svn commit: samba r10669 - in branches/SAMBA_4_0/source/auth/ntlmssp: .

[tridge at samba.org]

Author: tridge
Date: 2005-10-01 01:04:34 +0000 (Sat, 01 Oct 2005)
New Revision: 10669

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10669

Log:

reverted jelmers commit 10663 as it was causing lots of panics in 'make test'

I also think the method of getting rid of pstring isn't the right
one. I certainly do want to get rid of pstring/fstring, but the reason
for removing them is the use of arbitrary sized fixed length strings
on the stack and in structures. Changing to another fixed length stack
string format isn't really a win, and moving to use strncpy() is
actually worse than pstrcpy() as strncpy() has the absolutely awful
semantics of always zeroing all remaining bytes, so it ends up taking
a lot of cpu doing pointless memory writes.

I'd rather move to more use of asprintf()/talloc_asprintf() and
similar functions for dynamic string allocation.

You also have to be very careful about some of these system defined
string limits. One some systems PATH_MAX could be 64k or even larger,
which can quickly blow the stack out when you allocate a few of them. 


Modified:
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_parse.c
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_parse.c
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_parse.c	2005-09-30 23:56:54 UTC (rev 10668)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_parse.c	2005-10-01 01:04:34 UTC (rev 10669)
@@ -21,6 +21,7 @@
 */
 
 #include "includes.h"
+#include "pstring.h"
 
 /*
   this is a tiny msrpc packet generator. I am only using this to
@@ -209,7 +210,7 @@
 	uint16_t len1, len2;
 	uint32_t ptr;
 	uint32_t *v;
-	char *p;
+	pstring p;
 
 	va_start(ap, format);
 	for (i=0; format[i]; i++) {
@@ -236,10 +237,13 @@
 					return False;
 
 				if (0 < len1) {
-					if (convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, blob->data + ptr, len1, (void **)&p) < 0) {
+					pull_string(p, blob->data + ptr, sizeof(p), 
+						    len1, 
+						    STR_UNICODE|STR_NOALIGN);
+					(*ps) = talloc_strdup(mem_ctx, p);
+					if (!(*ps)) {
 						return False;
 					}
-					(*ps) = p;
 				} else {
 					(*ps) = "";
 				}

Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c	2005-09-30 23:56:54 UTC (rev 10668)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c	2005-10-01 01:04:34 UTC (rev 10669)
@@ -26,6 +26,7 @@
 #include "auth/auth.h"
 #include "auth/ntlmssp/ntlmssp.h"
 #include "lib/crypto/crypto.h"
+#include "pstring.h"
 #include "system/filesys.h"
 
 /** 
@@ -106,7 +107,7 @@
 */
 static BOOL get_myfullname(char *my_name)
 {
-	char hostname[HOST_NAME_MAX];
+	pstring hostname;
 
 	*hostname = 0;
 
@@ -120,13 +121,13 @@
 	hostname[sizeof(hostname)-1] = '\0';
 
 	if (my_name)
-		strncpy(my_name, hostname, sizeof(hostname));
+		fstrcpy(my_name, hostname);
 	return True;
 }
 
 static BOOL get_mydomname(char *my_domname)
 {
-	char hostname[HOST_NAME_MAX];
+	pstring hostname;
 	char *p;
 
 	/* arrgh! relies on full name in system */
@@ -149,7 +150,7 @@
 	p++;
 	
 	if (my_domname)
-		strncpy(my_domname, p, sizeof(hostname));
+		fstrcpy(my_domname, p);
 
 	return True;
 }
@@ -172,7 +173,7 @@
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data;
 	DATA_BLOB struct_blob;
-	char dnsname[HOST_NAME_MAX], dnsdomname[HOST_NAME_MAX];
+	fstring dnsname, dnsdomname;
 	uint32_t neg_flags = 0;
 	uint32_t ntlmssp_command, chal_flags;
 	char *cliname=NULL, *domname=NULL;