*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_PARSE
-/****************************************************************************
- A temporary TALLOC context for things like unistrs, that is valid for
- the life of a complete RPC call.
-****************************************************************************/
-
-static TALLOC_CTX *current_rpc_talloc = NULL;
-
-static TALLOC_CTX *get_current_rpc_talloc(void)
-{
- return current_rpc_talloc;
-}
-
-void set_current_rpc_talloc( TALLOC_CTX *ctx)
-{
- current_rpc_talloc = ctx;
-}
-
-static TALLOC_CTX *main_loop_talloc = NULL;
-
-/*******************************************************************
-free up temporary memory - called from the main loop
-********************************************************************/
-
-void main_loop_talloc_free(void)
-{
- if (!main_loop_talloc)
- return;
- talloc_destroy(main_loop_talloc);
- main_loop_talloc = NULL;
-}
-
-/*******************************************************************
- Get a talloc context that is freed in the main loop...
-********************************************************************/
-
-TALLOC_CTX *main_loop_talloc_get(void)
-{
- if (!main_loop_talloc) {
- main_loop_talloc = talloc_init("main loop talloc (mainly parse_misc)");
- if (!main_loop_talloc)
- smb_panic("main_loop_talloc: malloc fail\n");
- }
-
- return main_loop_talloc;
-}
-
-/*******************************************************************
- Try and get a talloc context. Get the rpc one if possible, else
- get the main loop one. The main loop one is more dangerous as it
- goes away between packets, the rpc one will stay around for as long
- as a current RPC lasts.
-********************************************************************/
-
-TALLOC_CTX *get_talloc_ctx(void)
-{
- TALLOC_CTX *tc = get_current_rpc_talloc();
-
- if (tc)
- return tc;
- return main_loop_talloc_get();
-}
-
/*******************************************************************
Reads or writes a UTIME type.
********************************************************************/
BOOL smb_io_time(const char *desc, NTTIME *nttime, prs_struct *ps, int depth)
{
+ uint32 low, high;
if (nttime == NULL)
return False;
if(!prs_align(ps))
return False;
- if(!prs_uint32("low ", ps, depth, &nttime->low)) /* low part */
+ if (MARSHALLING(ps)) {
+ low = *nttime & 0xFFFFFFFF;
+ high = *nttime >> 32;
+ }
+
+ if(!prs_uint32("low ", ps, depth, &low)) /* low part */
return False;
- if(!prs_uint32("high", ps, depth, &nttime->high)) /* high part */
+ if(!prs_uint32("high", ps, depth, &high)) /* high part */
return False;
+ if (UNMARSHALLING(ps)) {
+ *nttime = (((uint64_t)high << 32) + low);
+ }
+
return True;
}
+/*******************************************************************
+ Reads or writes an NTTIME structure.
+********************************************************************/
+
+BOOL smb_io_nttime(const char *desc, prs_struct *ps, int depth, NTTIME *nttime)
+{
+ return smb_io_time( desc, nttime, ps, depth );
+}
+
/*******************************************************************
Gets an enumeration handle from an ENUM_HND structure.
********************************************************************/
return True;
}
-/*******************************************************************
- Inits a DOM_SID structure.
-
- BIG NOTE: this function only does SIDS where the identauth is not >= 2^32
- identauth >= 2^32 can be detected because it will be specified in hex
-********************************************************************/
-
-void init_dom_sid(DOM_SID *sid, const char *str_sid)
-{
- pstring domsid;
- int identauth;
- char *p;
-
- if (str_sid == NULL) {
- DEBUG(4,("netlogon domain SID: none\n"));
- sid->sid_rev_num = 0;
- sid->num_auths = 0;
- return;
- }
-
- pstrcpy(domsid, str_sid);
-
- DEBUG(4,("init_dom_sid %d SID: %s\n", __LINE__, domsid));
-
- /* assume, but should check, that domsid starts "S-" */
- p = strtok(domsid+2,"-");
- sid->sid_rev_num = atoi(p);
-
- /* identauth in decimal should be < 2^32 */
- /* identauth in hex should be >= 2^32 */
- identauth = atoi(strtok(0,"-"));
-
- DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
- DEBUG(4,("netlogon %s ia %d\n", p, identauth));
-
- sid->id_auth[0] = 0;
- sid->id_auth[1] = 0;
- sid->id_auth[2] = (identauth & 0xff000000) >> 24;
- sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
- sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
- sid->id_auth[5] = (identauth & 0x000000ff);
-
- sid->num_auths = 0;
-
- while ((p = strtok(0, "-")) != NULL && sid->num_auths < MAXSUBAUTHS)
- sid->sub_auths[sid->num_auths++] = atoi(p);
-
- DEBUG(4,("init_dom_sid: %d SID: %s\n", __LINE__, domsid));
-}
-
/*******************************************************************
Inits a DOM_SID2 structure.
********************************************************************/
/* caputure the pointer value to stream */
- data_p = (uint32) *sid2;
+ data_p = *sid2 ? 0xf000baaa : 0;
if ( !prs_uint32("dom_sid2_p", ps, depth, &data_p ))
return False;
if (UNMARSHALLING(ps)) {
if ( !(*sid2 = PRS_ALLOC_MEM(ps, DOM_SID2, 1)) )
- return False;
+ return False;
}
return True;
}
/*******************************************************************
- Reads or writes a struct uuid
+ Reads or writes a struct GUID
********************************************************************/
-BOOL smb_io_uuid(const char *desc, struct uuid *uuid,
+BOOL smb_io_uuid(const char *desc, struct GUID *uuid,
prs_struct *ps, int depth)
{
if (uuid == NULL)
len = strlen(buf) + 1;
- str->buffer = TALLOC_ZERO_ARRAY(get_talloc_ctx(), uint16, len);
- if (str->buffer == NULL)
- smb_panic("init_unistr: malloc fail\n");
+ if (len) {
+ str->buffer = TALLOC_ZERO_ARRAY(talloc_tos(), uint16, len);
+ if (str->buffer == NULL)
+ smb_panic("init_unistr: malloc fail");
- rpcstr_push(str->buffer, buf, len*sizeof(uint16), STR_TERMINATE);
+ rpcstr_push(str->buffer, buf, len*sizeof(uint16), STR_TERMINATE);
+ } else {
+ str->buffer = NULL;
+ }
}
/*******************************************************************
Allocate the RPC_DATA_BLOB memory.
********************************************************************/
-static size_t create_rpc_blob(RPC_DATA_BLOB *str, size_t len)
+static void create_rpc_blob(RPC_DATA_BLOB *str, size_t len)
{
- str->buffer = TALLOC_ZERO(get_talloc_ctx(), len);
- if (str->buffer == NULL)
- smb_panic("create_rpc_blob: talloc fail\n");
- return len;
+ if (len) {
+ str->buffer = (uint8 *)TALLOC_ZERO(talloc_tos(), len);
+ if (str->buffer == NULL)
+ smb_panic("create_rpc_blob: talloc fail");
+ str->buf_len = len;
+ } else {
+ str->buffer = NULL;
+ str->buf_len = 0;
+ }
}
/*******************************************************************
ZERO_STRUCTP(str);
/* set up string lengths. */
- str->buf_len = create_rpc_blob(str, sizeof(uint32));
+ create_rpc_blob(str, sizeof(uint32));
SIVAL(str->buffer, 0, val);
}
ZERO_STRUCTP(str);
/* set up string lengths. */
- str->buf_len = create_rpc_blob(str, len*2);
- rpcstr_push(str->buffer, buf, str->buf_len, STR_TERMINATE);
-
+ if (len) {
+ create_rpc_blob(str, len*2);
+ rpcstr_push(str->buffer, buf, (size_t)str->buf_len, STR_TERMINATE);
+ }
}
/*******************************************************************
void init_rpc_blob_hex(RPC_DATA_BLOB *str, const char *buf)
{
ZERO_STRUCTP(str);
- str->buf_len = create_rpc_blob(str, strlen(buf));
- str->buf_len = strhex_to_str((char *)str->buffer, str->buf_len, buf);
+ if (buf && *buf) {
+ create_rpc_blob(str, strlen(buf));
+ str->buf_len = strhex_to_str((char *)str->buffer, str->buf_len, buf);
+ }
}
/*******************************************************************
ZERO_STRUCTP(str);
/* max buffer size (allocated size) */
- if (buf != NULL) {
- len = create_rpc_blob(str, len);
+ if (buf != NULL && len) {
+ create_rpc_blob(str, len);
memcpy(str->buffer, buf, len);
}
str->buf_len = len;
if (buf != NULL) {
SMB_ASSERT(str->buf_max_len >= str->buf_len);
- str->buffer = TALLOC_ZERO(get_talloc_ctx(), str->buf_max_len);
+ str->buffer = (uint16 *)TALLOC_ZERO(talloc_tos(),
+ str->buf_max_len);
if (str->buffer == NULL)
- smb_panic("init_regval_buffer: talloc fail\n");
+ smb_panic("init_regval_buffer: talloc fail");
memcpy(str->buffer, buf, str->buf_len);
}
}
if(!prs_align(ps))
return False;
- if(!prs_uint32("uni_max_len", ps, depth, &buf2->buf_max_len))
+ if(!prs_uint32("buf_max_len", ps, depth, &buf2->buf_max_len))
return False;
if(!prs_uint32("offset ", ps, depth, &buf2->offset))
return False;
(the the length of the source string) to prevent
reallocation of memory. */
if (str->buffer == NULL) {
- str->buffer = (uint16 *)TALLOC_ZERO_ARRAY(get_talloc_ctx(), uint16, str->uni_max_len);
- if ((str->buffer == NULL)) {
- smb_panic("copy_unistr2: talloc fail\n");
- return;
+ if (str->uni_max_len) {
+ str->buffer = (uint16 *)TALLOC_ZERO_ARRAY(talloc_tos(), uint16, str->uni_max_len);
+ if ((str->buffer == NULL)) {
+ smb_panic("copy_unistr2: talloc fail");
+ return;
+ }
+ /* copy the string */
+ memcpy(str->buffer, from->buffer, str->uni_max_len*sizeof(uint16));
+ } else {
+ str->buffer = NULL;
}
}
-
- /* copy the string */
- memcpy(str->buffer, from->buffer, str->uni_max_len*sizeof(uint16));
}
/*******************************************************************
/* set up string lengths. */
SMB_ASSERT(max_len >= str_len);
+ /* Ensure buf is valid if str_len was set. Coverity check. */
+ if (str_len && !buf) {
+ return;
+ }
+
str->str_max_len = max_len;
str->offset = 0;
str->str_str_len = str_len;
/* store the string */
if(str_len != 0) {
- str->buffer = TALLOC_ZERO(get_talloc_ctx(), str->str_max_len);
+ str->buffer = (uint8 *)TALLOC_ZERO(talloc_tos(),
+ str->str_max_len);
if (str->buffer == NULL)
- smb_panic("init_string2: malloc fail\n");
+ smb_panic("init_string2: malloc fail");
memcpy(str->buffer, buf, str_len);
}
}
if (buf) {
/* We always null terminate the copy. */
len = strlen(buf) + 1;
- } else {
+ if ( flags == UNI_STR_DBLTERMINATE )
+ len++;
+ }
+
+ if (buf == NULL || len == 0) {
/* no buffer -- nothing to do */
str->uni_max_len = 0;
str->offset = 0;
}
- str->buffer = TALLOC_ZERO_ARRAY(get_talloc_ctx(), uint16, len);
+ str->buffer = TALLOC_ZERO_ARRAY(talloc_tos(), uint16, len);
if (str->buffer == NULL) {
- smb_panic("init_unistr2: malloc fail\n");
+ smb_panic("init_unistr2: malloc fail");
return;
}
if (flags == UNI_STR_TERMINATE || flags == UNI_MAXLEN_TERMINATE) {
num_chars++;
}
+ if ( flags == UNI_STR_DBLTERMINATE )
+ num_chars += 2;
}
str->uni_max_len = num_chars;
void init_unistr4(UNISTR4 *uni4, const char *buf, enum unistr2_term_codes flags)
{
- uni4->string = TALLOC_P( get_talloc_ctx(), UNISTR2 );
+ uni4->string = TALLOC_P( talloc_tos(), UNISTR2 );
+ if (!uni4->string) {
+ smb_panic("init_unistr4: talloc fail");
+ return;
+ }
init_unistr2( uni4->string, buf, flags );
uni4->length = 2 * (uni4->string->uni_str_len);
void init_unistr4_w( TALLOC_CTX *ctx, UNISTR4 *uni4, const smb_ucs2_t *buf )
{
uni4->string = TALLOC_P( ctx, UNISTR2 );
+ if (!uni4->string) {
+ smb_panic("init_unistr4_w: talloc fail");
+ return;
+ }
init_unistr2_w( ctx, uni4->string, buf );
uni4->length = 2 * (uni4->string->uni_str_len);
void init_unistr2_w(TALLOC_CTX *ctx, UNISTR2 *str, const smb_ucs2_t *buf)
{
- uint32 len = strlen_w(buf);
+ uint32 len = buf ? strlen_w(buf) : 0;
ZERO_STRUCTP(str);
str->offset = 0;
str->uni_str_len = len;
- str->buffer = TALLOC_ZERO_ARRAY(ctx, uint16, len + 1);
- if (str->buffer == NULL) {
- smb_panic("init_unistr2_w: malloc fail\n");
- return;
+ if (len + 1) {
+ str->buffer = TALLOC_ZERO_ARRAY(ctx, uint16, len + 1);
+ if (str->buffer == NULL) {
+ smb_panic("init_unistr2_w: talloc fail");
+ return;
+ }
+ } else {
+ str->buffer = NULL;
}
/*
/* Yes, this is a strncpy( foo, bar, strlen(bar)) - but as
long as the buffer above is talloc()ed correctly then this
is the correct thing to do */
- strncpy_w(str->buffer, buf, len + 1);
+ if (len+1) {
+ strncpy_w(str->buffer, buf, len + 1);
+ }
}
/*******************************************************************
to->uni_str_len = i;
/* allocate the space and copy the string buffer */
- to->buffer = TALLOC_ZERO_ARRAY(get_talloc_ctx(), uint16, i);
- if (to->buffer == NULL)
- smb_panic("init_unistr2_from_unistr: malloc fail\n");
- memcpy(to->buffer, from->buffer, i*sizeof(uint16));
+ if (i) {
+ to->buffer = TALLOC_ZERO_ARRAY(talloc_tos(), uint16, i);
+ if (to->buffer == NULL)
+ smb_panic("init_unistr2_from_unistr: malloc fail");
+ memcpy(to->buffer, from->buffer, i*sizeof(uint16));
+ } else {
+ to->buffer = NULL;
+ }
return;
}
str->buffer = NULL;
}
if ((str->buffer == NULL) && (blob->length > 0)) {
- smb_panic("init_unistr2_from_datablob: malloc fail\n");
+ smb_panic("init_unistr2_from_datablob: malloc fail");
}
}
/* caputure the pointer value to stream */
- data_p = (uint32) *uni2;
+ data_p = *uni2 ? 0xf000baaa : 0;
if ( !prs_uint32("ptr", ps, depth, &data_p ))
return False;
/* just pass off to smb_io_unstr2() passing the uni2 address as
the pointer (like you would expect) */
- return smb_io_unistr2( desc, uni2, (uint32)uni2, ps, depth );
+ return smb_io_unistr2( desc, uni2, uni2 ? 1 : 0, ps, depth );
}
/*******************************************************************
BOOL prs_unistr4(const char *desc, prs_struct *ps, int depth, UNISTR4 *uni4)
{
+ void *ptr;
+ prs_debug(ps, depth, desc, "prs_unistr4");
+ depth++;
+
if ( !prs_uint16("length", ps, depth, &uni4->length ))
return False;
if ( !prs_uint16("size", ps, depth, &uni4->size ))
return False;
- if ( !prs_pointer( desc, ps, depth, (void**)&uni4->string, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2 ) )
+ ptr = uni4->string;
+
+ if ( !prs_pointer( desc, ps, depth, &ptr, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2 ) )
return False;
-
+
+ uni4->string = (UNISTR2 *)ptr;
+
return True;
}
}
/*******************************************************************
- Reads or writes a UNISTR2_ARRAY structure.
+ Reads or writes a UNISTR4_ARRAY structure.
********************************************************************/
BOOL prs_unistr4_array(const char *desc, prs_struct *ps, int depth, UNISTR4_ARRAY *array )
if(!prs_uint32("count", ps, depth, &array->count))
return False;
- if ( array->count == 0 )
- return True;
-
if (UNMARSHALLING(ps)) {
- if ( !(array->strings = TALLOC_ZERO_ARRAY( get_talloc_ctx(), UNISTR4, array->count)) )
- return False;
+ if (array->count) {
+ if ( !(array->strings = TALLOC_ZERO_ARRAY( talloc_tos(), UNISTR4, array->count)) )
+ return False;
+ } else {
+ array->strings = NULL;
+ }
}
/* write the headers and then the actual string buffer */
array->count = count;
- if ( array->count == 0 )
- return True;
-
/* allocate memory for the array of UNISTR4 objects */
- if ( !(array->strings = TALLOC_ZERO_ARRAY(get_talloc_ctx(), UNISTR4, count )) )
- return False;
+ if (array->count) {
+ if ( !(array->strings = TALLOC_ZERO_ARRAY(talloc_tos(), UNISTR4, count )) )
+ return False;
+ } else {
+ array->strings = NULL;
+ }
for ( i=0; i<count; i++ )
- init_unistr4( &array->strings[i], strings[i], STR_TERMINATE );
+ init_unistr4( &array->strings[i], strings[i], UNI_STR_TERMINATE );
return True;
}
}
/*******************************************************************
- Inits a DOM_RID2 structure.
+ Inits a DOM_RID structure.
+********************************************************************/
+
+void init_dom_rid(DOM_RID *prid, uint32 rid, uint16 type, uint32 idx)
+{
+ prid->type = type;
+ prid->rid = rid;
+ prid->rid_idx = idx;
+}
+
+/*******************************************************************
+ Reads or writes a DOM_RID structure.
********************************************************************/
-void init_dom_rid2(DOM_RID2 *rid2, uint32 rid, uint8 type, uint32 idx)
+BOOL smb_io_dom_rid(const char *desc, DOM_RID *rid, prs_struct *ps, int depth)
{
- rid2->type = type;
- rid2->rid = rid;
- rid2->rid_idx = idx;
+ if (rid == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "smb_io_dom_rid");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!prs_uint16("type ", ps, depth, &rid->type))
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!prs_uint32("rid ", ps, depth, &rid->rid))
+ return False;
+ if(!prs_uint32("rid_idx", ps, depth, &rid->rid_idx))
+ return False;
+
+ return True;
}
/*******************************************************************
Reads or writes a DOM_RID2 structure.
********************************************************************/
-BOOL smb_io_dom_rid2(const char *desc, DOM_RID2 *rid2, prs_struct *ps, int depth)
+BOOL smb_io_dom_rid2(const char *desc, DOM_RID2 *rid, prs_struct *ps, int depth)
{
- if (rid2 == NULL)
+ if (rid == NULL)
return False;
prs_debug(ps, depth, desc, "smb_io_dom_rid2");
if(!prs_align(ps))
return False;
- if(!prs_uint8("type ", ps, depth, &rid2->type))
+ if(!prs_uint16("type ", ps, depth, &rid->type))
return False;
if(!prs_align(ps))
return False;
- if(!prs_uint32("rid ", ps, depth, &rid2->rid))
+ if(!prs_uint32("rid ", ps, depth, &rid->rid))
+ return False;
+ if(!prs_uint32("rid_idx", ps, depth, &rid->rid_idx))
return False;
- if(!prs_uint32("rid_idx", ps, depth, &rid2->rid_idx))
+ if(!prs_uint32("unknown", ps, depth, &rid->unknown))
return False;
return True;
}
+
/*******************************************************************
creates a DOM_RID3 structure.
********************************************************************/
Inits a DOM_CLNT_SRV structure.
********************************************************************/
-static void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, const char *comp_name)
+void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv,
+ const char *comp_name)
{
DEBUG(5,("init_clnt_srv: %d\n", __LINE__));
Inits or writes a DOM_CLNT_SRV structure.
********************************************************************/
-static BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *logcln, prs_struct *ps, int depth)
+BOOL smb_io_clnt_srv(const char *desc, DOM_CLNT_SRV *logcln, prs_struct *ps, int depth)
{
if (logcln == NULL)
return False;
if(UNMARSHALLING(ps))
ZERO_STRUCTP(pol);
- if (!prs_uint32("data1", ps, depth, &pol->data1))
- return False;
- if (!prs_uint32("data2", ps, depth, &pol->data2))
+ if (!prs_uint32("handle_type", ps, depth, &pol->handle_type))
return False;
- if (!prs_uint16("data3", ps, depth, &pol->data3))
- return False;
- if (!prs_uint16("data4", ps, depth, &pol->data4))
- return False;
- if(!prs_uint8s (False, "data5", ps, depth, pol->data5, sizeof(pol->data5)))
+ if (!smb_io_uuid("uuid", (struct GUID*)&pol->uuid, ps, depth))
return False;
return True;
str->uni_str_len = strlen(buf) + 1;
- str->str.buffer = TALLOC_ZERO_ARRAY(get_talloc_ctx(), uint16, str->uni_str_len);
- if (str->str.buffer == NULL)
- smb_panic("init_unistr3: malloc fail\n");
+ if (str->uni_str_len) {
+ str->str.buffer = TALLOC_ZERO_ARRAY(talloc_tos(), uint16, str->uni_str_len);
+ if (str->str.buffer == NULL)
+ smb_panic("init_unistr3: malloc fail");
- rpcstr_push((char *)str->str.buffer, buf, str->uni_str_len * sizeof(uint16), STR_TERMINATE);
+ rpcstr_push((char *)str->str.buffer, buf, str->uni_str_len * sizeof(uint16), STR_TERMINATE);
+ } else {
+ str->str.buffer = NULL;
+ }
}
/*******************************************************************
if(!prs_uint32("uni_str_len", ps, depth, &name->uni_str_len))
return False;
+
+ /* we're done if there is no string */
+
+ if ( name->uni_str_len == 0 )
+ return True;
/* don't know if len is specified by uni_str_len member... */
/* assume unicode string is unicode-null-terminated, instead */
return True;
}
-
/*******************************************************************
Stream a uint64_struct
********************************************************************/
-BOOL prs_uint64(const char *name, prs_struct *ps, int depth, UINT64_S *data64)
+BOOL prs_uint64(const char *name, prs_struct *ps, int depth, uint64 *data64)
{
- return prs_uint32(name, ps, depth+1, &data64->low) &&
- prs_uint32(name, ps, depth+1, &data64->high);
+ if (UNMARSHALLING(ps)) {
+ uint32 high, low;
+
+ if (!prs_uint32(name, ps, depth+1, &low))
+ return False;
+
+ if (!prs_uint32(name, ps, depth+1, &high))
+ return False;
+
+ *data64 = ((uint64_t)high << 32) + low;
+
+ return True;
+ } else {
+ uint32 high = (*data64) >> 32, low = (*data64) & 0xFFFFFFFF;
+ return prs_uint32(name, ps, depth+1, &low) &&
+ prs_uint32(name, ps, depth+1, &high);
+ }
}
/*******************************************************************