From 498216fc117b56d605339b4cb368bdc1fca20aeb Mon Sep 17 00:00:00 2001 From: Rob Shearman Date: Sun, 10 Aug 2008 18:23:40 +0100 Subject: [PATCH] rpcrt4: Fix crash in rpcrt4_ncalrpc_parse_top_of_tower due to unconditionally dereferencing networkaddr and endpoint variables. These can be NULL when parts of the tower are not required. --- dlls/rpcrt4/rpc_transport.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dlls/rpcrt4/rpc_transport.c b/dlls/rpcrt4/rpc_transport.c index 6e57ee72ca8..9d700887b9f 100644 --- a/dlls/rpcrt4/rpc_transport.c +++ b/dlls/rpcrt4/rpc_transport.c @@ -706,9 +706,6 @@ static RPC_STATUS rpcrt4_ncalrpc_parse_top_of_tower(const unsigned char *tower_d TRACE("(%p, %d, %p, %p)\n", tower_data, (int)tower_size, networkaddr, endpoint); - *networkaddr = NULL; - *endpoint = NULL; - if (tower_size < sizeof(*pipe_floor)) return EPT_S_NOT_REGISTERED; @@ -720,6 +717,9 @@ static RPC_STATUS rpcrt4_ncalrpc_parse_top_of_tower(const unsigned char *tower_d (pipe_floor->count_rhs > tower_size)) return EPT_S_NOT_REGISTERED; + if (networkaddr) + *networkaddr = NULL; + if (endpoint) { *endpoint = I_RpcAllocate(pipe_floor->count_rhs);