diff options
author | Noel Power <noel.power@suse.com> | 2015-10-28 17:08:28 +0000 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2015-11-20 09:11:19 +0100 |
commit | e7e55390b8b5ab266b71eb74c8cef6a193c10f8f (patch) | |
tree | 50fa6a5d88c8ee7ba808239d94619eb1a7fda02f | |
parent | 6860eb791f8963c150b7b3342c3458ae222a9a19 (diff) | |
download | samba-e7e55390b8b5ab266b71eb74c8cef6a193c10f8f.tar.gz |
fix 'Invalid read of size 1' in reply_search
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 0f2f8a4f772ff22d00a9e87dafa97a431af8f6da)
-rw-r--r-- | source3/smbd/reply.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 20c793f275f..b6f999239e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1607,7 +1607,7 @@ void reply_search(struct smb_request *req) { connection_struct *conn = req->conn; char *path = NULL; - const char *mask = NULL; + char *mask = NULL; char *directory = NULL; struct smb_filename *smb_fname = NULL; char *fname = NULL; @@ -1688,11 +1688,11 @@ void reply_search(struct smb_request *req) p = strrchr_m(directory,'/'); if ((p != NULL) && (*directory != '/')) { - mask = p + 1; + mask = talloc_strdup(ctx, p + 1); directory = talloc_strndup(ctx, directory, PTR_DIFF(p, directory)); } else { - mask = directory; + mask = talloc_strdup(ctx, directory); directory = talloc_strdup(ctx,"."); } @@ -1741,7 +1741,7 @@ void reply_search(struct smb_request *req) goto out; } - mask = dptr_wcard(sconn, dptr_num); + mask = talloc_strdup(ctx, dptr_wcard(sconn, dptr_num)); if (!mask) { goto SearchEmpty; } @@ -1880,6 +1880,7 @@ void reply_search(struct smb_request *req) maxentries )); out: TALLOC_FREE(directory); + TALLOC_FREE(mask); TALLOC_FREE(smb_fname); END_PROFILE(SMBsearch); return; |