From 3fb7db84d76f15cc218554559c0f498cf00d1f7c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 3 Nov 2009 00:47:37 +0100 Subject: [PATCH] s3:registry: add safety check for return value of tdb_unpack to regdb_fetch_keys_internal() Prevents segfaults in some situations. (For a non existent or empty record, we sometimes rely on the fetch operation to return dsize==0 and sometimes we rely on dptr==NULL.) Michael Signed-off-by: Michael Adam --- source3/registry/reg_backend_db.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c index 2b6259c03ad..2cd35935371 100644 --- a/source3/registry/reg_backend_db.c +++ b/source3/registry/reg_backend_db.c @@ -1470,6 +1470,10 @@ static WERROR regdb_fetch_keys_internal(struct db_context *db, const char *key, buf = value.dptr; buflen = value.dsize; len = tdb_unpack( buf, buflen, "d", &num_items); + if (len == (uint32_t)-1) { + werr = WERR_NOT_FOUND; + goto done; + } werr = regsubkey_ctr_reinit(ctr); W_ERROR_NOT_OK_GOTO_DONE(werr); -- 2.11.4.GIT