[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-396-gba9e2be
Jeremy Allison
jra at samba.org
Thu Nov 29 21:25:29 GMT 2007
The branch, v3-2-test has been updated
via ba9e2be2b5a59684e854609f9d82ea1633448c62 (commit)
via ff06cc34e66a18ba71dd54f6c78b05a45b9f2d85 (commit)
via aff5a52136b85fe82c4acb08d12009187d1fe6c7 (commit)
via a261a61226248b41be22dd4f2873b5ed82bc2a24 (commit)
from 988c5ff3f47b7508b229464bbed2ca1948d6e27c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit ba9e2be2b5a59684e854609f9d82ea1633448c62
Author: Jeremy Allison <jra at samba.org>
Date: Thu Nov 29 13:24:54 2007 -0800
Remove the explicit TALLOC_CTX * from cli_struct.
Make us very explicit about how long a talloc ctx
should last.
Jeremy.
commit ff06cc34e66a18ba71dd54f6c78b05a45b9f2d85
Author: Jeremy Allison <jra at samba.org>
Date: Thu Nov 29 13:24:14 2007 -0800
Remove pstrings. Ensure we validate offsets.
Jeremy.
commit aff5a52136b85fe82c4acb08d12009187d1fe6c7
Merge: a261a61226248b41be22dd4f2873b5ed82bc2a24 988c5ff3f47b7508b229464bbed2ca1948d6e27c
Author: Jeremy Allison <jra at samba.org>
Date: Thu Nov 29 09:48:33 2007 -0800
Merge branch 'v3-2-test' of ssh://jra@git.samba.org/data/git/samba into v3-2-test
commit a261a61226248b41be22dd4f2873b5ed82bc2a24
Author: Jeremy Allison <jra at samba.org>
Date: Wed Nov 28 14:08:49 2007 -0800
Remove unused code (and pstring).
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/include/client.h | 9 +-
source/include/smb.h | 1 +
source/lib/time.c | 6 +-
source/libsmb/cliconnect.c | 18 +++-
source/libsmb/clidfs.c | 9 +-
source/libsmb/clidgram.c | 92 -----------------
source/libsmb/clientgen.c | 8 --
source/libsmb/clierror.c | 6 +
source/libsmb/clilist.c | 196 ++++++++++++++++++++++++------------
source/libsmb/clioplock.c | 5 +-
source/libsmb/cliprint.c | 64 ++++++------
source/libsmb/clirap.c | 2 +-
source/libsmb/libsmbclient.c | 28 ++++--
source/libsmb/passchange.c | 4 +-
source/rpc_client/cli_pipe.c | 35 +------
source/rpc_server/srv_spoolss_nt.c | 12 ++-
source/smbd/change_trust_pw.c | 2 +-
source/utils/smbcquotas.c | 7 +-
source/utils/smbtree.c | 12 ++-
source/winbindd/winbindd_cm.c | 23 ++--
20 files changed, 265 insertions(+), 274 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/client.h b/source/include/client.h
index dd8bb0d..c601e1a 100644
--- a/source/include/client.h
+++ b/source/include/client.h
@@ -135,7 +135,10 @@ struct cli_state {
uint32 posix_capabilities;
bool dfsroot;
- TALLOC_CTX *mem_ctx;
+#if 0
+ TALLOC_CTX *longterm_mem_ctx;
+ TALLOC_CTX *call_mem_ctx;
+#endif
smb_sign_info sign_info;
@@ -170,8 +173,8 @@ typedef struct file_info {
struct timespec mtime_ts;
struct timespec atime_ts;
struct timespec ctime_ts;
- pstring name;
- pstring dir;
+ char name[1024];
+ char dir[1024]; /* Should use allocated PATH_MAX here.... */
char short_name[13*3]; /* the *3 is to cope with multi-byte */
} file_info;
diff --git a/source/include/smb.h b/source/include/smb.h
index be339f2..f85c734 100644
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -79,6 +79,7 @@ enum smb_read_errors {
SMB_READ_ERROR,
SMB_WRITE_ERROR, /* This error code can go into the client smb_rw_error. */
SMB_READ_BAD_SIG,
+ SMB_NO_MEMORY,
SMB_DO_NOT_DO_TDIS /* cli_close_connection() check for this when smbfs wants to keep tree connected */
};
diff --git a/source/lib/time.c b/source/lib/time.c
index e29308f..5301e3a 100644
--- a/source/lib/time.c
+++ b/source/lib/time.c
@@ -1181,17 +1181,17 @@ void cli_put_dos_date3(struct cli_state *cli, char *buf, int offset, time_t unix
put_dos_date3(buf, offset, unixdate, cli->serverzone);
}
-time_t cli_make_unix_date(struct cli_state *cli, void *date_ptr)
+time_t cli_make_unix_date(struct cli_state *cli, const void *date_ptr)
{
return make_unix_date(date_ptr, cli->serverzone);
}
-time_t cli_make_unix_date2(struct cli_state *cli, void *date_ptr)
+time_t cli_make_unix_date2(struct cli_state *cli, const void *date_ptr)
{
return make_unix_date2(date_ptr, cli->serverzone);
}
-time_t cli_make_unix_date3(struct cli_state *cli, void *date_ptr)
+time_t cli_make_unix_date3(struct cli_state *cli, const void *date_ptr)
{
return make_unix_date3(date_ptr, cli->serverzone);
}
diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c
index f0b03a8..e3800bf 100644
--- a/source/libsmb/cliconnect.c
+++ b/source/libsmb/cliconnect.c
@@ -1803,13 +1803,18 @@ struct cli_state *get_ipc_connect(char *server,
* entire network browse list)
*/
-struct cli_state *get_ipc_connect_master_ip(struct ip_service *mb_ip, pstring workgroup, struct user_auth_info *user_info)
+struct cli_state *get_ipc_connect_master_ip(TALLOC_CTX *ctx,
+ struct ip_service *mb_ip,
+ struct user_auth_info *user_info,
+ char **pp_workgroup_out)
{
char addr[INET6_ADDRSTRLEN];
fstring name;
struct cli_state *cli;
struct sockaddr_storage server_ss;
+ *pp_workgroup_out = NULL;
+
print_sockaddr(addr, sizeof(addr), &mb_ip->ss);
DEBUG(99, ("Looking up name of master browser %s\n",
addr));
@@ -1838,7 +1843,7 @@ struct cli_state *get_ipc_connect_master_ip(struct ip_service *mb_ip, pstring wo
return NULL;
}
- pstrcpy(workgroup, name);
+ *pp_workgroup_out = talloc_strdup(ctx, name);
DEBUG(4, ("found master browser %s, %s\n", name, addr));
@@ -1853,12 +1858,16 @@ struct cli_state *get_ipc_connect_master_ip(struct ip_service *mb_ip, pstring wo
* connect to it.
*/
-struct cli_state *get_ipc_connect_master_ip_bcast(pstring workgroup, struct user_auth_info *user_info)
+struct cli_state *get_ipc_connect_master_ip_bcast(TALLOC_CTX *ctx,
+ struct user_auth_info *user_info,
+ char **pp_workgroup_out)
{
struct ip_service *ip_list;
struct cli_state *cli;
int i, count;
+ *pp_workgroup_out = NULL;
+
DEBUG(99, ("Do broadcast lookup for workgroups on local network\n"));
/* Go looking for workgroups by broadcasting on the local network */
@@ -1874,7 +1883,8 @@ struct cli_state *get_ipc_connect_master_ip_bcast(pstring workgroup, struct user
print_sockaddr(addr, sizeof(addr), &ip_list[i].ss);
DEBUG(99, ("Found master browser %s\n", addr));
- cli = get_ipc_connect_master_ip(&ip_list[i], workgroup, user_info);
+ cli = get_ipc_connect_master_ip(ctx, &ip_list[i],
+ user_info, pp_workgroup_out);
if (cli)
return(cli);
}
diff --git a/source/libsmb/clidfs.c b/source/libsmb/clidfs.c
index 037c0d6..469cb23 100644
--- a/source/libsmb/clidfs.c
+++ b/source/libsmb/clidfs.c
@@ -245,9 +245,12 @@ static struct cli_state *cli_cm_connect( const char *server,
bool show_hdr)
{
struct client_connection *node;
-
- node = SMB_XMALLOC_P( struct client_connection );
-
+
+ node = SMB_CALLOC_ARRAY( struct client_connection, 1);
+ if (!node) {
+ return NULL;
+ }
+
node->cli = do_connect( server, share, show_hdr );
if ( !node->cli ) {
diff --git a/source/libsmb/clidgram.c b/source/libsmb/clidgram.c
index 5b619b6..82f874f 100644
--- a/source/libsmb/clidgram.c
+++ b/source/libsmb/clidgram.c
@@ -113,95 +113,3 @@ bool cli_send_mailslot(struct messaging_context *msg_ctx,
MSG_SEND_PACKET,
(uint8 *)&p, sizeof(p)));
}
-
-/*
- * cli_get_response: Get a response ...
- */
-bool cli_get_response(const char *mailslot, char *buf, int bufsiz)
-{
- struct packet_struct *p;
-
- p = receive_unexpected(DGRAM_PACKET, 0, mailslot);
-
- if (p == NULL)
- return False;
-
- memcpy(buf, &p->packet.dgram.data[92],
- MIN(bufsiz, p->packet.dgram.datasize-92));
-
- return True;
-}
-
-/*
- * cli_get_backup_list: Send a get backup list request ...
- */
-
-static char cli_backup_list[1024];
-
-int cli_get_backup_list(struct messaging_context *msg_ctx,
- const char *myname, const char *send_to_name)
-{
- pstring outbuf;
- char *p;
- struct sockaddr_storage sendto_ss;
-
- if (!resolve_name(send_to_name, &sendto_ss, 0x1d)) {
-
- DEBUG(0, ("Could not resolve name: %s<1D>\n", send_to_name));
- return False;
-
- }
-
- memset(cli_backup_list, '\0', sizeof(cli_backup_list));
- memset(outbuf, '\0', sizeof(outbuf));
-
- p = outbuf;
-
- SCVAL(p, 0, ANN_GetBackupListReq);
- p++;
-
- SCVAL(p, 0, 1); /* Count pointer ... */
- p++;
-
- SIVAL(p, 0, 1); /* The sender's token ... */
- p += 4;
-
- cli_send_mailslot(msg_ctx, True, "\\MAILSLOT\\BROWSE", 1, outbuf,
- PTR_DIFF(p, outbuf), myname, 0, send_to_name,
- 0x1d, &sendto_ss);
-
- /* We should check the error and return if we got one */
-
- /* Now, get the response ... */
-
- cli_get_response("\\MAILSLOT\\BROWSE",
- cli_backup_list, sizeof(cli_backup_list));
-
- return True;
-
-}
-
-/*
- * cli_get_backup_server: Get the backup list and retrieve a server from it
- */
-
-int cli_get_backup_server(struct messaging_context *msg_ctx,
- char *my_name, char *target, char *servername,
- int namesize)
-{
-
- /* Get the backup list first. We could pull this from the cache later */
-
- cli_get_backup_list(msg_ctx, my_name, target); /* FIXME: Check the response */
-
- if (!cli_backup_list[0]) { /* Empty list ... try again */
-
- cli_get_backup_list(msg_ctx, my_name, target);
-
- }
-
- strncpy(servername, cli_backup_list, MIN(16, namesize));
-
- return True;
-
-}
diff --git a/source/libsmb/clientgen.c b/source/libsmb/clientgen.c
index ee1a0fe..1a6fb8f 100644
--- a/source/libsmb/clientgen.c
+++ b/source/libsmb/clientgen.c
@@ -492,9 +492,6 @@ struct cli_state *cli_initialise(void)
if (!cli->outbuf || !cli->inbuf)
goto error;
- if ((cli->mem_ctx = talloc_init("cli based talloc")) == NULL)
- goto error;
-
memset(cli->outbuf, 0, cli->bufsize);
memset(cli->inbuf, 0, cli->bufsize);
@@ -605,11 +602,6 @@ void cli_shutdown(struct cli_state *cli)
data_blob_free(&cli->secblob);
data_blob_free(&cli->user_session_key);
- if (cli->mem_ctx) {
- talloc_destroy(cli->mem_ctx);
- cli->mem_ctx = NULL;
- }
-
if (cli->fd != -1) {
close(cli->fd);
}
diff --git a/source/libsmb/clierror.c b/source/libsmb/clierror.c
index c9c5a6c..587abad 100644
--- a/source/libsmb/clierror.c
+++ b/source/libsmb/clierror.c
@@ -84,6 +84,8 @@ static NTSTATUS cli_smb_rw_error_to_ntstatus(struct cli_state *cli)
return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
case SMB_READ_BAD_SIG:
return NT_STATUS_INVALID_PARAMETER;
+ case SMB_NO_MEMORY:
+ return NT_STATUS_NO_MEMORY;
default:
break;
}
@@ -133,6 +135,10 @@ const char *cli_errstr(struct cli_state *cli)
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
"Server packet had invalid SMB signature!");
break;
+ case SMB_NO_MEMORY:
+ slprintf(cli_error_message, sizeof(cli_error_message) - 1,
+ "Out of memory");
+ break;
default:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
"Unknown error code %d\n", cli->smb_rw_error );
diff --git a/source/libsmb/clilist.c b/source/libsmb/clilist.c
index fd0c380..64cb3e8 100644
--- a/source/libsmb/clilist.c
+++ b/source/libsmb/clilist.c
@@ -1,18 +1,18 @@
-/*
+/*
Unix SMB/CIFS implementation.
client directory list routines
Copyright (C) Andrew Tridgell 1994-1998
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -22,18 +22,41 @@
extern file_info def_finfo;
/****************************************************************************
+ Calculate a safe next_entry_offset.
+****************************************************************************/
+
+static size_t calc_next_entry_offset(const char *base, const char *pdata_end)
+{
+ size_t next_entry_offset = (size_t)IVAL(base,0);
+
+ if (next_entry_offset == 0 ||
+ base + next_entry_offset < base ||
+ base + next_entry_offset > pdata_end) {
+ next_entry_offset = pdata_end - base;
+ }
+ return next_entry_offset;
+}
+
+/****************************************************************************
Interpret a long filename structure - this is mostly guesses at the moment.
The length of the structure is returned
The structure of a long filename depends on the info level. 260 is used
by NT and 2 is used by OS/2
****************************************************************************/
-static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,file_info *finfo,
- uint32 *p_resume_key, DATA_BLOB *p_last_name_raw, uint32 *p_last_name_raw_len)
+static size_t interpret_long_filename(struct cli_state *cli,
+ int level,
+ const char *p,
+ const char *pdata_end,
+ file_info *finfo,
+ uint32 *p_resume_key,
+ DATA_BLOB *p_last_name_raw)
{
file_info finfo2;
int len;
- char *base = p;
+ const char *base = p;
+
+ data_blob_free(p_last_name_raw);
if (!finfo) {
finfo = &finfo2;
@@ -49,6 +72,9 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
case 1: /* OS/2 understands this */
/* these dates are converted to GMT by
make_unix_date */
+ if (pdata_end - base < 27) {
+ return pdata_end - base;
+ }
finfo->ctime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+4));
finfo->atime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+8));
finfo->mtime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+12));
@@ -57,19 +83,25 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
len = CVAL(p, 26);
p += 27;
p += clistr_align_in(cli, p, 0);
+ if (p + len + 2 > pdata_end) {
+ return pdata_end - base;
+ }
/* the len+2 below looks strange but it is
important to cope with the differences
between win2000 and win9x for this call
(tridge) */
p += clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
- len+2,
+ len+2,
STR_TERMINATE);
return PTR_DIFF(p, base);
case 2: /* this is what OS/2 uses mostly */
/* these dates are converted to GMT by
make_unix_date */
+ if (pdata_end - base < 31) {
+ return pdata_end - base;
+ }
finfo->ctime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+4));
finfo->atime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+8));
finfo->mtime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+12));
@@ -78,22 +110,30 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
len = CVAL(p, 30);
p += 31;
/* check for unisys! */
+ if (p + len + 1 > pdata_end) {
+ return pdata_end - base;
+ }
p += clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
- len,
+ len,
STR_NOALIGN);
return PTR_DIFF(p, base) + 1;
-
+
case 260: /* NT uses this, but also accepts 2 */
{
size_t namelen, slen;
+
+ if (pdata_end - base < 94) {
+ return pdata_end - base;
+ }
+
p += 4; /* next entry offset */
if (p_resume_key) {
*p_resume_key = IVAL(p,0);
}
p += 4; /* fileindex */
-
+
/* Offset zero is "create time", not "change time". */
p += 8;
finfo->atime_ts = interpret_long_date(p);
@@ -111,7 +151,11 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
p += 4;
p += 4; /* EA size */
slen = SVAL(p, 0);
- p += 2;
+ if (slen > 24) {
+ /* Bad short name length. */
+ return pdata_end - base;
+ }
+ p += 2;
{
/* stupid NT bugs. grr */
int flags = 0;
@@ -120,7 +164,10 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
sizeof(finfo->short_name),
slen, flags);
}
- p += 24; /* short name? */
+ p += 24; /* short name? */
+ if (p + namelen < p || p + namelen > pdata_end) {
+ return pdata_end - base;
+ }
clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
namelen, 0);
@@ -130,29 +177,24 @@ static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,f
Namelen doesn't include the terminating unicode null, so
copy it here. */
- if (p_last_name_raw && p_last_name_raw_len) {
- if (namelen + 2 > p_last_name_raw->length) {
- memset(p_last_name_raw->data, '\0', sizeof(p_last_name_raw->length));
- *p_last_name_raw_len = 0;
- } else {
- memcpy(p_last_name_raw->data, p, namelen);
- SSVAL(p_last_name_raw->data, namelen, 0);
- *p_last_name_raw_len = namelen + 2;
- }
+ if (p_last_name_raw) {
+ *p_last_name_raw = data_blob(NULL, namelen+2);
+ memcpy(p_last_name_raw->data, p, namelen);
+ SSVAL(p_last_name_raw->data, namelen, 0);
}
- return (size_t)IVAL(base, 0);
+ return calc_next_entry_offset(base, pdata_end);
}
}
-
+
DEBUG(1,("Unknown long filename format %d\n",level));
- return (size_t)IVAL(base,0);
+ return calc_next_entry_offset(base, pdata_end);
}
/****************************************************************************
Do a directory listing, calling fn on each file found.
****************************************************************************/
-int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
+int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
void (*fn)(const char *, file_info *, const char *, void *), void *state)
{
--
Samba Shared Repository
More information about the samba-cvs
mailing list