summaryrefslogtreecommitdiff
path: root/source/spoolssd/srv_spoolss_nt.c
diff options
context:
space:
mode:
Diffstat (limited to 'source/spoolssd/srv_spoolss_nt.c')
-rwxr-xr-xsource/spoolssd/srv_spoolss_nt.c428
1 files changed, 267 insertions, 161 deletions
diff --git a/source/spoolssd/srv_spoolss_nt.c b/source/spoolssd/srv_spoolss_nt.c
index e99c7307625..242412dc8b6 100755
--- a/source/spoolssd/srv_spoolss_nt.c
+++ b/source/spoolssd/srv_spoolss_nt.c
@@ -234,7 +234,9 @@ static BOOL open_printer_hnd(POLICY_HND *hnd)
{
Printer_entry *new_printer;
- new_printer=(Printer_entry *)malloc(sizeof(Printer_entry));
+ if((new_printer=(Printer_entry *)malloc(sizeof(Printer_entry))) == NULL)
+ return False;
+
ZERO_STRUCTP(new_printer);
new_printer->open = True;
@@ -312,8 +314,7 @@ static BOOL set_printer_hnd_printername(POLICY_HND *hnd, char *printername)
char *aprinter;
BOOL found=False;
- if (!OPEN_HANDLE(Printer))
- {
+ if (!OPEN_HANDLE(Printer)) {
DEBUG(0,("Error setting printer name=%s\n", printername));
return False;
}
@@ -351,6 +352,9 @@ static BOOL set_printer_hnd_printername(POLICY_HND *hnd, char *printername)
if (get_a_printer(&printer, 2, lp_servicename(snum))!=0)
continue;
+ DEBUG(10,("set_printer_hnd_printername: printername [%s], aprinter [%s]\n",
+ printer.info_2->printername, aprinter ));
+
if ( strlen(printer.info_2->printername) != strlen(aprinter) ) {
free_a_printer(printer, 2);
continue;
@@ -559,7 +563,8 @@ static BOOL convert_devicemode(DEVICEMODE devmode, NT_DEVICEMODE *nt_devmode)
/* if we had a previous private delete it and make a new one */
if (nt_devmode->private != NULL)
free(nt_devmode->private);
- nt_devmode->private=(uint8 *)malloc(nt_devmode->driverextra * sizeof(uint8));
+ if((nt_devmode->private=(uint8 *)malloc(nt_devmode->driverextra * sizeof(uint8))) == NULL)
+ return False;
memcpy(nt_devmode->private, devmode.private, nt_devmode->driverextra);
}
@@ -572,7 +577,7 @@ static BOOL convert_devicemode(DEVICEMODE devmode, NT_DEVICEMODE *nt_devmode)
uint32 _spoolss_closeprinter(POLICY_HND *handle)
{
if (!close_printer_handle(handle))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
return NT_STATUS_NO_PROBLEMO;
}
@@ -589,7 +594,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
if (!strcmp(value, "BeepEnabled"))
{
*type = 0x4;
- *data = (uint8 *)malloc( 4*sizeof(uint8) );
+ if((*data = (uint8 *)malloc( 4*sizeof(uint8) )) == NULL)
+ return False;
SIVAL(*data, 0, 0x01);
*needed = 0x4;
return True;
@@ -598,7 +604,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
if (!strcmp(value, "EventLog"))
{
*type = 0x4;
- *data = (uint8 *)malloc( 4*sizeof(uint8) );
+ if((*data = (uint8 *)malloc( 4*sizeof(uint8) )) == NULL)
+ return False;
SIVAL(*data, 0, 0x1B);
*needed = 0x4;
return True;
@@ -607,7 +614,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
if (!strcmp(value, "NetPopup"))
{
*type = 0x4;
- *data = (uint8 *)malloc( 4*sizeof(uint8) );
+ if((*data = (uint8 *)malloc( 4*sizeof(uint8) )) == NULL)
+ return False;
SIVAL(*data, 0, 0x01);
*needed = 0x4;
return True;
@@ -616,7 +624,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
if (!strcmp(value, "MajorVersion"))
{
*type = 0x4;
- *data = (uint8 *)malloc( 4*sizeof(uint8) );
+ if((*data = (uint8 *)malloc( 4*sizeof(uint8) )) == NULL)
+ return False;
SIVAL(*data, 0, 0x02);
*needed = 0x4;
return True;
@@ -627,7 +636,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
pstring string="You are using a Samba server";
*type = 0x1;
*needed = 2*(strlen(string)+1);
- *data = (uint8 *)malloc( ((*needed > in_size) ? *needed:in_size) *sizeof(uint8));
+ if((*data = (uint8 *)malloc( ((*needed > in_size) ? *needed:in_size) *sizeof(uint8))) == NULL)
+ return False;
memset(*data, 0, (*needed > in_size) ? *needed:in_size);
/* it's done by hand ready to go on the wire */
@@ -644,7 +654,8 @@ static BOOL getprinterdata_printer_server(fstring value, uint32 *type, uint8 **d
pstring string="Windows NT x86";
*type = 0x1;
*needed = 2*(strlen(string)+1);
- *data = (uint8 *)malloc( ((*needed > in_size) ? *needed:in_size) *sizeof(uint8));
+ if((*data = (uint8 *)malloc( ((*needed > in_size) ? *needed:in_size) *sizeof(uint8))) == NULL)
+ return False;
memset(*data, 0, (*needed > in_size) ? *needed:in_size);
for (i=0; i<strlen(string); i++)
{
@@ -675,8 +686,11 @@ static BOOL getprinterdata_printer(const POLICY_HND *handle,
if (!OPEN_HANDLE(Printer))
return False;
- get_printer_snum(handle, &snum);
- get_a_printer(&printer, 2, lp_servicename(snum));
+ if(!get_printer_snum(handle, &snum))
+ return False;
+
+ if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0)
+ return False;
if (!get_specific_param(printer, 2, value, &idata, type, &len)) {
free_a_printer(printer, 2);
@@ -685,7 +699,11 @@ static BOOL getprinterdata_printer(const POLICY_HND *handle,
DEBUG(5,("getprinterdata_printer:allocating %d\n", in_size));
- *data = (uint8 *)malloc( in_size *sizeof(uint8) );
+ if((*data = (uint8 *)malloc( in_size *sizeof(uint8) )) == NULL) {
+ free_a_printer(printer, 2);
+ return False;
+ }
+
memset(*data, 0, in_size *sizeof(uint8));
/* copy the min(in_size, len) */
memcpy(*data, idata, (len>in_size)?in_size:len *sizeof(uint8));
@@ -730,8 +748,9 @@ uint32 _spoolss_getprinterdata(const POLICY_HND *handle, UNISTR2 *valuename,
DEBUG(4,("_spoolss_getprinterdata\n"));
if (!OPEN_HANDLE(Printer)) {
- *data=(uint8 *)malloc(4*sizeof(uint8));
- return NT_STATUS_INVALID_HANDLE;
+ if((*data=(uint8 *)malloc(4*sizeof(uint8))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+ return ERROR_INVALID_HANDLE;
}
unistr2_to_ascii(value, valuename, sizeof(value)-1);
@@ -744,7 +763,8 @@ uint32 _spoolss_getprinterdata(const POLICY_HND *handle, UNISTR2 *valuename,
if (found==False) {
DEBUG(5, ("value not found, allocating %d\n", *out_size));
/* reply this param doesn't exist */
- *data=(uint8 *)malloc(*out_size*sizeof(uint8));
+ if((*data=(uint8 *)malloc(*out_size*sizeof(uint8))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
memset(*data, 0x0, *out_size*sizeof(uint8));
return ERROR_INVALID_PARAMETER;
}
@@ -775,7 +795,7 @@ uint32 _spoolss_rffpcnex(const POLICY_HND *handle, uint32 flags, uint32 options,
Printer_entry *Printer=find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
Printer->notify.flags=flags;
Printer->notify.options=options;
@@ -997,7 +1017,7 @@ static void spoolss_notify_status(int snum, SPOOL_NOTIFY_INFO_DATA *data, print_
print_status_struct status;
memset(&status, 0, sizeof(status));
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &q, &status);
+ count=get_printqueue(snum, NULL, &q, &status);
data->notify_data.value[0]=(uint32) status.status;
safe_free(q);
}
@@ -1011,7 +1031,7 @@ static void spoolss_notify_cjobs(int snum, SPOOL_NOTIFY_INFO_DATA *data, print_q
print_status_struct status;
memset(&status, 0, sizeof(status));
- data->notify_data.value[0]=get_printqueue(snum, NULL, UID_FIELD_INVALID, &q, &status);
+ data->notify_data.value[0]=get_printqueue(snum, NULL, &q, &status);
safe_free(q);
}
@@ -1258,7 +1278,10 @@ static BOOL construct_notify_printer_info(SPOOL_NOTIFY_INFO *info, int snum, SPO
if (!search_notify(type, field, &j) )
continue;
- info->data=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA));
+ if((info->data=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
+ free_a_printer(printer, 2);
+ return False;
+ }
current_data=&(info->data[info->count]);
construct_info_data(current_data, type, field, id);
@@ -1305,7 +1328,11 @@ static BOOL construct_notify_jobs_info(print_queue_struct *queue, SPOOL_NOTIFY_I
if (!search_notify(type, field, &j) )
continue;
- info->data=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA));
+ if((info->data=Realloc(info->data, (info->count+1)*sizeof(SPOOL_NOTIFY_INFO_DATA))) == NULL) {
+ free_a_printer(printer, 2);
+ return False;
+ }
+
current_data=&(info->data[info->count]);
construct_info_data(current_data, type, field, id);
@@ -1419,7 +1446,7 @@ static uint32 printer_notify_info(const POLICY_HND *hnd, SPOOL_NOTIFY_INFO *info
DEBUG(4,("printer_notify_info\n"));
option=Printer->notify.option;
- id=1;
+ id=0xffffffff;
info->version=2;
info->data=NULL;
info->count=0;
@@ -1433,15 +1460,14 @@ static uint32 printer_notify_info(const POLICY_HND *hnd, SPOOL_NOTIFY_INFO *info
switch ( option_type->type ) {
case PRINTER_NOTIFY_TYPE:
if(construct_notify_printer_info(info, snum, option_type, id))
- id++;
+ id--;
break;
case JOB_NOTIFY_TYPE:
memset(&status, 0, sizeof(status));
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &status);
+ count=get_printqueue(snum, NULL, &queue, &status);
for (j=0; j<count; j++)
- if (construct_notify_jobs_info(&(queue[j]), info, snum, option_type, id))
- id++;
+ construct_notify_jobs_info(&(queue[j]), info, snum, option_type, queue[j].job);
safe_free(queue);
break;
}
@@ -1474,7 +1500,7 @@ uint32 _spoolss_rfnpcnex( const POLICY_HND *handle, uint32 change,
Printer_entry *Printer=find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
DEBUG(4,("Printer type %x\n",Printer->printer_type));
@@ -1504,7 +1530,7 @@ uint32 _spoolss_rfnpcnex( const POLICY_HND *handle, uint32 change,
break;
}
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_HANDLE;
}
/********************************************************************
@@ -1528,7 +1554,7 @@ static BOOL construct_printer_info_0(PRINTER_INFO_0 *printer,int snum, pstring s
if (get_a_printer(&ntprinter, 2, lp_servicename(snum)) != 0)
return False;
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &status);
+ count=get_printqueue(snum, NULL, &queue, &status);
/* check if we already have a counter for this printer */
session_counter = (counter_printer_0 *)ubi_dlFirst(&counter_list);
@@ -1540,7 +1566,8 @@ static BOOL construct_printer_info_0(PRINTER_INFO_0 *printer,int snum, pstring s
/* it's the first time, add it to the list */
if (session_counter==NULL) {
- session_counter=(counter_printer_0 *)malloc(sizeof(counter_printer_0));
+ if((session_counter=(counter_printer_0 *)malloc(sizeof(counter_printer_0))) == NULL)
+ return False;
ZERO_STRUCTP(session_counter);
session_counter->snum=snum;
session_counter->counter=0;
@@ -1585,7 +1612,7 @@ static BOOL construct_printer_info_0(PRINTER_INFO_0 *printer,int snum, pstring s
printer->build_version = 0x0565; /* build 1381 */
printer->unknown7 = 0x1;
printer->unknown8 = 0x0;
- printer->unknown9 = 0x2;
+ printer->unknown9 = 0x0;
printer->session_counter = session_counter->counter;
printer->unknown11 = 0x0;
printer->printer_errors = 0x0; /* number of print failure */
@@ -1644,7 +1671,7 @@ static BOOL construct_printer_info_1(fstring server, uint32 flags, PRINTER_INFO_
/****************************************************************************
****************************************************************************/
-static void construct_dev_mode(DEVICEMODE *devmode, int snum, char *servername)
+static BOOL construct_dev_mode(DEVICEMODE *devmode, int snum, char *servername)
{
char adevice[32];
char aform[32];
@@ -1695,11 +1722,16 @@ static void construct_dev_mode(DEVICEMODE *devmode, int snum, char *servername)
if (ntdevmode->private != NULL)
{
- devmode->private=(uint8 *)malloc(devmode->driverextra*sizeof(uint8));
+ if((devmode->private=(uint8 *)malloc(devmode->driverextra*sizeof(uint8))) == NULL) {
+ free_a_printer(printer, 2);
+ return False;
+ }
memcpy(devmode->private, ntdevmode->private, devmode->driverextra);
}
free_a_printer(printer, 2);
+
+ return True;
}
/********************************************************************
@@ -1722,8 +1754,8 @@ static BOOL construct_printer_info_2(pstring servername, PRINTER_INFO_2 *printer
if (get_a_printer(&ntprinter, 2, lp_servicename(snum)) !=0 )
return False;
- ZERO_STRUCT(status);
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &status);
+ memset(&status, 0, sizeof(status));
+ count=get_printqueue(snum, NULL, &queue, &status);
snprintf(chaine, sizeof(chaine)-1, "%s", servername);
@@ -1758,14 +1790,25 @@ static BOOL construct_printer_info_2(pstring servername, PRINTER_INFO_2 *printer
printer->cjobs = count; /* jobs */
printer->averageppm = ntprinter.info_2->averageppm; /* average pages per minute */
- devmode=(DEVICEMODE *)malloc(sizeof(DEVICEMODE));
+ if((devmode=(DEVICEMODE *)malloc(sizeof(DEVICEMODE))) == NULL)
+ goto err;
+
ZERO_STRUCTP(devmode);
- construct_dev_mode(devmode, snum, servername);
+
+ if(!construct_dev_mode(devmode, snum, servername))
+ goto err;
+
printer->devmode=devmode;
safe_free(queue);
free_a_printer(ntprinter, 2);
return True;
+
+ err:
+
+ safe_free(queue);
+ free_a_printer(ntprinter, 2);
+ return False;
}
/********************************************************************
@@ -1786,7 +1829,10 @@ static BOOL enum_all_printers_info_1(fstring server, uint32 flags, NEW_BUFFER *b
DEBUG(4,("Found a printer in smb.conf: %s[%x]\n", lp_servicename(snum), snum));
if (construct_printer_info_1(server, flags, &current_prt, snum)) {
- printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_1));
+ if((printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_1))) == NULL) {
+ *returned=0;
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
DEBUG(4,("ReAlloced memory for [%d] PRINTER_INFO_1\n", *returned));
memcpy(&(printers[*returned]), &current_prt, sizeof(PRINTER_INFO_1));
(*returned)++;
@@ -1873,7 +1919,8 @@ static BOOL enum_all_printers_info_1_remote(fstring name, NEW_BUFFER *buffer, ui
* We should have a TDB here. The registration is done thru an undocumented RPC call.
*/
- printer=(PRINTER_INFO_1 *)malloc(sizeof(PRINTER_INFO_1));
+ if((printer=(PRINTER_INFO_1 *)malloc(sizeof(PRINTER_INFO_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
*returned=1;
@@ -1940,7 +1987,8 @@ static BOOL enum_all_printers_info_2(fstring servername, NEW_BUFFER *buffer, uin
DEBUG(4,("Found a printer in smb.conf: %s[%x]\n", lp_servicename(snum), snum));
if (construct_printer_info_2(servername, &current_prt, snum)) {
- printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_2));
+ if((printers=Realloc(printers, (*returned +1)*sizeof(PRINTER_INFO_2))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
DEBUG(4,("ReAlloced memory for [%d] PRINTER_INFO_2\n", *returned));
memcpy(&(printers[*returned]), &current_prt, sizeof(PRINTER_INFO_2));
(*returned)++;
@@ -2092,7 +2140,7 @@ uint32 _spoolss_enumprinters( uint32 flags, const UNISTR2 *servername, uint32 le
case 3:
case 4:
default:
- return NT_STATUS_INVALID_LEVEL;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -2103,7 +2151,9 @@ static uint32 getprinter_level_0(pstring servername, int snum, NEW_BUFFER *buffe
{
PRINTER_INFO_0 *printer=NULL;
- printer=(PRINTER_INFO_0*)malloc(sizeof(PRINTER_INFO_0));
+ if((printer=(PRINTER_INFO_0*)malloc(sizeof(PRINTER_INFO_0))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
construct_printer_info_0(printer, snum, servername);
/* check the required size. */
@@ -2133,7 +2183,9 @@ static uint32 getprinter_level_1(pstring servername, int snum, NEW_BUFFER *buffe
{
PRINTER_INFO_1 *printer=NULL;
- printer=(PRINTER_INFO_1*)malloc(sizeof(PRINTER_INFO_1));
+ if((printer=(PRINTER_INFO_1*)malloc(sizeof(PRINTER_INFO_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
construct_printer_info_1(servername, PRINTER_ENUM_ICON8, printer, snum);
/* check the required size. */
@@ -2164,7 +2216,8 @@ static uint32 getprinter_level_2(pstring servername, int snum, NEW_BUFFER *buffe
PRINTER_INFO_2 *printer=NULL;
fstring temp;
- printer=(PRINTER_INFO_2*)malloc(sizeof(PRINTER_INFO_2));
+ if((printer=(PRINTER_INFO_2*)malloc(sizeof(PRINTER_INFO_2)))==NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
fstrcpy(temp, "\\\\");
fstrcat(temp, servername);
@@ -2206,7 +2259,7 @@ uint32 _spoolss_getprinter(POLICY_HND *handle, uint32 level,
pstrcpy(servername, global_myname);
if (!get_printer_snum(handle, &snum))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
switch (level) {
case 0:
@@ -2322,7 +2375,10 @@ static void init_unistr_array(uint16 **uni_array, char **char_array, char *where
for (v=char_array[i]; *v!='\0'; v=char_array[i]) {
snprintf(line, sizeof(line)-1, "%s%s", where, v);
DEBUGADD(6,("%d:%s:%d\n", i, line, strlen(line)));
- *uni_array=Realloc(*uni_array, (j+strlen(line)+2)*sizeof(uint16));
+ if((*uni_array=Realloc(*uni_array, (j+strlen(line)+2)*sizeof(uint16))) == NULL) {
+ DEBUG(0,("init_unistr_array: Realloc error\n" ));
+ return;
+ }
ascii_to_unistr( *uni_array+j, line , strlen(line));
j+=strlen(line)+1;
i++;
@@ -2401,7 +2457,8 @@ static uint32 getprinterdriver2_level1(pstring servername, pstring architecture,
{
DRIVER_INFO_1 *info=NULL;
- info=(DRIVER_INFO_1 *)malloc(sizeof(DRIVER_INFO_1));
+ if((info=(DRIVER_INFO_1 *)malloc(sizeof(DRIVER_INFO_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
construct_printer_driver_info_1(info, snum, servername, architecture);
@@ -2431,7 +2488,8 @@ static uint32 getprinterdriver2_level2(pstring servername, pstring architecture,
{
DRIVER_INFO_2 *info=NULL;
- info=(DRIVER_INFO_2 *)malloc(sizeof(DRIVER_INFO_2));
+ if((info=(DRIVER_INFO_2 *)malloc(sizeof(DRIVER_INFO_2))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
construct_printer_driver_info_2(info, snum, servername, architecture);
@@ -2461,7 +2519,8 @@ static uint32 getprinterdriver2_level3(pstring servername, pstring architecture,
{
DRIVER_INFO_3 *info=NULL;
- info=(DRIVER_INFO_3 *)malloc(sizeof(DRIVER_INFO_3));
+ if((info=(DRIVER_INFO_3 *)malloc(sizeof(DRIVER_INFO_3)))==NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
construct_printer_driver_info_3(info, snum, servername, architecture);
@@ -2507,7 +2566,7 @@ uint32 _spoolss_getprinterdriver2(const POLICY_HND *handle, const UNISTR2 *uni_a
unistr2_to_ascii(architecture, uni_arch, sizeof(architecture)-1);
if (!get_printer_snum(handle, &snum))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
switch (level) {
case 1:
@@ -2520,7 +2579,7 @@ uint32 _spoolss_getprinterdriver2(const POLICY_HND *handle, const UNISTR2 *uni_a
return getprinterdriver2_level3(servername, architecture, snum, buffer, offered, needed);
break;
default:
- return NT_STATUS_INVALID_LEVEL;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -2538,7 +2597,7 @@ uint32 _spoolss_startpageprinter(const POLICY_HND *handle)
}
DEBUG(3,("Error in startpageprinter printer handle\n"));
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
/****************************************************************************
@@ -2550,7 +2609,7 @@ uint32 _spoolss_endpageprinter(const POLICY_HND *handle)
if (!OPEN_HANDLE(Printer))
{
DEBUG(3,("Error in endpageprinter printer handle\n"));
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
Printer->page_started=False;
@@ -2578,7 +2637,7 @@ uint32 _spoolss_startdocprinter( const POLICY_HND *handle, uint32 level,
if (!OPEN_HANDLE(Printer))
{
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
/*
@@ -2606,7 +2665,7 @@ uint32 _spoolss_startdocprinter( const POLICY_HND *handle, uint32 level,
/* get the share number of the printer */
if (!get_printer_snum(handle, &snum))
{
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
/* Create a temporary file in the printer spool directory
@@ -2651,7 +2710,7 @@ uint32 _spoolss_enddocprinter(const POLICY_HND *handle)
if (!OPEN_HANDLE(Printer))
{
DEBUG(3,("Error in enddocprinter handle\n"));
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
Printer->document_started=False;
@@ -2663,7 +2722,7 @@ uint32 _spoolss_enddocprinter(const POLICY_HND *handle)
if (!get_printer_snum(handle,&snum))
{
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
/* copy the command into the buffer for extensive meddling. */
@@ -2689,8 +2748,7 @@ uint32 _spoolss_enddocprinter(const POLICY_HND *handle)
*/
tstr = lp_printername(snum);
- if (tstr == NULL || tstr[0] == '\0')
- {
+ if (tstr == NULL || tstr[0] == '\0') {
DEBUG(3,( "No printer name - using %s.\n", SERVICE(snum)));
tstr = SERVICE(snum);
}
@@ -2700,21 +2758,18 @@ uint32 _spoolss_enddocprinter(const POLICY_HND *handle)
/* If the lpr command support the 'Job' option replace here */
pstring_sub(syscmd, "%j", job_name);
- if ( *syscmd != '\0')
- {
+ if ( *syscmd != '\0') {
int ret = smbrun(syscmd, NULL, False);
DEBUG(3,("Running the command `%s' gave %d\n", syscmd, ret));
- if (ret < 0)
- {
+ if (ret < 0) {
lpq_reset(snum);
- return NT_STATUS_ACCESS_DENIED;
+ return ERROR_ACCESS_DENIED;
}
}
- else
- {
+ else {
DEBUG(0,("Null print command?\n"));
lpq_reset(snum);
- return NT_STATUS_ACCESS_DENIED;
+ return ERROR_ACCESS_DENIED;
}
lpq_reset(snum);
@@ -2735,7 +2790,7 @@ uint32 _spoolss_writeprinter( const POLICY_HND *handle,
if (!OPEN_HANDLE(Printer))
{
DEBUG(3,("Error in writeprinter handle\n"));
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
fd = Printer->document_fd;
@@ -2756,21 +2811,21 @@ static uint32 control_printer(const POLICY_HND *handle, uint32 command)
Printer_entry *Printer = find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
if (!get_printer_snum(handle, &snum) )
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
switch (command) {
case PRINTER_CONTROL_PAUSE:
/* pause the printer here */
- status_printqueue(NULL, UID_FIELD_INVALID, snum, LPSTAT_STOPPED);
+ status_printqueue(NULL, snum, LPSTAT_STOPPED);
return 0x0;
break;
case PRINTER_CONTROL_RESUME:
case PRINTER_CONTROL_UNPAUSE:
/* UN-pause the printer here */
- status_printqueue(NULL, UID_FIELD_INVALID, snum, LPSTAT_OK);
+ status_printqueue(NULL, snum, LPSTAT_OK);
return 0x0;
break;
case PRINTER_CONTROL_PURGE:
@@ -2785,7 +2840,7 @@ static uint32 control_printer(const POLICY_HND *handle, uint32 command)
break;
}
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_FUNCTION;
}
/********************************************************************
@@ -2808,14 +2863,14 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level,
if (level!=2) {
DEBUG(0,("Send a mail to jfm@samba.org\n"));
DEBUGADD(0,("with the following message: update_printer: level!=2\n"));
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
}
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
if (!get_printer_snum(handle, &snum) )
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
get_a_printer(&printer, 2, lp_servicename(snum));
@@ -2848,7 +2903,7 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level,
free_a_printer(printer, 2);
/* I don't really know what to return here !!! */
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_ACCESS_DENIED;
}
free_a_printer(printer, 2);
@@ -2866,7 +2921,7 @@ uint32 _spoolss_setprinter(const POLICY_HND *handle, uint32 level,
Printer_entry *Printer = find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
/* check the level */
switch (level) {
@@ -2889,7 +2944,7 @@ uint32 _spoolss_fcpn(const POLICY_HND *handle)
Printer_entry *Printer= find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
Printer->notify.flags=0;
Printer->notify.options=0;
@@ -2952,9 +3007,7 @@ static BOOL fill_job_info_2(JOB_INFO_2 *job_info, print_queue_struct *queue,
time_t unixdate = time(NULL);
if (get_a_printer(&ntprinter, 2, lp_servicename(snum)) !=0 )
- {
- return (False);
- }
+ return False;
t=gmtime(&unixdate);
snprintf(temp_name, sizeof(temp_name), "\\\\%s", global_myname);
@@ -2986,9 +3039,16 @@ static BOOL fill_job_info_2(JOB_INFO_2 *job_info, print_queue_struct *queue,
job_info->timeelapsed=0;
job_info->pagesprinted=0;
- devmode=(DEVICEMODE *)malloc(sizeof(DEVICEMODE));
+ if((devmode=(DEVICEMODE *)malloc(sizeof(DEVICEMODE))) == NULL) {
+ free_a_printer(ntprinter, 2);
+ return False;
+ }
+
ZERO_STRUCTP(devmode);
- construct_dev_mode(devmode, snum, global_myname);
+ if(!construct_dev_mode(devmode, snum, global_myname)) {
+ free_a_printer(ntprinter, 2);
+ return False;
+ }
job_info->devmode=devmode;
free_a_printer(ntprinter, 2);
@@ -3006,25 +3066,31 @@ static uint32 enumjobs_level1(print_queue_struct *queue, int snum,
int i;
info=(JOB_INFO_1 *)malloc(*returned*sizeof(JOB_INFO_1));
+ if (info==NULL) {
+ safe_free(queue);
+ *returned=0;
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
for (i=0; i<*returned; i++)
- {
fill_job_info_1(&(info[i]), &(queue[i]), i, snum);
- }
+
+ safe_free(queue);
/* check the required size. */
for (i=0; i<*returned; i++)
(*needed) += spoolss_size_job_info_1(&(info[i]));
- if (!alloc_buffer_size(buffer, *needed))
+ if (!alloc_buffer_size(buffer, *needed)) {
+ safe_free(info);
return ERROR_INSUFFICIENT_BUFFER;
+ }
/* fill the buffer with the structures */
for (i=0; i<*returned; i++)
new_smb_io_job_info_1("", buffer, &(info[i]), 0);
/* clear memory */
- safe_free(queue);
safe_free(info);
if (*needed > offered) {
@@ -3046,25 +3112,31 @@ static uint32 enumjobs_level2(print_queue_struct *queue, int snum,
int i;
info=(JOB_INFO_2 *)malloc(*returned*sizeof(JOB_INFO_2));
+ if (info==NULL) {
+ safe_free(queue);
+ *returned=0;
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
for (i=0; i<*returned; i++)
- {
fill_job_info_2(&(info[i]), &(queue[i]), i, snum);
- }
+
+ safe_free(queue);
/* check the required size. */
for (i=0; i<*returned; i++)
(*needed) += spoolss_size_job_info_2(&(info[i]));
- if (!alloc_buffer_size(buffer, *needed))
+ if (!alloc_buffer_size(buffer, *needed)) {
+ safe_free(info);
return ERROR_INSUFFICIENT_BUFFER;
+ }
/* fill the buffer with the structures */
for (i=0; i<*returned; i++)
new_smb_io_job_info_2("", buffer, &(info[i]), 0);
/* clear memory */
- safe_free(queue);
safe_free(info);
if (*needed > offered) {
@@ -3094,11 +3166,9 @@ uint32 _spoolss_enumjobs( POLICY_HND *handle, uint32 firstjob, uint32 numofjobs,
*returned=0;
if (!get_printer_snum(handle, &snum))
- {
- return NT_STATUS_INVALID_HANDLE;
- }
+ return ERROR_INVALID_HANDLE;
- *returned = get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &prt_status);
+ *returned = get_printqueue(snum, NULL, &queue, &prt_status);
DEBUGADD(4,("count:[%d], status:[%d], [%s]\n", *returned, prt_status.status, prt_status.message));
switch (level) {
@@ -3109,7 +3179,9 @@ uint32 _spoolss_enumjobs( POLICY_HND *handle, uint32 firstjob, uint32 numofjobs,
return enumjobs_level2(queue, snum, buffer, offered, needed, returned);
break;
default:
- return NT_STATUS_INVALID_LEVEL;
+ safe_free(queue);
+ *returned=0;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -3141,49 +3213,47 @@ uint32 _spoolss_setjob( const POLICY_HND *handle,
memset(&prt_status, 0, sizeof(prt_status));
- if (!get_printer_snum(handle, &snum))
- {
- return NT_STATUS_INVALID_HANDLE;
+ if (!get_printer_snum(handle, &snum)) {
+ return ERROR_INVALID_HANDLE;
}
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &prt_status);
+ count=get_printqueue(snum, NULL, &queue, &prt_status);
- while ( (i<count) && found==False )
- {
+ while ( (i<count) && found==False ) {
if ( jobid == queue[i].job )
- {
found=True;
- }
i++;
}
- if (found==True)
- {
- switch (command)
- {
+ if (found==True) {
+ switch (command) {
+
case JOB_CONTROL_CANCEL:
case JOB_CONTROL_DELETE:
{
- del_printqueue(NULL, UID_FIELD_INVALID, snum, jobid);
+ del_printqueue(NULL, snum, jobid);
safe_free(queue);
return 0x0;
}
case JOB_CONTROL_PAUSE:
{
- status_printjob(NULL, UID_FIELD_INVALID, snum, jobid, LPQ_PAUSED);
+ status_printjob(NULL, snum, jobid, LPQ_PAUSED);
safe_free(queue);
return 0x0;
}
case JOB_CONTROL_RESUME:
{
- status_printjob(NULL, UID_FIELD_INVALID, snum, jobid, LPQ_QUEUED);
+ status_printjob(NULL, snum, jobid, LPQ_QUEUED);
safe_free(queue);
return 0x0;
}
}
}
safe_free(queue);
- return NT_STATUS_INVALID_INFO_CLASS;
+
+ /* I really don't know what to return ! */
+ /* need to add code in rpcclient */
+ return ERROR_INVALID_PRINTER_NAME;
}
@@ -3195,7 +3265,9 @@ static uint32 enumprinterdrivers_level1(fstring *list, fstring servername, fstri
int i;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_1 *driver_info_1=NULL;
- driver_info_1=(DRIVER_INFO_1 *)malloc(*returned * sizeof(DRIVER_INFO_1));
+
+ if((driver_info_1=(DRIVER_INFO_1 *)malloc(*returned * sizeof(DRIVER_INFO_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
for (i=0; i<*returned; i++) {
get_a_printer_driver(&driver, 3, list[i], architecture);
@@ -3240,7 +3312,9 @@ static uint32 enumprinterdrivers_level2(fstring *list, fstring servername, fstri
int i;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_2 *driver_info_2=NULL;
- driver_info_2=(DRIVER_INFO_2 *)malloc(*returned * sizeof(DRIVER_INFO_2));
+
+ if((driver_info_2=(DRIVER_INFO_2 *)malloc(*returned * sizeof(DRIVER_INFO_2))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
for (i=0; i<*returned; i++) {
get_a_printer_driver(&driver, 3, list[i], architecture);
@@ -3285,7 +3359,9 @@ static uint32 enumprinterdrivers_level3(fstring *list, fstring servername, fstri
int i;
NT_PRINTER_DRIVER_INFO_LEVEL driver;
DRIVER_INFO_3 *driver_info_3=NULL;
- driver_info_3=(DRIVER_INFO_3 *)malloc((*returned)*sizeof(DRIVER_INFO_3));
+
+ if((driver_info_3=(DRIVER_INFO_3 *)malloc((*returned)*sizeof(DRIVER_INFO_3))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
for (i=0; i<*returned; i++) {
get_a_printer_driver(&driver, 3, list[i], architecture);
@@ -3346,6 +3422,9 @@ uint32 _spoolss_enumprinterdrivers( UNISTR2 *name, UNISTR2 *environment, uint32
*returned=get_ntdrivers(&list, architecture);
DEBUGADD(4,("we have: [%d] drivers in environment [%s]\n", *returned, architecture));
+ if(*returned == -1)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
for (i=0; i<*returned; i++)
DEBUGADD(5,("driver: [%s]\n", list[i]));
@@ -3399,7 +3478,10 @@ uint32 _new_spoolss_enumforms( const POLICY_HND *handle, uint32 level,
switch (level) {
case 1:
- forms_1=(FORM_1 *)malloc(*numofforms * sizeof(FORM_1));
+ if((forms_1=(FORM_1 *)malloc(*numofforms * sizeof(FORM_1))) == NULL) {
+ *numofforms=0;
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
/* construct the list of form structures */
for (i=0; i<*numofforms; i++) {
@@ -3478,7 +3560,8 @@ static uint32 enumports_level_1(NEW_BUFFER *buffer, uint32 offered, uint32 *need
if ( lp_browseable(snum) && lp_snum_ok(snum) && lp_print_ok(snum) )
(*returned)++;
- ports=(PORT_INFO_1 *)malloc( (*returned+1) * sizeof(PORT_INFO_1) );
+ if((ports=(PORT_INFO_1 *)malloc( (*returned+1) * sizeof(PORT_INFO_1) )) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
for (snum=0; snum<n_services; snum++) {
if ( lp_browseable(snum) && lp_snum_ok(snum) && lp_print_ok(snum) ) {
@@ -3531,7 +3614,8 @@ static uint32 enumports_level_2(NEW_BUFFER *buffer, uint32 offered, uint32 *need
if ( lp_browseable(snum) && lp_snum_ok(snum) && lp_print_ok(snum) )
(*returned)++;
- ports=(PORT_INFO_2 *)malloc( (*returned+1) * sizeof(PORT_INFO_2) );
+ if((ports=(PORT_INFO_2 *)malloc( (*returned+1) * sizeof(PORT_INFO_2) )) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
for (snum=0; snum<n_services; snum++) {
if ( lp_browseable(snum) && lp_snum_ok(snum) && lp_print_ok(snum) ) {
@@ -3588,7 +3672,7 @@ uint32 _spoolss_enumports( UNISTR2 *name, uint32 level,
return enumports_level_2(buffer, offered, needed, returned);
break;
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -3651,6 +3735,7 @@ uint32 _spoolss_addprinterex( const UNISTR2 *uni_srv_name, uint32 level,
case 1:
/* we don't handle yet */
/* but I know what to do ... */
+ return ERROR_INVALID_LEVEL;
break;
case 2:
return spoolss_addprinterex_level_2(uni_srv_name, info,
@@ -3675,7 +3760,7 @@ uint32 _spoolss_addprinterdriver( const UNISTR2 *server_name,
convert_printer_driver_info(info, &driver, level);
if (add_a_printer_driver(driver, level)!=0)
- return NT_STATUS_ACCESS_DENIED;
+ return ERROR_ACCESS_DENIED;
return NT_STATUS_NO_PROBLEMO;
}
@@ -3696,7 +3781,8 @@ static uint32 getprinterdriverdir_level_1(UNISTR2 *name, UNISTR2 *uni_environmen
pstring short_archi;
DRIVER_DIRECTORY_1 *info=NULL;
- info=(DRIVER_DIRECTORY_1 *)malloc(sizeof(DRIVER_DIRECTORY_1));
+ if((info=(DRIVER_DIRECTORY_1 *)malloc(sizeof(DRIVER_DIRECTORY_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
unistr2_to_ascii(long_archi, uni_environment, sizeof(long_archi)-1);
get_short_archi(short_archi, long_archi);
@@ -3780,13 +3866,13 @@ uint32 _spoolss_enumprinterdata(const POLICY_HND *handle, uint32 idx,
DEBUG(5,("spoolss_enumprinterdata\n"));
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
if (!get_printer_snum(handle, &snum))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
if (get_a_printer(&printer, 2, lp_servicename(snum)) != 0x0)
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
/*
* The NT machine wants to know the biggest size of value and data
@@ -3827,6 +3913,7 @@ uint32 _spoolss_enumprinterdata(const POLICY_HND *handle, uint32 idx,
if (!get_specific_param_by_index(printer, 2, idx, value, &data, &type, &data_len)) {
free_a_printer(printer, 2);
+ safe_free(data);
return ERROR_NO_MORE_ITEMS;
}
@@ -3840,7 +3927,11 @@ uint32 _spoolss_enumprinterdata(const POLICY_HND *handle, uint32 idx,
*/
*out_max_value_len=in_value_len/2;
- *out_value=(uint16 *)malloc(in_value_len*sizeof(uint8));
+ if((*out_value=(uint16 *)malloc(in_value_len*sizeof(uint8))) == NULL) {
+ free_a_printer(printer, 2);
+ safe_free(data);
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
ascii_to_unistr(*out_value, value, *out_max_value_len);
*out_value_len=2*(1+strlen(value));
@@ -3848,7 +3939,11 @@ uint32 _spoolss_enumprinterdata(const POLICY_HND *handle, uint32 idx,
/* the data is counted in bytes */
*out_max_data_len=in_data_len;
- *data_out=(uint8 *)malloc(in_data_len*sizeof(uint8));
+ if((*data_out=(uint8 *)malloc(in_data_len*sizeof(uint8))) == NULL) {
+ free_a_printer(printer, 2);
+ safe_free(data);
+ return ERROR_NOT_ENOUGH_MEMORY;
+ }
memcpy(*data_out, data, data_len);
*out_data_len=data_len;
@@ -3879,26 +3974,23 @@ uint32 _spoolss_setprinterdata( const POLICY_HND *handle,
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
if (!get_printer_snum(handle, &snum))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
status = get_a_printer(&printer, 2, lp_servicename(snum));
if (status != 0x0)
- return status;
+ return ERROR_INVALID_NAME;
convert_specific_param(&param, value , type, data, real_len);
unlink_specific_param_if_exist(printer.info_2, param);
if (!add_a_specific_param(printer.info_2, param))
- {
- status = NT_STATUS_INVALID_PARAMETER;
- }
+ status = ERROR_INVALID_PARAMETER;
else
- {
status = add_a_printer(printer, 2);
- }
+
free_a_printer(printer, 2);
return status;
@@ -3917,10 +4009,11 @@ uint32 _spoolss_addform( const POLICY_HND *handle,
DEBUG(5,("spoolss_addform\n"));
if (!OPEN_HANDLE(Printer))
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
count=get_ntforms(&list);
- add_a_form(&list, form, &count);
+ if(!add_a_form(&list, form, &count))
+ return ERROR_NOT_ENOUGH_MEMORY;
write_ntforms(&list, count);
safe_free(list);
@@ -3943,7 +4036,7 @@ uint32 _spoolss_setform( const POLICY_HND *handle,
if (!OPEN_HANDLE(Printer))
{
- return NT_STATUS_INVALID_HANDLE;
+ return ERROR_INVALID_HANDLE;
}
count=get_ntforms(&list);
update_a_form(&list, form, count);
@@ -3961,7 +4054,9 @@ static uint32 enumprintprocessors_level_1(NEW_BUFFER *buffer, uint32 offered, ui
{
PRINTPROCESSOR_1 *info_1=NULL;
- info_1 = (PRINTPROCESSOR_1 *)malloc(sizeof(PRINTPROCESSOR_1));
+ if((info_1 = (PRINTPROCESSOR_1 *)malloc(sizeof(PRINTPROCESSOR_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
(*returned) = 0x1;
init_unistr(&(info_1->name), "winprint");
@@ -4006,7 +4101,7 @@ uint32 _spoolss_enumprintprocessors(UNISTR2 *name, UNISTR2 *environment, uint32
return enumprintprocessors_level_1(buffer, offered, needed, returned);
break;
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -4018,7 +4113,9 @@ static uint32 enumprintprocdatatypes_level_1(NEW_BUFFER *buffer, uint32 offered,
{
PRINTPROCDATATYPE_1 *info_1=NULL;
- info_1 = (PRINTPROCDATATYPE_1 *)malloc(sizeof(PRINTPROCDATATYPE_1));
+ if((info_1 = (PRINTPROCDATATYPE_1 *)malloc(sizeof(PRINTPROCDATATYPE_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
(*returned) = 0x1;
init_unistr(&(info_1->name), "RAW");
@@ -4056,7 +4153,7 @@ uint32 _spoolss_enumprintprocdatatypes(UNISTR2 *name, UNISTR2 *processor, uint32
return enumprintprocdatatypes_level_1(buffer, offered, needed, returned);
break;
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -4068,7 +4165,9 @@ static uint32 enumprintmonitors_level_1(NEW_BUFFER *buffer, uint32 offered, uint
{
PRINTMONITOR_1 *info_1=NULL;
- info_1 = (PRINTMONITOR_1 *)malloc(sizeof(PRINTMONITOR_1));
+ if((info_1 = (PRINTMONITOR_1 *)malloc(sizeof(PRINTMONITOR_1))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
(*returned) = 0x1;
init_unistr(&(info_1->name), "Local Port");
@@ -4097,7 +4196,9 @@ static uint32 enumprintmonitors_level_2(NEW_BUFFER *buffer, uint32 offered, uint
{
PRINTMONITOR_2 *info_2=NULL;
- info_2 = (PRINTMONITOR_2 *)malloc(sizeof(PRINTMONITOR_2));
+ if((info_2 = (PRINTMONITOR_2 *)malloc(sizeof(PRINTMONITOR_2))) == NULL)
+ return ERROR_NOT_ENOUGH_MEMORY;
+
(*returned) = 0x1;
init_unistr(&(info_2->name), "Local Port");
@@ -4147,7 +4248,7 @@ uint32 _spoolss_enumprintmonitors(UNISTR2 *name,uint32 level,
return enumprintmonitors_level_2(buffer, offered, needed, returned);
break;
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
break;
}
}
@@ -4163,7 +4264,7 @@ static uint32 getjob_level_1(print_queue_struct *queue, int count, int snum, uin
if (info_1 == NULL) {
safe_free(queue);
- return NT_STATUS_NO_MEMORY;
+ return ERROR_NOT_ENOUGH_MEMORY;
}
for (i=0; i<count && found==False; i++) {
@@ -4173,16 +4274,21 @@ static uint32 getjob_level_1(print_queue_struct *queue, int count, int snum, uin
if (found==False) {
safe_free(queue);
+ safe_free(info_1);
/* I shoud reply something else ... I can't find the good one */
return NT_STATUS_NO_PROBLEMO;
}
- fill_job_info_1(info_1, &(queue[i]), i, snum);
+ fill_job_info_1(info_1, &(queue[i-1]), i, snum);
+
+ safe_free(queue);
*needed += spoolss_size_job_info_1(info_1);
- if (!alloc_buffer_size(buffer, *needed))
+ if (!alloc_buffer_size(buffer, *needed)) {
+ safe_free(info_1);
return ERROR_INSUFFICIENT_BUFFER;
+ }
new_smb_io_job_info_1("", buffer, info_1, 0);
@@ -4197,8 +4303,6 @@ static uint32 getjob_level_1(print_queue_struct *queue, int count, int snum, uin
/****************************************************************************
****************************************************************************/
-#if 0
-... Not yet used...
static uint32 getjob_level_2(print_queue_struct *queue, int count, int snum, uint32 jobid, NEW_BUFFER *buffer, uint32 offered, uint32 *needed)
{
int i=0;
@@ -4208,7 +4312,7 @@ static uint32 getjob_level_2(print_queue_struct *queue, int count, int snum, uin
if (info_2 == NULL) {
safe_free(queue);
- return NT_STATUS_NO_MEMORY;
+ return ERROR_NOT_ENOUGH_MEMORY;
}
for (i=0; i<count && found==False; i++) {
@@ -4218,16 +4322,21 @@ static uint32 getjob_level_2(print_queue_struct *queue, int count, int snum, uin
if (found==False) {
safe_free(queue);
+ safe_free(info_2);
/* I shoud reply something else ... I can't find the good one */
return NT_STATUS_NO_PROBLEMO;
}
- fill_job_info_2(info_2, &(queue[i]), i, snum);
+ fill_job_info_2(info_2, &(queue[i-1]), i, snum);
+
+ safe_free(queue);
*needed += spoolss_size_job_info_2(info_2);
- if (!alloc_buffer_size(buffer, *needed))
+ if (!alloc_buffer_size(buffer, *needed)) {
+ safe_free(info_2);
return ERROR_INSUFFICIENT_BUFFER;
+ }
new_smb_io_job_info_2("", buffer, info_2, 0);
@@ -4238,7 +4347,6 @@ static uint32 getjob_level_2(print_queue_struct *queue, int count, int snum, uin
else
return NT_STATUS_NO_PROBLEMO;
}
-#endif
/****************************************************************************
****************************************************************************/
@@ -4258,11 +4366,9 @@ uint32 _spoolss_getjob( POLICY_HND *handle, uint32 jobid, uint32 level,
*needed=0;
if (!get_printer_snum(handle, &snum))
- {
- return NT_STATUS_INVALID_HANDLE;
- }
+ return ERROR_INVALID_HANDLE;
- count=get_printqueue(snum, NULL, UID_FIELD_INVALID, &queue, &prt_status);
+ count=get_printqueue(snum, NULL, &queue, &prt_status);
DEBUGADD(4,("count:[%d], prt_status:[%d], [%s]\n",
count, prt_status.status, prt_status.message));
@@ -4272,11 +4378,11 @@ uint32 _spoolss_getjob( POLICY_HND *handle, uint32 jobid, uint32 level,
return getjob_level_1(queue, count, snum, jobid, buffer, offered, needed);
break;
case 2:
- return getjob_level_1(queue, count, snum, jobid, buffer, offered, needed);
+ return getjob_level_2(queue, count, snum, jobid, buffer, offered, needed);
break;
default:
safe_free(queue);
- return NT_STATUS_INVALID_INFO_CLASS;
+ return ERROR_INVALID_LEVEL;
break;
}
}
View Lorry Controller Status