git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
4447ae9
)
Fix bug #7617 - smbd coredump due to uninitialized variables in the performance count...
author
Jeremy Allison
<jra@samba.org>
Thu, 12 Aug 2010 21:24:01 +0000
(14:24 -0700)
committer
Karolin Seeger
<kseeger@samba.org>
Thu, 13 Jan 2011 16:58:50 +0000
(17:58 +0100)
In the file rpc_server.c, function _winreg_QueryValue()
uint8_t *outbuf
Should be :
uint8_t *outbuf = NULL;
As it is later freed by
if (free_buf) SAFE_FREE(outbuf);
in some cases, this frees the unintialized outbuf, which causes a coredump.
(cherry picked from commit
84fd910c347ddfad6f01edbe7f6e25546c8382ee
)
(cherry picked from commit
80e65236158d6f1690bf9f153c0eb12d81d56b8a
)
(cherry picked from commit
78d1a15920de4ef3f230511257ee2f334f89a642
)
source3/rpc_server/srv_winreg_nt.c
patch
|
blob
|
history
diff --git
a/source3/rpc_server/srv_winreg_nt.c
b/source3/rpc_server/srv_winreg_nt.c
index 3de9f0e623ad0757fb9e8ed1f9f35ffbae069fae..e4087d7526c4be8bf64cda80404f132fc857903d 100644
(file)
--- a/
source3/rpc_server/srv_winreg_nt.c
+++ b/
source3/rpc_server/srv_winreg_nt.c
@@
-210,8
+210,8
@@
WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r)
struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle );
prs_struct prs_hkpd;
struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle );
prs_struct prs_hkpd;
- uint8_t *outbuf;
- uint32_t outbuf_size;
+ uint8_t *outbuf
= NULL
;
+ uint32_t outbuf_size
= 0
;
DATA_BLOB val_blob;
bool free_buf = False;
DATA_BLOB val_blob;
bool free_buf = False;