diff options
| author | Jeremy Allison <jra@samba.org> | 2011-03-14 16:12:31 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2011-03-14 16:12:31 -0700 |
| commit | e59a950c049679f0394ea41b463dbb9837eb5e63 (patch) | |
| tree | c03c1183b9d731ca33bb1f37347edd9f757314cc | |
| parent | 431853c84644c02e6bff1b325af5e94d3b1eacc6 (diff) | |
| download | samba-e59a950c049679f0394ea41b463dbb9837eb5e63.tar.gz | |
Fix bug #8005 - smbtorture4 BASE-TCONDEV fails when tested on Samba
When pulling non-aligned ucs2 strings, we neglected to add in the
pad byte to the buffer length we've eaten. This caused the device
string in TCONX (which seems to be one of the few places that uses
non-aligned ucs2 strings) to be incorrectly read.
Volker please check.
Jeremy.
| -rw-r--r-- | source3/lib/charcnv.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 6f1ced69d03..5b2149b9c11 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -1225,6 +1225,7 @@ bool push_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_len, size_t src_len, int flags) { size_t ret; + size_t ucs2_align_len = 0; if (dest_len == (size_t)-1) { /* No longer allow dest_len of -1. */ @@ -1242,6 +1243,7 @@ size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_ src = (const void *)((const char *)src + 1); if (src_len != (size_t)-1) src_len--; + ucs2_align_len = 1; } if (flags & STR_TERMINATE) { @@ -1277,7 +1279,7 @@ size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_ dest[0] = 0; } - return src_len; + return src_len + ucs2_align_len; } /** @@ -1303,6 +1305,7 @@ size_t pull_ucs2_base_talloc(TALLOC_CTX *ctx, { char *dest; size_t dest_len; + size_t ucs2_align_len = 0; *ppdest = NULL; @@ -1321,6 +1324,7 @@ size_t pull_ucs2_base_talloc(TALLOC_CTX *ctx, src = (const void *)((const char *)src + 1); if (src_len != (size_t)-1) src_len--; + ucs2_align_len = 1; } if (flags & STR_TERMINATE) { @@ -1386,7 +1390,7 @@ size_t pull_ucs2_base_talloc(TALLOC_CTX *ctx, } *ppdest = dest; - return src_len; + return src_len + ucs2_align_len; } size_t pull_ucs2_fstring(char *dest, const void *src) |