[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Wed May 4 14:15:02 MDT 2011
The branch, master has been updated
via ff215f5 I added them, so I get to kill them :-). Finally remove all uses of safe_strcpy and safe_strcat. Change to strlcpy, strlcat.
via 8380835 Fix warning messages caused by addition of null check in fstrcpy macro.
via df023b8 Tidy up some missing checks for NULL in strlcpy.
via a3e913a Add in bufflen limit when storing NetBIOS names. Remove safe_strcpy.
via 6f7c4a0 Convert safe_strXX to strlXXX. Clean up off-by-ones.
via 0dcc75f Remove magic numbers. Standardize on macro. Move from safe_strcat to strlcat.
via 8ff244e Cope with +1 change on moving from safe_strcat to strlcat.
via 2938fe6 Fold null terminator into listlen length, change to strlcpy.
via e466792 Fix the only place we reply on the NULL handling for the source in safe_strcpy.
via 1858201 Fix off-by-one when used with safe_strcpy.
via 5c53d63 sasl_secret_t ends in a char [1] size. This means the extra character is implicit in the safe_strcpy. When changing to strlcpy ensure we allocate an extra char for it. This fixes a bug where secret->len+1 used with safe_strcpy could actually write into secret->len+2.
via cabd9e7 Simple +1 changes in hardcoded lengths when changing from safe_strcpy to strlcpy.
via 265338c BUGFIX when converting from safe_strcpy to strlcpy.
via 5fa6f39 Remove overmalloc_safe_strcpy - can be simple strlcpy.
via a291508 Remove obvious use of safe_strcpy + safe_strcat -> strlcpy + strlcat.
via 0c464df Change safe_strcpy_base to strlcpy_base. Note the size doesn't change here as the original macro auto-added the -1.
via 017e0c8 Fix simple uses of safe_strcpy -> strlcpy. Easy ones where we just remove -1.
from deba880 s3-torture: Add a test for notify upon read&x
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ff215f5c89c91a22c910400c8ac81d82d7459ba0
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 16:43:27 2011 -0700
I added them, so I get to kill them :-). Finally remove all uses of safe_strcpy and safe_strcat. Change to strlcpy, strlcat.
Autobuild-User: Jeremy Allison <jra at samba.org>
Autobuild-Date: Wed May 4 22:14:14 CEST 2011 on sn-devel-104
commit 8380835fc6de38706d9af29dc7f0fa4cec4f9c90
Author: Jeremy Allison <jra at samba.org>
Date: Wed May 4 11:38:26 2011 -0700
Fix warning messages caused by addition of null check in fstrcpy macro.
commit df023b8657cab232df88d3656aa5d87676bb7254
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 16:42:17 2011 -0700
Tidy up some missing checks for NULL in strlcpy.
commit a3e913ae8bfaa88f5b571f3347f3357a9ff02ed1
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:52:01 2011 -0700
Add in bufflen limit when storing NetBIOS names. Remove safe_strcpy.
commit 6f7c4a0539844d448b4ef7e6c4767b48a9f508f4
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:51:25 2011 -0700
Convert safe_strXX to strlXXX. Clean up off-by-ones.
commit 0dcc75f2df9d9e151f97448e54a34f2899657490
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:08:27 2011 -0700
Remove magic numbers. Standardize on macro. Move from safe_strcat to strlcat.
commit 8ff244ec2d0a57bc4cd9dbbf1f14dea42ae9a068
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:06:32 2011 -0700
Cope with +1 change on moving from safe_strcat to strlcat.
commit 2938fe6f90471e8fabf583a5eb585597381df97d
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:15:04 2011 -0700
Fold null terminator into listlen length, change to strlcpy.
commit e4667926ce752775e9ba1108c4cb41d6f97a04fa
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 14:01:20 2011 -0700
Fix the only place we reply on the NULL handling for the source in safe_strcpy.
commit 18582016d96e3f41f8828f0539969678ad7d233e
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:57:30 2011 -0700
Fix off-by-one when used with safe_strcpy.
commit 5c53d63348882b17f16bed0cc41f1489dcd6cf66
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:53:30 2011 -0700
sasl_secret_t ends in a char [1] size. This means the extra character is implicit in the safe_strcpy. When changing to strlcpy ensure we allocate an extra char for it. This fixes a bug where secret->len+1 used with safe_strcpy could actually write into secret->len+2.
commit cabd9e70e2f3ce3f617975a4d005d79121313b5f
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:52:06 2011 -0700
Simple +1 changes in hardcoded lengths when changing from safe_strcpy to strlcpy.
commit 265338c194ceab2520ed1df0f64b62e7169406dd
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:49:28 2011 -0700
BUGFIX when converting from safe_strcpy to strlcpy.
We must have a blob legth > 0 in order to safely copy
the (possibly) 16 bytes + 1 byte zero character safely.
commit 5fa6f390d1a4bdd3c82ced271e4db6c7241194f6
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:40:07 2011 -0700
Remove overmalloc_safe_strcpy - can be simple strlcpy.
commit a2915089de95dfc7c55d79a54ed70d279a2c6dfe
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:19:27 2011 -0700
Remove obvious use of safe_strcpy + safe_strcat -> strlcpy + strlcat.
commit 0c464df22b4d1a488ebe6ae889305a76d517f3d8
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:14:46 2011 -0700
Change safe_strcpy_base to strlcpy_base. Note the size doesn't change here as the original macro auto-added the -1.
commit 017e0c8d95fe8212b006e1c14aef8d96fed30674
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:10:01 2011 -0700
Fix simple uses of safe_strcpy -> strlcpy. Easy ones where we just remove -1.
-----------------------------------------------------------------------
Summary of changes:
lib/util/fault.c | 2 +-
lib/util/string_wrappers.h | 36 ++-----------
lib/util/tests/str.c | 10 ++--
lib/util/util.h | 12 -----
lib/util/util_str.c | 71 ---------------------------
libcli/auth/smbencrypt.c | 2 +-
nsswitch/winbind_nss_config.h | 2 +-
source3/auth/auth_script.c | 20 ++++----
source3/client/client.c | 6 +-
source3/client/clitar.c | 48 ++++++------------
source3/groupdb/mapping.c | 4 +-
source3/include/proto.h | 6 --
source3/lib/system.c | 10 ++--
source3/libnet/libnet_dssync_passdb.c | 12 ++--
source3/libnet/libnet_samsync_passdb.c | 10 ++--
source3/libsmb/cliprint.c | 12 ++--
source3/libsmb/nmblib.c | 48 ++++++++++++------
source3/locking/locking.c | 28 +++++++----
source3/modules/vfs_afsacl.c | 14 +++---
source3/modules/vfs_recycle.c | 6 +-
source3/nmbd/nmbd_become_lmb.c | 2 +-
source3/nmbd/nmbd_browsesync.c | 8 ++-
source3/nmbd/nmbd_incomingdgrams.c | 6 +-
source3/nmbd/nmbd_packets.c | 2 +-
source3/nmbd/nmbd_sendannounce.c | 2 +-
source3/nmbd/nmbd_workgroupdb.c | 2 +-
source3/passdb/passdb.c | 6 +-
source3/printing/lpq_parse.c | 3 +-
source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +-
source3/smbd/mangle_hash.c | 8 ++--
source3/smbd/mangle_hash2.c | 2 +-
source3/smbd/negprot.c | 6 ++-
source3/smbd/password.c | 8 ++--
source3/smbd/trans2.c | 6 +-
source3/torture/locktest.c | 4 +-
source3/torture/msgtest.c | 2 +-
source3/utils/net_groupmap.c | 10 ++--
source3/utils/net_rap.c | 4 +-
source3/utils/net_rpc.c | 6 +-
source3/utils/smbpasswd.c | 4 +-
source3/winbindd/idmap_hash/mapfile.c | 4 +-
source3/winbindd/wb_fill_pwent.c | 6 ++-
source3/winbindd/winbindd_cm.c | 2 +-
source3/winbindd/winbindd_group.c | 4 +-
source3/winbindd/winbindd_pam.c | 4 +-
source3/winbindd/winbindd_wins.c | 16 ++++--
source4/auth/gensec/cyrus_sasl.c | 4 +-
source4/client/client.c | 4 +-
source4/torture/masktest.c | 4 +-
source4/winbind/wb_server.h | 2 +-
50 files changed, 205 insertions(+), 297 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/fault.c b/lib/util/fault.c
index 086dc33..708dc67 100644
--- a/lib/util/fault.c
+++ b/lib/util/fault.c
@@ -119,7 +119,7 @@ static void smb_panic_default(const char *why)
if (panic_action && *panic_action) {
char pidstr[20];
char cmdstring[200];
- safe_strcpy(cmdstring, panic_action, sizeof(cmdstring)-1);
+ strlcpy(cmdstring, panic_action, sizeof(cmdstring));
snprintf(pidstr, sizeof(pidstr), "%d", (int) getpid());
all_string_sub(cmdstring, "%PID%", pidstr, sizeof(cmdstring));
DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmdstring));
diff --git a/lib/util/string_wrappers.h b/lib/util/string_wrappers.h
index 75718e9..7baf3cb 100644
--- a/lib/util/string_wrappers.h
+++ b/lib/util/string_wrappers.h
@@ -41,28 +41,16 @@ size_t __unsafe_string_function_usage_here_size_t__(void);
#endif /* HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS */
-#define safe_strcpy_base(dest, src, base, size) \
- safe_strcpy(dest, src, size-PTR_DIFF(dest,base)-1)
+#define strlcpy_base(dest, src, base, size) \
+ strlcpy((dest), (src) ? (src) : "", (size)-PTR_DIFF((dest),(base)))
/* String copy functions - macro hell below adds 'type checking' (limited,
but the best we can do in C) */
-#define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1)
-#define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1)
-#define nstrcpy(d,s) safe_strcpy((d), (s),sizeof(nstring)-1)
-#define unstrcpy(d,s) safe_strcpy((d), (s),sizeof(unstring)-1)
-
-/* the addition of the DEVELOPER checks in safe_strcpy means we must
- * update a lot of code. To make this a little easier here are some
- * functions that provide the lengths with less pain */
-
-/* overmalloc_safe_strcpy: DEPRECATED! Used when you know the
- * destination buffer is longer than maxlength, but you don't know how
- * long. This is not a good situation, because we can't do the normal
- * sanity checks. Don't use in new code! */
-
-#define overmalloc_safe_strcpy(dest,src,maxlength) \
- safe_strcpy_fn(dest,src,maxlength)
+#define fstrcpy(d,s) strlcpy((d),(s) ? (s) : "",sizeof(fstring))
+#define fstrcat(d,s) strlcpy((d),(s) ? (s) : "",sizeof(fstring))
+#define nstrcpy(d,s) strlcpy((d), (s) ? (s) : "",sizeof(nstring))
+#define unstrcpy(d,s) strlcpy((d), (s) ? (s) : "",sizeof(unstring))
#ifdef HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS
@@ -70,16 +58,6 @@ size_t __unsafe_string_function_usage_here_size_t__(void);
have the correct types (this works only where sizeof() returns the size of the buffer, not
the size of the pointer). */
-#define safe_strcpy(d, s, max_len) \
- (CHECK_STRING_SIZE(d, max_len+1) \
- ? __unsafe_string_function_usage_here__() \
- : safe_strcpy_fn((d), (s), (max_len)))
-
-#define safe_strcat(d, s, max_len) \
- (CHECK_STRING_SIZE(d, max_len+1) \
- ? __unsafe_string_function_usage_here__() \
- : safe_strcat_fn((d), (s), (max_len)))
-
#define push_string_check(dest, src, dest_len, flags) \
(CHECK_STRING_SIZE(dest, dest_len) \
? __unsafe_string_function_usage_here_size_t__() \
@@ -113,8 +91,6 @@ size_t __unsafe_string_function_usage_here_size_t__(void);
#else
-#define safe_strcpy safe_strcpy_fn
-#define safe_strcat safe_strcat_fn
#define push_string_check push_string_check_fn
#define clistr_push clistr_push_fn
#define clistr_pull clistr_pull_fn
diff --git a/lib/util/tests/str.c b/lib/util/tests/str.c
index b4c45e3..f9f3abf 100644
--- a/lib/util/tests/str.c
+++ b/lib/util/tests/str.c
@@ -25,7 +25,7 @@
static bool test_string_sub_simple(struct torture_context *tctx)
{
char tmp[100];
- safe_strcpy(tmp, "foobar", sizeof(tmp)-1);
+ strlcpy(tmp, "foobar", sizeof(tmp));
string_sub(tmp, "foo", "bar", sizeof(tmp));
torture_assert_str_equal(tctx, tmp, "barbar", "invalid sub");
return true;
@@ -34,7 +34,7 @@ static bool test_string_sub_simple(struct torture_context *tctx)
static bool test_string_sub_multiple(struct torture_context *tctx)
{
char tmp[100];
- safe_strcpy(tmp, "fooblafoo", sizeof(tmp)-1);
+ strlcpy(tmp, "fooblafoo", sizeof(tmp));
string_sub(tmp, "foo", "bar", sizeof(tmp));
torture_assert_str_equal(tctx, tmp, "barblabar", "invalid sub");
return true;
@@ -43,7 +43,7 @@ static bool test_string_sub_multiple(struct torture_context *tctx)
static bool test_string_sub_longer(struct torture_context *tctx)
{
char tmp[100];
- safe_strcpy(tmp, "foobla", sizeof(tmp)-1);
+ strlcpy(tmp, "foobla", sizeof(tmp));
string_sub(tmp, "foo", "blie", sizeof(tmp));
torture_assert_str_equal(tctx, tmp, "bliebla", "invalid sub");
return true;
@@ -52,7 +52,7 @@ static bool test_string_sub_longer(struct torture_context *tctx)
static bool test_string_sub_shorter(struct torture_context *tctx)
{
char tmp[100];
- safe_strcpy(tmp, "foobla", sizeof(tmp)-1);
+ strlcpy(tmp, "foobla", sizeof(tmp));
string_sub(tmp, "foo", "bl", sizeof(tmp));
torture_assert_str_equal(tctx, tmp, "blbla", "invalid sub");
return true;
@@ -61,7 +61,7 @@ static bool test_string_sub_shorter(struct torture_context *tctx)
static bool test_string_sub_special_char(struct torture_context *tctx)
{
char tmp[100];
- safe_strcpy(tmp, "foobla", sizeof(tmp)-1);
+ strlcpy(tmp, "foobla", sizeof(tmp));
string_sub(tmp, "foo", "%b;l", sizeof(tmp));
torture_assert_str_equal(tctx, tmp, "_b_lbla", "invalid sub");
return true;
diff --git a/lib/util/util.h b/lib/util/util.h
index 45f1b9c..6479302 100644
--- a/lib/util/util.h
+++ b/lib/util/util.h
@@ -247,18 +247,6 @@ _PUBLIC_ bool trim_string(char *s, const char *front, const char *back);
_PUBLIC_ _PURE_ size_t count_chars(const char *s, char c);
/**
- Safe string copy into a known length string. maxlength does not
- include the terminating zero.
-**/
-_PUBLIC_ char *safe_strcpy_fn(char *dest,const char *src, size_t maxlength);
-
-/**
- Safe string cat into a string. maxlength does not
- include the terminating zero.
-**/
-_PUBLIC_ char *safe_strcat_fn(char *dest, const char *src, size_t maxlength);
-
-/**
Routine to get hex characters and turn them into a 16 byte array.
the array can be variable length, and any non-hex-numeric
characters are skipped. "0xnn" or "0Xnn" is specially catered
diff --git a/lib/util/util_str.c b/lib/util/util_str.c
index 9842f11..388d788 100644
--- a/lib/util/util_str.c
+++ b/lib/util/util_str.c
@@ -32,77 +32,6 @@
**/
/**
- Safe string copy into a known length string. maxlength does not
- include the terminating zero.
-**/
-
-_PUBLIC_ char *safe_strcpy_fn(char *dest,
- const char *src,
- size_t maxlength)
-{
- size_t len;
-
- if (!dest) {
- smb_panic("ERROR: NULL dest in safe_strcpy");
- }
-
- if (!src) {
- *dest = 0;
- return dest;
- }
-
- len = strnlen(src, maxlength+1);
-
- if (len > maxlength) {
- DEBUG(0,("ERROR: string overflow by "
- "%lu (%lu - %lu) in safe_strcpy [%.50s]\n",
- (unsigned long)(len-maxlength), (unsigned long)len,
- (unsigned long)maxlength, src));
- len = maxlength;
- }
-
- memmove(dest, src, len);
- dest[len] = 0;
- return dest;
-}
-
-/**
- Safe string cat into a string. maxlength does not
- include the terminating zero.
-**/
-char *safe_strcat_fn(char *dest,
- const char *src,
- size_t maxlength)
-{
- size_t src_len, dest_len;
-
- if (!dest) {
- smb_panic("ERROR: NULL dest in safe_strcat");
- }
-
- if (!src)
- return dest;
-
- src_len = strnlen(src, maxlength + 1);
- dest_len = strnlen(dest, maxlength + 1);
-
- if (src_len + dest_len > maxlength) {
- DEBUG(0,("ERROR: string overflow by %d "
- "in safe_strcat [%.50s]\n",
- (int)(src_len + dest_len - maxlength), src));
- if (maxlength > dest_len) {
- memcpy(&dest[dest_len], src, maxlength - dest_len);
- }
- dest[maxlength] = 0;
- return NULL;
- }
-
- memcpy(&dest[dest_len], src, src_len);
- dest[dest_len + src_len] = 0;
- return dest;
-}
-
-/**
format a string into length-prefixed dotted domain format, as used in NBT
and in some ADS structures
**/
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index 366f6df..0cd8363 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -134,7 +134,7 @@ bool E_deshash(const char *passwd, uint8_t p16[16])
tmpbuf = strupper_talloc(mem_ctx, passwd);
if (tmpbuf == NULL) {
/* Too many callers don't check this result, we need to fill in the buffer with something */
- safe_strcpy((char *)dospwd, passwd, sizeof(dospwd)-1);
+ strlcpy((char *)dospwd, passwd ? passwd : "", sizeof(dospwd));
E_P16(dospwd, p16);
return false;
}
diff --git a/nsswitch/winbind_nss_config.h b/nsswitch/winbind_nss_config.h
index 3e2ce68..9231e3c 100644
--- a/nsswitch/winbind_nss_config.h
+++ b/nsswitch/winbind_nss_config.h
@@ -54,7 +54,7 @@
#ifndef FSTRING_LEN
#define FSTRING_LEN 256
typedef char fstring[FSTRING_LEN];
-#define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1)
+#define fstrcpy(d,s) strlcpy((d),(s) ? (s) : "",sizeof(fstring))
#endif
/* Some systems (SCO) treat UNIX domain sockets as FIFOs */
diff --git a/source3/auth/auth_script.c b/source3/auth/auth_script.c
index ad97310..5691ea1 100644
--- a/source3/auth/auth_script.c
+++ b/source3/auth/auth_script.c
@@ -74,32 +74,32 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
return NT_STATUS_NO_MEMORY;
}
- safe_strcpy( secret_str, user_info->mapped.domain_name, secret_str_len - 1);
- safe_strcat( secret_str, "\n", secret_str_len - 1);
- safe_strcat( secret_str, user_info->client.account_name, secret_str_len - 1);
- safe_strcat( secret_str, "\n", secret_str_len - 1);
+ strlcpy( secret_str, user_info->mapped.domain_name, secret_str_len);
+ strlcat( secret_str, "\n", secret_str_len);
+ strlcat( secret_str, user_info->client.account_name, secret_str_len);
+ strlcat( secret_str, "\n", secret_str_len);
for (i = 0; i < 8; i++) {
slprintf(&hex_str[i*2], 3, "%02X", auth_context->challenge.data[i]);
}
- safe_strcat( secret_str, hex_str, secret_str_len - 1);
- safe_strcat( secret_str, "\n", secret_str_len - 1);
+ strlcat( secret_str, hex_str, secret_str_len);
+ strlcat( secret_str, "\n", secret_str_len);
if (user_info->password.response.lanman.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.lanman.data[i]);
}
- safe_strcat( secret_str, hex_str, secret_str_len - 1);
+ strlcat( secret_str, hex_str, secret_str_len);
}
- safe_strcat( secret_str, "\n", secret_str_len - 1);
+ strlcat( secret_str, "\n", secret_str_len);
if (user_info->password.response.nt.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.nt.data[i]);
}
- safe_strcat( secret_str, hex_str, secret_str_len - 1);
+ strlcat( secret_str, hex_str, secret_str_len);
}
- safe_strcat( secret_str, "\n", secret_str_len - 1);
+ strlcat( secret_str, "\n", secret_str_len);
DEBUG(10,("script_check_user_credentials: running %s with parameters:\n%s\n",
script, secret_str ));
diff --git a/source3/client/client.c b/source3/client/client.c
index c734a24..836d101 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -702,7 +702,7 @@ static void add_to_do_list_queue(const char *entry)
}
}
if (do_list_queue) {
- safe_strcpy_base(do_list_queue + do_list_queue_end,
+ strlcpy_base(do_list_queue + do_list_queue_end,
entry, do_list_queue, do_list_queue_size);
do_list_queue_end = new_end;
DEBUG(4,("added %s to do_list_queue (start=%d, end=%d)\n",
@@ -5046,9 +5046,9 @@ static int do_message_op(struct user_auth_info *a_info)
make_nmb_name(&calling, calling_name, 0x0);
make_nmb_name(&called , desthost, name_type);
- fstrcpy(server_name, desthost);
+ strlcpy(server_name, desthost,sizeof(server_name));
snprintf(name_type_hex, sizeof(name_type_hex), "#%X", name_type);
- fstrcat(server_name, name_type_hex);
+ strlcat(server_name, name_type_hex,sizeof(server_name));
zero_sockaddr(&ss);
if (have_ip)
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index 289e578..80968a6 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -136,23 +136,6 @@ static void unfixtarname(char *tptr, char *fp, int l, bool first);
* tar specific utitlities
*/
-/*******************************************************************
-Create a string of size size+1 (for the null)
-*******************************************************************/
-
-static char *string_create_s(int size)
-{
- char *tmp;
-
- tmp = (char *)SMB_MALLOC(size+1);
-
- if (tmp == NULL) {
- DEBUG(0, ("Out of memory in string_create_s\n"));
- }
-
- return(tmp);
-}
-
/****************************************************************************
Write a tar header to buffer
****************************************************************************/
@@ -197,7 +180,7 @@ static void writetarheader(int f, const char *aname, uint64_t size, time_t mtime
/* write out a "standard" tar format header */
hb.dbuf.name[NAMSIZ-1]='\0';
- safe_strcpy(hb.dbuf.mode, amode, sizeof(hb.dbuf.mode)-1);
+ strlcpy(hb.dbuf.mode, amode ? amode : "", sizeof(hb.dbuf.mode));
oct_it((uint64_t)0, 8, hb.dbuf.uid);
oct_it((uint64_t)0, 8, hb.dbuf.gid);
oct_it((uint64_t) size, 13, hb.dbuf.size);
@@ -263,12 +246,12 @@ static long readtarheader(union hblock *hb, file_info2 *finfo, const char *prefi
return -1;
}
- if ((finfo->name = string_create_s(strlen(prefix) + strlen(hb -> dbuf.name) + 3)) == NULL) {
+ if ((finfo->name = SMB_MALLOC(strlen(prefix) + strlen(hb -> dbuf.name) + 4)) == NULL) {
DEBUG(0, ("Out of space creating file_info2 for %s\n", hb -> dbuf.name));
return(-1);
}
- safe_strcpy(finfo->name, prefix, strlen(prefix) + strlen(hb -> dbuf.name) + 3);
+ strlcpy(finfo->name, prefix, strlen(prefix) + strlen(hb -> dbuf.name) + 4);
/* use l + 1 to do the null too; do prefix - prefcnt to zap leading slash */
unfixtarname(finfo->name + strlen(prefix), hb->dbuf.name,
@@ -521,14 +504,15 @@ static bool ensurepath(const char *fname)
/* ensures path exists */
char *partpath, *ffname;
+ size_t fnamelen = strlen(fname)+1;
const char *p=fname;
char *basehack;
char *saveptr;
DEBUG(5, ( "Ensurepath called with: %s\n", fname));
- partpath = string_create_s(strlen(fname));
- ffname = string_create_s(strlen(fname));
+ partpath = SMB_MALLOC(fnamelen);
+ ffname = SMB_MALLOC(fnamelen);
if ((partpath == NULL) || (ffname == NULL)){
DEBUG(0, ("Out of memory in ensurepath: %s\n", fname));
@@ -541,7 +525,7 @@ static bool ensurepath(const char *fname)
/* fname copied to ffname so can strtok_r */
- safe_strcpy(ffname, fname, strlen(fname));
+ strlcpy(ffname, fname, fnamelen);
/* do a `basename' on ffname, so don't try and make file name directory */
if ((basehack=strrchr_m(ffname, '\\')) == NULL) {
@@ -555,7 +539,7 @@ static bool ensurepath(const char *fname)
p=strtok_r(ffname, "\\", &saveptr);
while (p) {
- safe_strcat(partpath, p, strlen(fname) + 1);
+ strlcat(partpath, p, fnamelen);
if (!NT_STATUS_IS_OK(cli_chkpath(cli, partpath))) {
if (!NT_STATUS_IS_OK(cli_mkdir(cli, partpath))) {
@@ -568,7 +552,7 @@ static bool ensurepath(const char *fname)
}
}
- safe_strcat(partpath, "\\", strlen(fname) + 1);
+ strlcat(partpath, "\\", fnamelen);
p = strtok_r(NULL, "/\\", &saveptr);
}
@@ -675,15 +659,13 @@ static NTSTATUS do_atar(const char *rname_in, char *lname,
goto cleanup;
}
- finfo.name = string_create_s(strlen(rname));
+ finfo.name = smb_xstrdup(rname);
if (finfo.name == NULL) {
DEBUG(0, ("Unable to allocate space for finfo.name in do_atar\n"));
status = NT_STATUS_NO_MEMORY;
goto cleanup;
}
- safe_strcpy(finfo.name,rname, strlen(rname));
-
DEBUG(3,("file %s attrib 0x%X\n",finfo.name,finfo.mode));
if (tar_inc && !(finfo.mode & FILE_ATTRIBUTE_ARCHIVE)) {
@@ -934,9 +916,12 @@ static void unfixtarname(char *tptr, char *fp, int l, bool first)
fp++;
l--;
}
+ if (l <= 0) {
+ return;
+ }
}
- safe_strcpy(tptr, fp, l);
+ strlcpy(tptr, fp, l);
string_replace(tptr, '/', '\\');
}
@@ -1170,7 +1155,8 @@ static char *get_longfilename(file_info2 finfo)
return(NULL);
}
- unfixtarname(longname + offset, buffer_p, MIN(TBLOCK, finfo.size), first--);
+ unfixtarname(longname + offset, buffer_p,
+ namesize - offset, first--);
DEBUG(5, ("UnfixedName: %s, buffer: %s\n", longname, buffer_p));
offset += TBLOCK;
@@ -1721,7 +1707,7 @@ static int read_inclusion_file(char *filename)
}
}
- safe_strcpy(inclusion_buffer + inclusion_buffer_sofar, buf, inclusion_buffer_size - inclusion_buffer_sofar);
+ strlcpy(inclusion_buffer + inclusion_buffer_sofar, buf, inclusion_buffer_size - inclusion_buffer_sofar);
inclusion_buffer_sofar += strlen(buf) + 1;
clipn++;
}
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 3646e04..d35f3c5 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -777,8 +777,8 @@ NTSTATUS pdb_create_builtin_alias(uint32 rid)
map.gid = gid;
sid_copy(&map.sid, &sid);
map.sid_name_use = SID_NAME_ALIAS;
- fstrcpy(map.nt_name, groupname);
- fstrcpy(map.comment, "");
+ strlcpy(map.nt_name, groupname, sizeof(map.nt_name));
+ strlcpy(map.comment, "", sizeof(map.comment));
status = pdb_add_group_mapping_entry(&map);
diff --git a/source3/include/proto.h b/source3/include/proto.h
index dfe44a1..2dd30d9 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -937,12 +937,6 @@ size_t str_charnum(const char *s);
bool trim_char(char *s,char cfront,char cback);
bool strhasupper(const char *s);
bool strhaslower(const char *s);
--
Samba Shared Repository
More information about the samba-cvs
mailing list