sblim-commit

[Narasimha S. <nsh...@us...>]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "SFCB - Small Footprint CIM Broker".

The branch, master has been updated
       via  e6da1a4d2c6d8983f804ac7fa5ed0e00dd37761c (commit)
      from  c4f1e693534731ad2dda92ec5ab09c496f18e887 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e6da1a4d2c6d8983f804ac7fa5ed0e00dd37761c
Author: nsharoff <nsharoff@nsharoff.(none)>
Date:   Tue Apr 3 14:25:32 2012 -0700

    patches for [ 3495060, 3471814 ]

-----------------------------------------------------------------------

Summary of changes:
diff --git a/ChangeLog b/ChangeLog
index 373deb1..38c6914 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2012-04-03  Narasimha Sharoff  <nsh...@us...>
+
+	* indCIMXMLHandler.c, interopProvider.c:
+	[ 3495060 ] verify filter and handler information during subscription
+
+	* objectImpl.c:
+	[ 3471814 ] segfault in objectImpl.c:131,ClObjectGetClString
+        (Patch by Chris Buccella and Narasimha Sharoff)
+
 2012-04-03 Michael Chase-Salerno <br...@li...>
 
 	* interopProvider.c:
diff --git a/indCIMXMLHandler.c b/indCIMXMLHandler.c
index c618ca9..33b593b 100644
--- a/indCIMXMLHandler.c
+++ b/indCIMXMLHandler.c
@@ -1028,6 +1028,10 @@ IndCIMXMLHandlerInvokeMethod(CMPIMethodMI * mi,
       CMPIData handler=CMGetProperty(sub, "Handler", &st);
       CMPIObjectPath *hop=handler.value.ref;
       CMPIInstance *hdlr=CBGetInstance(_broker, ctxLocal, hop, NULL, &st);
+      if (hdlr == NULL) {
+         mlogf(M_ERROR,M_SHOW,"Deliver indication failed, hdlr is null. rc:%d\n",st.rc);
+         _SFCB_RETURN(st);
+      }
 
       // Build the complete sequence context
       // Get the stub from the handler
diff --git a/interopProvider.c b/interopProvider.c
index e066599..0639f9b 100644
--- a/interopProvider.c
+++ b/interopProvider.c
@@ -882,6 +882,39 @@ filterInternalProps(CMPIInstance* ci)
   return;
 }
 
+/* feature #3495060 :76814 : Verify the filter and handler information */
+CMPIStatus
+verify_subscription(const CMPIContext * ctx,
+        const CMPIObjectPath *cop, 
+        const CMPIInstance *ci)
+{ 
+      CMPIContext *ctxlocal = NULL;
+      CMPIStatus st = { CMPI_RC_OK, NULL };
+
+      CMPIData sub_filter = CMGetProperty(ci, "Filter", &st);
+      CMPIObjectPath *sub_filter_op = sub_filter.value.ref;
+      ctxlocal = prepareUpcall((CMPIContext *)ctx);
+      CMPIInstance *sub_filter_inst = CBGetInstance(_broker, ctxlocal,
+                    sub_filter_op, NULL, &st);
+      if (sub_filter_inst == NULL) {
+         setStatus(&st,st.rc,"Invalid Subscription Filter");
+         CMRelease(ctxlocal);
+         return st;
+      }
+
+      CMPIData sub_handler = CMGetProperty(ci, "Handler", &st);
+      CMPIObjectPath *sub_handler_op = sub_handler.value.ref;
+      CMPIInstance *sub_handler_inst = CBGetInstance(_broker, ctxlocal,
+                    sub_handler_op, NULL, &st);
+      if (sub_handler_inst == NULL) {
+         setStatus(&st,st.rc,"Invalid Subscription Handler");
+         CMRelease(ctxlocal);
+         return st;
+      }
+
+      CMRelease(ctxlocal);
+      return st;
+}
 
 /*
  * --------------------------------------------------------------------------
@@ -1042,6 +1075,9 @@ InteropProviderCreateInstance(CMPIInstanceMI * mi,
   if (isa(nss, cns, "cim_indicationsubscription")) {
     _SFCB_TRACE(1, ("--- create cim_indicationsubscription"));
 
+    st = verify_subscription(ctx, cop, ci); /* 3495060 */
+    if (st.rc != CMPI_RC_OK) _SFCB_RETURN(st);
+
     st = processSubscription(_broker, ctx, ciLocal, copLocal);
   } else if (isa(nss, cns, "cim_indicationfilter")) {
 
diff --git a/objectImpl.c b/objectImpl.c
index a668b50..a3ab0d1 100644
--- a/objectImpl.c
+++ b/objectImpl.c
@@ -544,6 +544,63 @@ replaceClStringN(ClObjectHdr * hdr, int id, const char *str, unsigned int length
   _SFCB_EXIT();
 }
 
+/* Removes an object from the string buffer. The CMPIData pointing to that 
+   object remains intact. A call to this function MUST be followed by a
+   call to addClObject(), else one of the CMPIData entries will be invalid.
+
+   id - the number of the entry to be removed   
+ */
+static void
+removeClObject(ClObjectHdr * hdr, int id)
+{
+   _SFCB_ENTER(TRACE_OBJECTIMPL, "removeClObject");
+   //   fprintf(stderr, "replaceClString: %p replacing entry for we're skipping %d\n", hdr, (id-1));
+   char *ts, *fs, *tmpstr = NULL;
+   long i, l, u;
+   ClStrBuf *fb;
+
+   fb = getStrBufPtr(hdr);   
+   ts = (char *) malloc(fb->bUsed); /* tmp string buffer */
+   fs = &fb->buf[0];
+
+   for (u = i = 0; i < fb->iUsed; i++) {
+      if (i != id - 1) {    /* loop through and copy over all _other_ properties */
+        //      fprintf(stderr, "replace: keeping %ld\n", i);
+         char *f = fs + fb->indexPtr[i];
+         l = fb->indexPtr[i+1] - fb->indexPtr[i];
+
+         /* Bugzilla 74159 - Align the string buffer & null terminate */
+         /*if (l % sizeof(long) != 0) {
+           l = ALIGN((fb->indexPtr[i+1] - fb->indexPtr[i]), CLALIGN);
+           tmpstr = calloc(1,l);
+           if (tmpstr == NULL) {
+             _SFCB_TRACE(1, ("objectImpl:replaceClString: calloc failed for tmpstr"));
+           }
+           memcpy(tmpstr, f, l);
+         } */
+
+         fb->indexPtr[i] = u;
+
+         /*if (tmpstr != NULL) {
+           memcpy(ts + u, tmpstr, l);
+           free(tmpstr); 
+           tmpstr = NULL;
+         }
+         else */
+           memcpy(ts + u, f, l);
+
+         u += l;
+      }
+   }
+   memcpy(fs, ts, u);
+   fb->bUsed = u;
+   free(ts);
+
+   fb->iUsed--; /* fixup the item count, since we have one fewer elements */
+
+  _SFCB_EXIT();
+}
+
 // hack to get anything into a stringbuffer
 static void
 replaceClObject(ClObjectHdr * hdr, int id, const void *obj, int size)
@@ -1635,8 +1692,27 @@ addObjectPropertyH(ClObjectHdr * hdr, ClSection * prps,
         }
         free(blob);
       }
-    } else
-      (p + i - 1)->data = d;
+    } 
+    /* bugzilla 75997 - hdr->type is args */
+    else if (hdr->type == HDR_Args &&
+            od.type == CMPI_instance && (d.state & CMPI_nullValue) == 0) {
+       if (d.type != CMPI_instance) {
+          _SFCB_RETURN(CMPI_RC_ERR_TYPE_MISMATCH);
+       }
+       else {
+          (p + i - 1)->data = d;
+          int size = getInstanceSerializedSize(d.value.inst);
+          void * blob = malloc(size);
+          getSerializedInstance(d.value.inst, blob);
+          //fprintf(stderr, "od.value.inst = %ld\n", (long)od.value.inst);
+          if (od.value.inst) {
+             removeClObject(hdr, (long)od.value.inst);
+          }
+          (p + i - 1)->data.value.inst = (CMPIInstance *) addClObject(hdr, blob, size);
+          free(blob);
+         }
+    }
+    else(p + i - 1)->data = d;
 
     _SFCB_RETURN(i);
   }


hooks/post-receive
-- 
SFCB - Small Footprint CIM Broker