store_salting_principal(const char *service,
        krb5_principal princ = NULL;
        char *princ_s = NULL;
        char *unparsed_name = NULL;
+       krb5_error_code code;
 
-       krb5_init_context(&context);
-       if (!context) {
+       if (((code = krb5_init_context(&context)) != 0) || (context == NULL)) {
+               DEBUG(5, ("kerberos_secrets_store_salting_pricipal: kdb5_init_context failed: %s\n",
+                         error_message(code)));
                return False;
        }
        if (strchr_m(service, '@')) {
index 852251a47696b88fc5bef58d350bb1a4118c8164..719f3bd3ecf16dada423f61db78173de18c2eb01 100644 (file)
@@ -438,10 +438,21 @@ static ADS_STATUS do_krb5_kpasswd_request(krb5_context context,
                        return ADS_ERROR_SYSTEM(rc);
                }
                addr_len = sizeof(remote_addr);
-               getpeername(sock, (struct sockaddr *)&remote_addr, &addr_len);
+               if (getpeername(sock, (struct sockaddr *)&remote_addr, &addr_len) != 0) {
+                       close(sock);
+                       SAFE_FREE(ap_req.data);
+                       krb5_auth_con_free(context, auth_context);
+                       DEBUG(1,("getpeername() failed (%s)\n", error_message(errno)));
+                       return ADS_ERROR_SYSTEM(errno);
+               }
                addr_len = sizeof(local_addr);
-               getsockname(sock, (struct sockaddr *)&local_addr, &addr_len);
-
+               if (getsockname(sock, (struct sockaddr *)&local_addr, &addr_len) != 0) {
+                       close(sock);
+                       SAFE_FREE(ap_req.data);
+                       krb5_auth_con_free(context, auth_context);
+                       DEBUG(1,("getsockname() failed (%s)\n", error_message(errno)));
+                       return ADS_ERROR_SYSTEM(errno);
+               }
                if (!setup_kaddr(&remote_kaddr, &remote_addr) ||
                                !setup_kaddr(&local_kaddr, &local_addr)) {
                        DEBUG(1,("do_krb5_kpasswd_request: "
index d6b9ba622b822b9d0df0422ea3cebd4085a8f362..9ec06e5a1d52b6b9a8650a7591355917d57749e9 100644 (file)
@@ -588,7 +588,10 @@ static char **ads_push_strvals(TALLOC_CTX *ctx, const char **in_vals)
        if (!values) return NULL;
 
        for (i=0; in_vals[i]; i++) {
-               push_utf8_talloc(ctx, &values[i], in_vals[i]);
+               if (push_utf8_talloc(ctx, &values[i], in_vals[i]) == (size_t) -1) {
+                       TALLOC_FREE(values);
+                       return NULL;
+               }
        }
        return values;
 }
index e74cfaf69f2a0591c0c27664c48b221a834063f8..36415c42b59ddab2459272232a45b44bec2af60f 100644 (file)
@@ -58,9 +58,15 @@ static int wins_lookup_open_socket_in(void)
        if (res == -1)
                return -1;
 
-       setsockopt(res,SOL_SOCKET,SO_REUSEADDR,(char *)&val,sizeof(val));
+       if (setsockopt(res,SOL_SOCKET,SO_REUSEADDR,(char *)&val,sizeof(val)) != 0) {
+               close(res);
+               return -1;
+       }
 #ifdef SO_REUSEPORT
-       setsockopt(res,SOL_SOCKET,SO_REUSEPORT,(char *)&val,sizeof(val));
+       if (setsockopt(res,SOL_SOCKET,SO_REUSEPORT,(char *)&val,sizeof(val)) != 0) {
+               close(res);
+               return -1;
+       }
 #endif /* SO_REUSEPORT */
 
        /* now we've got a socket - we need to bind it */
index d941abb00e68763279dda1dfb0a32e49c07f8581..cf5b72bc7c5f949d5839e0128e086f8d7eab3d26 100644 (file)
@@ -1726,10 +1726,16 @@ static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods,
                        return NT_STATUS_UNSUCCESSFUL;
                }
 
-               ber_printf (ber, "{");
-               ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn);
-               ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password);
-               ber_printf (ber, "n}");
+               if ((ber_printf (ber, "{") < 0) ||
+                   (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn) < 0) ||
+                   (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password) < 0) ||
+                   (ber_printf (ber, "n}") < 0)) {
+                       DEBUG(0,("ldapsam_modify_entry: ber_printf returns a value <0\n"));
+                       ber_free(ber,1);
+                       SAFE_FREE(utf8_dn);
+                       SAFE_FREE(utf8_password);
+                       return NT_STATUS_UNSUCCESSFUL;
+               }
 
                if ((rc = ber_flatten (ber, &bv))<0) {
                        DEBUG(0,("ldapsam_modify_entry: ber_flatten returns a value <0\n"));
index 70944a9596829746003235c41d6d878d0c832dbe..f72638bed50418962dd5123dd562fdb72488d875 100644 (file)
@@ -1251,8 +1251,10 @@ static bool build_sam_account(struct smbpasswd_privates *smbpasswd_state,
 
        /* set remaining fields */
                
-       pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET);
-       pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET);                  
+       if (!pdb_set_nt_passwd (sam_pass, pw_buf->smb_nt_passwd, PDB_SET))
+               return False;
+       if (!pdb_set_lanman_passwd (sam_pass, pw_buf->smb_passwd, PDB_SET))
+               return False;
        pdb_set_acct_ctrl (sam_pass, pw_buf->acct_ctrl, PDB_SET);
        pdb_set_pass_last_set_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
        pdb_set_pass_can_change_time (sam_pass, pw_buf->pass_last_set_time, PDB_SET);
index d5803b711bd0366813ae0a5ea2a5db8eba348699..04dde0e8a042f4421821c7d86682a00c5152f8cb 100644 (file)
@@ -358,7 +358,7 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
 
        ZERO_STRUCT( ps );
 
-       prs_init( &ps, 0, ctx, UNMARSHALL );
+       prs_init_empty( &ps, ctx, UNMARSHALL );
        prs_give_memory( &ps, (char *)data.dptr, data.dsize, False );
 
        if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_orig, &ps, 1 ) ) {
@@ -405,7 +405,10 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
 
        /* create a new SEC_DESC with the appropriate owner and group SIDs */
 
-       string_to_sid(&sid, "S-1-5-32-544" );
+       if (!string_to_sid(&sid, "S-1-5-32-544" )) {
+               prs_mem_free( &ps );
+               return 0;
+       }
        new_sec = make_sec_desc( ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
                &sid, &sid,
                NULL, NULL, &size_new_sec );
@@ -431,7 +434,10 @@ static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
        
        sd_size = ndr_size_security_descriptor(sd_store->sd, 0)
                + sizeof(SEC_DESC_BUF);
-       prs_init(&ps, sd_size, ctx, MARSHALL);
+       if ( !prs_init(&ps, sd_size, ctx, MARSHALL) ) {
+               DEBUG(0,("sec_desc_upg_fn: Failed to allocate prs memory for %s\n", key.dptr ));
+               return 0;
+       }
 
        if ( !sec_io_desc_buf( "sec_desc_upg_fn", &sd_store, &ps, 1 ) ) {
                DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr ));
@@ -4551,7 +4557,7 @@ static bool convert_driver_init( TALLOC_CTX *ctx, NT_DEVICEMODE *nt_devmode, uin
 
        ZERO_STRUCT(devmode);
 
-       prs_init(&ps, 0, ctx, UNMARSHALL);
+       prs_init_empty(&ps, ctx, UNMARSHALL);
        ps.data_p      = (char *)data;
        ps.buffer_size = data_len;
 
@@ -5396,9 +5402,13 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr)
 
        /* Store the security descriptor in a tdb */
 
-       prs_init(&ps,
-                (uint32)ndr_size_security_descriptor(new_secdesc_ctr->sd, 0)
-                + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL);
+       if (!prs_init(&ps,
+               (uint32)ndr_size_security_descriptor(new_secdesc_ctr->sd, 0)
+               + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL) ) {
+               status = WERR_NOMEM;
+               goto out;
+       }
+
 
        prs_init_done = true;
 
@@ -5546,8 +5556,9 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
 
                /* Save default security descriptor for later */
 
-               prs_init(&ps, (uint32)ndr_size_security_descriptor((*secdesc_ctr)->sd, 0) +
-                               sizeof(SEC_DESC_BUF), ctx, MARSHALL);
+               if (!prs_init(&ps, (uint32)ndr_size_security_descriptor((*secdesc_ctr)->sd, 0) +
+                       sizeof(SEC_DESC_BUF), ctx, MARSHALL))
+                       return False;
 
                if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) {
                        tdb_prs_store(tdb_printers, kbuf, &ps);
index a4da103d404952606dc01caf11e251fa26d8121f..582989d8d166ea0e0fac33639deda0adf4203cc1 100644 (file)
@@ -443,7 +443,8 @@ static void fill_in_printer_values( NT_PRINTER_INFO_LEVEL_2 *info2, REGVAL_CTR *
        /* use a prs_struct for converting the devmode and security 
           descriptor to REG_BINARY */
        
-       prs_init( &prs, RPC_MAX_PDU_FRAG_LEN, values, MARSHALL);
+       if (!prs_init( &prs, RPC_MAX_PDU_FRAG_LEN, values, MARSHALL))
+               return;
 
        /* stream the device mode */
                
index 1c3aad7a2500c0207e5845051690d1d8c9c67da0..9eb2c582987ea5d971789c10e06034cd8154cf94 100644 (file)
@@ -123,7 +123,10 @@ static int read_block( REGF_FILE *file, prs_struct *ps, uint32 file_offset, uint
                return -1;
        }
        
-       prs_init( ps, block_size, file->mem_ctx, UNMARSHALL );
+       if (!prs_init( ps, block_size, file->mem_ctx, UNMARSHALL )) {
+               DEBUG(0,("read_block: prs_init() failed! (%s)\n", strerror(errno) ));
+               return -1;
+       }
        buffer = prs_data_p( ps );
        bytes_read = returned = 0;
 
index c89c5531d7aa4b64688fc60da3a8d113f3092539..1fd06f868ef18ecb8184844996d247635aab83ed 100644 (file)
@@ -683,7 +683,7 @@ static NTSTATUS cli_pipe_reset_current_pdu(struct rpc_pipe_client *cli, RPC_HDR
        /* Common case. */
        if (current_pdu_len == (uint32)prhdr->frag_len) {
                prs_mem_free(current_pdu);
-               prs_init(current_pdu, 0, prs_get_mem_context(current_pdu), UNMARSHALL);
+               prs_init_empty(current_pdu, prs_get_mem_context(current_pdu), UNMARSHALL);
                /* Make current_pdu dynamic with no memory. */
                prs_give_memory(current_pdu, 0, 0, True);
                return NT_STATUS_OK;
@@ -757,7 +757,7 @@ static NTSTATUS rpc_api_pipe(struct rpc_pipe_client *cli,
 #endif
 
        /* Set up the current pdu parse struct. */
-       prs_init(&current_pdu, 0, prs_get_mem_context(rbuf), UNMARSHALL);
+       prs_init_empty(&current_pdu, prs_get_mem_context(rbuf), UNMARSHALL);
 
        /* Create setup parameters - must be in native byte order. */
        setup[0] = TRANSACT_DCERPCCMD; 
@@ -1183,7 +1183,8 @@ static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli,
        NTSTATUS ret = NT_STATUS_OK;
 
        ZERO_STRUCT(hdr_auth);
-       prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL);
+       if (!prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL))
+               return NT_STATUS_NO_MEMORY;
 
        switch (auth_type) {
                case PIPE_AUTH_TYPE_SCHANNEL:
@@ -1468,7 +1469,8 @@ NTSTATUS rpc_api_pipe_req(struct rpc_pipe_client *cli,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
-       prs_init(&outgoing_pdu, cli->max_xmit_frag, prs_get_mem_context(in_data), MARSHALL);
+       if (!prs_init(&outgoing_pdu, cli->max_xmit_frag, prs_get_mem_context(in_data), MARSHALL))
+               return NT_STATUS_NO_MEMORY;
 
        while (1) {
                RPC_HDR hdr;
@@ -1811,7 +1813,7 @@ static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli,
                return nt_status;
        }
 
-       prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL);
+       prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL);
 
        nt_status = create_rpc_bind_auth3(cli, rpc_call_id,
                                auth_type, auth_level,
@@ -1865,7 +1867,8 @@ static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
        NTSTATUS ret = NT_STATUS_OK;
 
        ZERO_STRUCT(hdr_auth);
-       prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL);
+       if (!prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL))
+               return NT_STATUS_NO_MEMORY;
 
        /* We may change the pad length before marshalling. */
        init_rpc_hdr_auth(&hdr_auth, RPC_SPNEGO_AUTH_TYPE, (int)auth_level, 0, 1);
@@ -1958,7 +1961,7 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli,
        tmp_blob = data_blob_null; /* Ensure it's safe to free this just in case. */
 
        /* Now prepare the alter context pdu. */
-       prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL);
+       prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL);
 
        nt_status = create_rpc_alter_context(rpc_call_id,
                                                abstract,
@@ -1976,7 +1979,7 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli,
 
        /* Initialize the returning data struct. */
        prs_mem_free(rbuf);
-       prs_init(rbuf, 0, cli->mem_ctx, UNMARSHALL);
+       prs_init_empty(rbuf, cli->mem_ctx, UNMARSHALL);
 
        nt_status = rpc_api_pipe(cli, &rpc_out, rbuf, RPC_ALTCONTRESP);
        if (!NT_STATUS_IS_OK(nt_status)) {
@@ -2049,7 +2052,7 @@ static NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
-       prs_init(&rpc_out, 0, cli->mem_ctx, MARSHALL);
+       prs_init_empty(&rpc_out, cli->mem_ctx, MARSHALL);
 
        rpc_call_id = get_rpc_call_id();
 
@@ -2065,7 +2068,7 @@ static NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli,
        }
 
        /* Initialize the incoming data struct. */
-       prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL);
+       prs_init_empty(&rbuf, cli->mem_ctx, UNMARSHALL);
 
        /* send data on \PIPE\.  receive a response */
        status = rpc_api_pipe(cli, &rpc_out, &rbuf, RPC_BINDACK);
index a64ead809a0f3306f58b7e71694350b3a7165496..ae705b313b507adb43d63e895bcdb09c7d04ce22 100644 (file)
@@ -58,10 +58,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli,
 
        talloc_free(push);
 
-       if (!prs_init( &r_ps, 0, mem_ctx, UNMARSHALL )) {
-               prs_mem_free( &q_ps );
-               return NT_STATUS_NO_MEMORY;
-       }
+       prs_init_empty( &r_ps, mem_ctx, UNMARSHALL );
        
        status = rpc_api_pipe_req(cli, opnum, &q_ps, &r_ps); 
 
index e98822d46ee670b6b810ce68e706da8a2a113860..9a68e547a048ac1db0a6d03aae36a351cb2dbcca 100644 (file)
@@ -34,8 +34,10 @@ void rpcbuf_init(RPC_BUFFER *buffer, uint32 size, TALLOC_CTX *ctx)
 {
        buffer->size = size;
        buffer->string_at_end = size;
-       prs_init(&buffer->prs, size, ctx, MARSHALL);
-       buffer->struct_start = prs_offset(&buffer->prs);
+       if (prs_init(&buffer->prs, size, ctx, MARSHALL))
+               buffer->struct_start = prs_offset(&buffer->prs);
+       else
+               buffer->struct_start = NULL;
 }
 
 /*******************************************************************
index 418f857df88a4596752dcac969ab940fd5069415..3850c440af8373d52d12eeeca5123aa9a34f335e 100644 (file)
@@ -285,7 +285,8 @@ bool smb_io_strhdr(const char *desc,  STRHDR *hdr, prs_struct *ps, int depth)
        prs_debug(ps, depth, desc, "smb_io_strhdr");
        depth++;
 
-       prs_align(ps);
+       if(!prs_align(ps))
+               return False;
        
        if(!prs_uint16("str_str_len", ps, depth, &hdr->str_str_len))
                return False;
@@ -1761,10 +1762,14 @@ bool smb_io_bufhdr2(const char *desc, BUFHDR2 *hdr, prs_struct *ps, int depth)
        prs_debug(ps, depth, desc, "smb_io_bufhdr2");
        depth++;
 
-       prs_align(ps);
-       prs_uint32("info_level", ps, depth, &(hdr->info_level));
-       prs_uint32("length    ", ps, depth, &(hdr->length    ));
-       prs_uint32("buffer    ", ps, depth, &(hdr->buffer    ));
+       if (!prs_align(ps))
+               return False;
+       if (!prs_uint32("info_level", ps, depth, &(hdr->info_level)))
+               return False;
+       if (!prs_uint32("length    ", ps, depth, &(hdr->length    )))
+               return False;
+       if (!prs_uint32("buffer    ", ps, depth, &(hdr->buffer    )))
+               return False;
 
        return True;
 }
@@ -1777,9 +1782,12 @@ bool smb_io_bufhdr4(const char *desc, BUFHDR4 *hdr, prs_struct *ps, int depth)
        prs_debug(ps, depth, desc, "smb_io_bufhdr4");
        depth++;
 
-       prs_align(ps);
-       prs_uint32("size", ps, depth, &hdr->size);
-       prs_uint32("buffer", ps, depth, &hdr->buffer);
+       if (!prs_align(ps))
+               return False;
+       if (!prs_uint32("size", ps, depth, &hdr->size))
+               return False;
+       if (!prs_uint32("buffer", ps, depth, &hdr->buffer))
+               return False;
 
        return True;
 }
@@ -1793,7 +1801,8 @@ bool smb_io_rpc_blob(const char *desc, RPC_DATA_BLOB *blob, prs_struct *ps, int
        prs_debug(ps, depth, desc, "smb_io_rpc_blob");
        depth++;
 
-       prs_align(ps);
+       if (!prs_align(ps))
+               return False;
        if ( !prs_uint32("buf_len", ps, depth, &blob->buf_len) )
                return False;
 
index 638d71a73e3512c47e9b11f33c5864a6f7beef58..072132f5ac2c2be0d4f72ef9a3607b7241bb714e 100644 (file)
@@ -1496,7 +1496,7 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *m
 {
        TDB_DATA dbuf;
 
-       prs_init(ps, 0, mem_ctx, UNMARSHALL);
+       prs_init_empty(ps, mem_ctx, UNMARSHALL);
 
        dbuf = tdb_fetch(tdb, kbuf);
        if (!dbuf.dptr)
index 19c8db053359518495f97cdc7396eadb4c087273..6c1b65b858b4a339821956ebefc1b83983142756 100644 (file)
@@ -151,7 +151,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
         * data.
         */
 
-       prs_init( &outgoing_pdu, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_pdu, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /* Store the header in the data stream. */
@@ -358,7 +358,7 @@ static bool create_next_pdu_schannel(pipes_struct *p)
         * data.
         */
 
-       prs_init( &outgoing_pdu, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_pdu, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /* Store the header in the data stream. */
@@ -531,7 +531,7 @@ static bool create_next_pdu_noauth(pipes_struct *p)
         * data.
         */
 
-       prs_init( &outgoing_pdu, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_pdu, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /* Store the header in the data stream. */
@@ -812,7 +812,7 @@ static bool setup_bind_nak(pipes_struct *p)
         * header and are never sending more than one PDU here.
         */
 
-       prs_init( &outgoing_rpc, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_rpc, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /*
@@ -875,7 +875,7 @@ bool setup_fault_pdu(pipes_struct *p, NTSTATUS status)
         * header and are never sending more than one PDU here.
         */
 
-       prs_init( &outgoing_pdu, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_pdu, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /*
@@ -944,7 +944,7 @@ bool setup_cancel_ack_reply(pipes_struct *p, prs_struct *rpc_in_p)
         * header and are never sending more than one PDU here.
         */
 
-       prs_init( &outgoing_pdu, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_pdu, p->mem_ctx, MARSHALL);
        prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
 
        /*
@@ -1522,7 +1522,7 @@ bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
                return setup_bind_nak(p);
        }
 
-       prs_init( &outgoing_rpc, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_rpc, p->mem_ctx, MARSHALL);
 
        /* 
         * Marshall directly into the outgoing PDU space. We
@@ -1794,7 +1794,7 @@ bool api_pipe_alter_context(pipes_struct *p, prs_struct *rpc_in_p)
        prs_struct outgoing_rpc;
        int auth_len = 0;
 
-       prs_init( &outgoing_rpc, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty( &outgoing_rpc, p->mem_ctx, MARSHALL);
 
        /* 
         * Marshall directly into the outgoing PDU space. We
index 95ce496ba60d57c8c93cac1279f7d6e10c7f838e..45f649d0ceaf48b0b4887cab03b59a0b049a2f7d 100644 (file)
@@ -348,7 +348,7 @@ static void *make_internal_rpc_pipe_p(const char *pipe_name,
        /*
         * Initialize the outgoing RPC data buffer with no memory.
         */     
-       prs_init(&p->out_data.rdata, 0, p->mem_ctx, MARSHALL);
+       prs_init_empty(&p->out_data.rdata, p->mem_ctx, MARSHALL);
        
        fstrcpy(p->name, pipe_name);
        
@@ -408,7 +408,7 @@ static ssize_t unmarshall_rpc_header(pipes_struct *p)
                return -1;
        }
 
-       prs_init( &rpc_in, 0, p->mem_ctx, UNMARSHALL);
+       prs_init_empty( &rpc_in, p->mem_ctx, UNMARSHALL);
        prs_set_endian_data( &rpc_in, p->endian);
 
        prs_give_memory( &rpc_in, (char *)&p->in_data.current_in_pdu[0],
@@ -693,7 +693,7 @@ static void process_complete_pdu(pipes_struct *p)
                return;
        }
 
-       prs_init( &rpc_in, 0, p->mem_ctx, UNMARSHALL);
+       prs_init_empty( &rpc_in, p->mem_ctx, UNMARSHALL);
 
        /*
         * Ensure we're using the corrent endianness for both the 
index 3758c8fd63ed9cbaeb2198f913599198e71af486..403beb6782b36288bd449fd87ab1e3cdd8f3acde 100644 (file)
@@ -6033,7 +6033,11 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
        /* NT seems to like setting the security descriptor even though
           nothing may have actually changed. */
 
-       nt_printing_getsec(p->mem_ctx, Printer->sharename, &old_secdesc_ctr);
+       if ( !nt_printing_getsec(p->mem_ctx, Printer->sharename, &old_secdesc_ctr)) {
+               DEBUG(2,("update_printer_sec: nt_printing_getsec() failed\n"));
+               result = WERR_BADFID;
+               goto done;
+       }
 
        if (DEBUGLEVEL >= 10) {
                SEC_ACL *the_acl;
index c76bc19d9ce4b6205c6aaf23cb796e8af9c30bca..6e076ea372604ea5d65fd78aa6e96e5f52a2227d 100644 (file)
@@ -239,7 +239,8 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r)
        if(regkey->key->type == REG_KEY_HKPD) 
        {
                if(strequal(r->in.value_name.name, "Global"))   {
-                       prs_init(&prs_hkpd, *r->in.data_size, p->mem_ctx, MARSHALL);
+                       if (!prs_init(&prs_hkpd, *r->in.data_size, p->mem_ctx, MARSHALL))
+                               return WERR_NOMEM;
                        status = reg_perfcount_get_hkpd(
                                &prs_hkpd, *r->in.data_size, &outbuf_size, NULL);
                        outbuf = (uint8_t *)prs_hkpd.data_p;
@@ -260,7 +261,8 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r)
                else if(isdigit(r->in.value_name.name[0])) {
                        /* we probably have a request for a specific object
                         * here */
-                       prs_init(&prs_hkpd, *r->in.data_size, p->mem_ctx, MARSHALL);
+                       if (!prs_init(&prs_hkpd, *r->in.data_size, p->mem_ctx, MARSHALL))
+                               return WERR_NOMEM;
                        status = reg_perfcount_get_hkpd(
                                &prs_hkpd, *r->in.data_size, &outbuf_size,
                                r->in.value_name.name);
index ae83e726977292bfdc871e74e50568a00e75d163..620b03693263c6eba297a5e2ecf72e0b32af94f7 100644 (file)
@@ -592,7 +592,12 @@ bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc,
        }
 
        /* stream the printer security descriptor */
-       prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key, MARSHALL);
+
+       if (!prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key, MARSHALL)) {
+               DEBUG(0,("svcctl_set_secdesc: prs_init() failed!\n"));
+               TALLOC_FREE( key );
+               return False;
+       }
 
        if ( sec_io_desc("sec_desc", &sec_desc, &ps, 0 ) ) {
                uint32 offset = prs_offset( &ps );
index 55009ce0b1c06d7d4f7b5fdb3aae4869b62205ad..ffdf1c22e7c39166e7a944e755be55abd6a68b72 100644 (file)
@@ -169,7 +169,7 @@ void change_notify_reply(connection_struct *conn,
                return;
        }
 
-       prs_init(&ps, 0, NULL, MARSHALL);
+       prs_init_empty(&ps, NULL, MARSHALL);
 
        if (!notify_marshall_changes(notify_buf->num_changes, max_param,
                                        notify_buf->changes, &ps)) {
index dceea450e65ce38a1273553200f24630354b0f44..1a3b7383c96e41d4c39d72266d0a0ec2b16c826a 100644 (file)
@@ -387,7 +387,12 @@ static void pop_conn_ctx(void)
 
 void become_root(void)
 {
-       push_sec_ctx();
+        /*
+         * no good way to handle push_sec_ctx() failing without changing
+         * the prototype of become_root()
+         */
+       if (!push_sec_ctx())
+               return;
        push_conn_ctx();
        set_root_sec_ctx();
 }
index 31cc63845e385d15babbcdc0d0fb6f9bb9e3bf1a..50465da9b903b1114c394252870957d39a9c5ed4 100644 (file)
@@ -3048,7 +3048,7 @@ static NTSTATUS rpc_group_members_internals(const DOM_SID *domain_sid,
 
                rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
 
-               string_to_sid(&sid_Builtin, "S-1-5-32");                
+               (void) string_to_sid(&sid_Builtin, "S-1-5-32");
 
                result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
                                                &connect_pol,
@@ -4501,7 +4501,10 @@ static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *t
                return False;
        }
 
-       string_to_sid(&user_sid, response.data.sid.sid);
+       if (!string_to_sid(&user_sid, response.data.sid.sid)) {
+               DEBUG(1, ("Could not convert string '%s' to SID\n", response.data.sid.sid));
+               return False;
+       }
 
        init_user_token(token, &user_sid);
 
index 63c2f14601f3f8735e376e49ce7379acb37061d7..87632db16df5400e7f4e4290682aa7750b21b7b1 100644 (file)
@@ -40,7 +40,8 @@ main()
        ctx=talloc_init("main");
        if (!ctx) exit(1);
 
-       prs_init(&ps, 1600, 4, ctx, MARSHALL);
+       if (!prs_init(&ps, 1600, 4, ctx, MARSHALL))
+               exit(1);
 
        while (scanf("%s", s)!=-1) {
                if (strlen(s)==2 && strchr_m(filter, *s)!=NULL && strchr_m(filter, *(s+1))!=NULL) {
index 1b284c172538386e1320631780b257816b86c727..3d4a71b71d1d1e9a51d2abd7964bebbfd037a892 100644 (file)
@@ -330,7 +330,12 @@ static int smb_download_file(const char *base, const char *name, int recursive,
                        return 0;
                }
        
-               fstat(localhandle, &localstat);
+               if (fstat(localhandle, &localstat) != 0) {
+                       fprintf(stderr, "Can't fstat %s: %s\n", newpath, strerror(errno));
+                       smbc_close(remotehandle);
+                       close(localhandle);
+                       return 0;
+               }
 
                start_offset = localstat.st_size;