Fix logic and prevent segfaults in secrets trustdom tdb pack code.

author Michael Adam <obnox@samba.org>

Wed, 12 Dec 2007 12:50:48 +0000 (13:50 +0100)

committer Jeremy Allison <jra@samba.org>

Wed, 12 Dec 2007 17:47:41 +0000 (09:47 -0800)
author Michael Adam <obnox@samba.org>
Wed, 12 Dec 2007 12:50:48 +0000 (13:50 +0100)
committer Jeremy Allison <jra@samba.org>
Wed, 12 Dec 2007 17:47:41 +0000 (09:47 -0800)
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c

index 32335eec8959a91b8eca1e78b0fc46d31beadb8e..a4cb76602a83cdcae2001be38a37538ab9c636f5 100644 (file)
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -360,16 +360,16 @@ static size_t tdb_sid_pack(uint8 *pack_buf, int bufsize, DOM_SID* sid)
         len += tdb_pack(p, remaining_space, "bb", sid->sid_rev_num,
                         sid->num_auths);
         if (pack_buf) {
         len += tdb_pack(p, remaining_space, "bb", sid->sid_rev_num,
                         sid->num_auths);
         if (pack_buf) {
-               p += len;
-               remaining_space -= len;
+               p = pack_buf + len;
+               remaining_space = bufsize - len;
         }
  
         for (idx = 0; idx < 6; idx++) {
                 len += tdb_pack(p, remaining_space, "b",
                                 sid->id_auth[idx]);
                 if (pack_buf) {
         }
  
         for (idx = 0; idx < 6; idx++) {
                 len += tdb_pack(p, remaining_space, "b",
                                 sid->id_auth[idx]);
                 if (pack_buf) {
-                       p += len;
-                       remaining_space -= len;
+                       p = pack_buf + len;
+                       remaining_space = bufsize - len;
                 }
         }
  
                 }
         }
  
@@ -377,8 +377,8 @@ static size_t tdb_sid_pack(uint8 *pack_buf, int bufsize, DOM_SID* sid)
                 len += tdb_pack(p, remaining_space, "d",
                                 sid->sub_auths[idx]);
                 if (pack_buf) {
                 len += tdb_pack(p, remaining_space, "d",
                                 sid->sub_auths[idx]);
                 if (pack_buf) {
-                       p += len;
-                       remaining_space -= len;
+                       p = pack_buf + len;
+                       remaining_space = bufsize - len;
                 }
         }
  
                 }
         }
  
@@ -440,31 +440,31 @@ static size_t tdb_trusted_dom_pass_pack(uint8 *pack_buf, int bufsize,
         len += tdb_pack(p, remaining_space, "d",
                         pass->uni_name_len);
         if (pack_buf) {
         len += tdb_pack(p, remaining_space, "d",
                         pass->uni_name_len);
         if (pack_buf) {
-               p += len;
-               remaining_space -= len;
+               p = pack_buf + len;
+               remaining_space = bufsize - len;
         }
  
         for (idx = 0; idx < 32; idx++) {
                 len += tdb_pack(p, remaining_space, "w",
                                  pass->uni_name[idx]);
                 if (pack_buf) {
         }
  
         for (idx = 0; idx < 32; idx++) {
                 len += tdb_pack(p, remaining_space, "w",
                                  pass->uni_name[idx]);
                 if (pack_buf) {
-                       p += len;
-                       remaining_space -= len;
+                       p = pack_buf + len;
+                       remaining_space = bufsize - len;
                 }
         }
  
         len += tdb_pack(p, remaining_space, "dPd", pass->pass_len,
                              pass->pass, pass->mod_time);
         if (pack_buf) {
                 }
         }
  
         len += tdb_pack(p, remaining_space, "dPd", pass->pass_len,
                              pass->pass, pass->mod_time);
         if (pack_buf) {
-               p += len;
-               remaining_space -= len;
+               p = pack_buf + len;
+               remaining_space = bufsize - len;
         }
  
         /* packing SID structure */
         len += tdb_sid_pack(p, remaining_space, &pass->domain_sid);
         if (pack_buf) {
         }
  
         /* packing SID structure */
         len += tdb_sid_pack(p, remaining_space, &pass->domain_sid);
         if (pack_buf) {
-               p += len;
-               remaining_space -= len;
+               p = pack_buf + len;
+               remaining_space = bufsize - len;
         }
  
         return len;
         }
  
         return len;
author	Michael Adam <obnox@samba.org>
	Wed, 12 Dec 2007 12:50:48 +0000 (13:50 +0100)
committer	Jeremy Allison <jra@samba.org>
	Wed, 12 Dec 2007 17:47:41 +0000 (09:47 -0800)