From: Frank Lahm <franklahm@googlemail.com>
Date: Tue, 3 Jul 2012 10:15:19 +0000 (+0200)
Subject: Fix string length calculation for empty strings
X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=netatalk.git;a=commitdiff_plain;h=ef5fbd178efc0e1deb9f0c5ba7e0d82053326fb6

Fix string length calculation for empty strings
---

diff --git a/etc/afpd/spotlight.c b/etc/afpd/spotlight.c
index 2d9d6315..8eb26a7e 100644
--- a/etc/afpd/spotlight.c
+++ b/etc/afpd/spotlight.c
@@ -204,9 +204,12 @@ int afp_spotlight_rpc(AFPObj *obj, char *ibuf, size_t ibuflen, char *rbuf, size_
         DALLOC_CTX *reply;
         EC_NULL( reply = talloc_zero(tmp_ctx, DALLOC_CTX) );
 
-        EC_ZERO( sl_unpack(query, ibuf + 22) );
+        ret = sl_unpack(query, ibuf + 22);
         dd_dump(query, 0);
-
+        if (ret != 0) {
+            LOG(log_error, logtype_sl, "sl_unpack");
+            EC_FAIL;
+        }
         char **cmd;
         EC_NULL_LOG( cmd = dalloc_get(query, "DALLOC_CTX", 0, "DALLOC_CTX", 0, "char *", 0) );
 
@@ -304,6 +307,7 @@ int main(int argc, char **argv)
 
 #endif
 
+#if 0
     /* Now the Spotlight types */
     sl_array_t *sl_arrary = talloc_zero(dd, sl_array_t);
     i = 0x1234;
@@ -316,25 +320,29 @@ int main(int argc, char **argv)
 
     dalloc_add(dd, sl_arrary, sl_array_t);
     dd_dump(dd, 0);
+#endif
 
     /* now parse a real spotlight packet */
-    char ibuf[8192];
-    char rbuf[8192];
-    int fd;
-    size_t len;
-    DALLOC_CTX *query;
+    if (argc > 1) {
+        char ibuf[8192];
+        char rbuf[8192];
+        int fd;
+        size_t len;
+        DALLOC_CTX *query;
 
-    EC_NULL( query = talloc_zero(mem_ctx, DALLOC_CTX) );
+        EC_NULL( query = talloc_zero(mem_ctx, DALLOC_CTX) );
 
-    EC_NEG1_LOG( fd = open("openQuery-packet.bin", O_RDONLY) );
-    EC_NEG1_LOG( len = read(fd, ibuf, 8192) );
-    close(fd);
-    EC_NEG1_LOG( sl_unpack(query, ibuf + 24) );
+        EC_NEG1_LOG( fd = open(argv[1], O_RDONLY) );
+        EC_NEG1_LOG( len = read(fd, ibuf, 8192) );
+        close(fd);
+        EC_NEG1_LOG( sl_unpack(query, ibuf + 24) );
 
-    /* Now dump the whole thing */
-    dd_dump(query, 0);
+        /* Now dump the whole thing */
+        dd_dump(query, 0);
+    }
 
 #if 0
+    /* packing  */
     int qlen;
     char buf[MAX_SLQ_DAT];
     EC_NEG1_LOG( qlen = sl_pack(query, buf) );
diff --git a/etc/afpd/spotlight_marshalling.c b/etc/afpd/spotlight_marshalling.c
index d338b590..d01d59d9 100644
--- a/etc/afpd/spotlight_marshalling.c
+++ b/etc/afpd/spotlight_marshalling.c
@@ -485,7 +485,7 @@ static int sl_unpack_cpx(DALLOC_CTX *query,
     uint unicode_encoding;
     uint8_t mark_exists;
     char *p;
-    int qlen, padding, slen;
+    int qlen, used_in_last_block, slen;
     sl_array_t *sl_arrary;
     sl_dict_t *sl_dict;
 
@@ -506,10 +506,8 @@ static int sl_unpack_cpx(DALLOC_CTX *query,
     case SQ_CPX_TYPE_UTF16_STRING:
         query_data64 = sl_unpack_uint64(buf, offset, encoding);
         qlen = (query_data64 & 0xffff) * 8;
-        if ((padding = 8 - (query_data64 >> 32)) < 0)
-            EC_FAIL;
-        if ((slen = qlen - 8 - padding) < 1)
-            EC_FAIL;
+        used_in_last_block = query_data64 >> 32;
+        slen = qlen - 8 + used_in_last_block;
 
         if (cpx_query_type == SQ_CPX_TYPE_STRING) {
             p = talloc_strndup(query, buf + offset + 8, slen);