diff options
| author | Stefan Metzmacher <metze@samba.org> | 2010-08-09 11:14:52 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2011-01-13 17:58:51 +0100 |
| commit | 00c0580d30f487aacad89c909a54945c46cb36d3 (patch) | |
| tree | 85ccc9d5094e67f2ced4cd894a593fce67a603f6 | |
| parent | 6dc20e50d0bbd122e47b67bac74a9e6d4af60aea (diff) | |
| download | samba-00c0580d30f487aacad89c909a54945c46cb36d3.tar.gz | |
pidl: Samba3/ClientNDR - Correctly copy arrays, if r.out.size < r.in.size.
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
(similar to commit 33d1879d5b50e2d98c1bb13b835e7cfb178e3336)
(similar to commit d1e92cd2944983ecabd0511ff7c8221c1033a3a8)
Fixes bug #7607.
(cherry picked from commit d04e5c4d0ae4bb20497748771aa1467cc14f2265)
| -rw-r--r-- | pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm | 38 |
1 files changed, 32 insertions, 6 deletions
diff --git a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm index a45abdbc355..a5052e2e415 100644 --- a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm +++ b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm @@ -15,7 +15,7 @@ use strict; use Parse::Pidl qw(fatal warning error); use Parse::Pidl::Util qw(has_property ParseExpr); use Parse::Pidl::Samba4 qw(DeclLong); -use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv); +use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv); use vars qw($VERSION); $VERSION = '0.01'; @@ -95,12 +95,38 @@ sub ParseOutputArgument($$$) # Since the data is being copied into a user-provided data # structure, the user should be able to know the size beforehand # to allocate a structure of the right size. - my $env = GenerateFunctionInEnv($fn, "r."); - my $size_is = ParseExpr($e->{LEVELS}[$level]->{SIZE_IS}, $env, $e->{ORIGINAL}); - if (has_property($e, "charset")) { - $self->pidl("memcpy(discard_const_p(uint8_t *, $e->{NAME}), r.out.$e->{NAME}, ($size_is) * sizeof(*$e->{NAME}));"); + my $in_env = GenerateFunctionInEnv($fn, "r."); + my $out_env = GenerateFunctionOutEnv($fn, "r."); + my $l = $e->{LEVELS}[$level]; + unless (defined($l->{SIZE_IS})) { + $self->pidl('#error No size known for [out] array `$e->{NAME}'); + error($e->{ORIGINAL}, "no size known for [out] array `$e->{NAME}'"); } else { - $self->pidl("memcpy($e->{NAME}, r.out.$e->{NAME}, ($size_is) * sizeof(*$e->{NAME}));"); + my $in_size_is = ParseExpr($l->{SIZE_IS}, $in_env, $e->{ORIGINAL}); + my $out_size_is = ParseExpr($l->{SIZE_IS}, $out_env, $e->{ORIGINAL}); + my $out_length_is = $out_size_is; + if (defined($l->{LENGTH_IS})) { + $out_length_is = ParseExpr($l->{LENGTH_IS}, $out_env, $e->{ORIGINAL}); + } + if ($out_size_is ne $in_size_is) { + $self->pidl("if (($out_size_is) > ($in_size_is)) {"); + $self->indent; + $self->pidl("return NT_STATUS_INVALID_NETWORK_RESPONSE;"); + $self->deindent; + $self->pidl("}"); + } + if ($out_length_is ne $out_size_is) { + $self->pidl("if (($out_length_is) > ($out_size_is)) {"); + $self->indent; + $self->pidl("return NT_STATUS_INVALID_NETWORK_RESPONSE;"); + $self->deindent; + $self->pidl("}"); + } + if (has_property($e, "charset")) { + $self->pidl("memcpy(discard_const_p(uint8_t *, $e->{NAME}), r.out.$e->{NAME}, ($out_length_is) * sizeof(*$e->{NAME}));"); + } else { + $self->pidl("memcpy($e->{NAME}, r.out.$e->{NAME}, ($out_length_is) * sizeof(*$e->{NAME}));"); + } } } else { $self->pidl("*$e->{NAME} = *r.out.$e->{NAME};"); |