s3:g_lock: Do not let pointers to point outside the input buffer

If num_shared == 0 the shared points at the address outside the buf.
Make it NULL instead.

(gdb) p *lck
$33 = {
  exclusive = {
    pid = 1187098,
    task_id = 0,
    vnn = 4294967295,
    unique_id = 7349874180613937639
  },
  num_shared = 0,
  shared = 0x555555646980 "@kdUUU",
  unique_lock_epoch = 1489043017590848833,
  unique_data_epoch = 11232048132975083808,
  datalen = 0,
  data = 0x555555646980 "@kdUUU"
}

Same for datalen & data.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Sat Oct  5 14:44:46 UTC 2024 on atb-devel-224

diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c
index 77b8287273b972e1ba0bba0091794be277979ac6..28181a9f18a565d0f3130311e708599dceb3187b 100644 (file)
--- a/source3/lib/g_lock.c
+++ b/source3/lib/g_lock.c
@@ -53,7 +53,7 @@ struct g_lock {
 static bool g_lock_parse(uint8_t *buf, size_t buflen, struct g_lock *lck)
 {
        struct server_id exclusive;
-       size_t num_shared, shared_len;
+       size_t num_shared, shared_len, data_len;
        uint64_t unique_lock_epoch;
        uint64_t unique_data_epoch;
 
@@ -94,15 +94,16 @@ static bool g_lock_parse(uint8_t *buf, size_t buflen, struct g_lock *lck)
        }
 
        shared_len = num_shared * SERVER_ID_BUF_LENGTH;
+       data_len = buflen - shared_len;
 
        *lck = (struct g_lock) {
                .exclusive = exclusive,
                .num_shared = num_shared,
-               .shared = buf,
+               .shared = num_shared == 0 ? NULL : buf,
                .unique_lock_epoch = unique_lock_epoch,
                .unique_data_epoch = unique_data_epoch,
-               .datalen = buflen-shared_len,
-               .data = buf+shared_len,
+               .datalen = data_len,
+               .data = data_len == 0 ? NULL : buf + shared_len,
        };
 
        return true;