BUG 9574: Fix a possible null pointer dereference in spoolss.

If the the client enumerates the printers and didn't specify a
servername we have a null pointer dereference, so the process serving
the connection crashes.

Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jan 21 13:30:11 CET 2013 on sn-devel-104

diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index ef854b1c080488100e7f64d787db73ea3be18be6..9df0b8ab329c90c5c997609a933b2b301e253a54 100644 (file)
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -4466,7 +4466,8 @@ static WERROR enum_all_printers_info_1_network(TALLOC_CTX *mem_ctx,
           listed. Windows responds to this call with a
           WERR_CAN_NOT_COMPLETE so we should do the same. */
 
-       if (servername[0] == '\\' && servername[1] == '\\') {
+       if (servername != NULL &&
+           (servername[0] == '\\') && (servername[1] == '\\')) {
                 s = servername + 2;
        }