[SCM] Samba Shared Repository - branch v3-6-test updated

Wed May 4 15:36:40 MDT 2011

The branch, v3-6-test has been updated
       via  c357147 Fix off-by-one when used with safe_strcpy. (cherry picked from commit 18582016d96e3f41f8828f0539969678ad7d233e)
       via  0692059 BUGFIX when converting from safe_strcpy to strlcpy.
      from  1766905 Remove unused function parse_add_domuser().

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit c357147e0c40cbe00b0bc0d5f90ac0f4e2ad3ca5
Author: Jeremy Allison <jra at samba.org>
Date:   Tue May 3 13:57:30 2011 -0700

    Fix off-by-one when used with safe_strcpy.
    (cherry picked from commit 18582016d96e3f41f8828f0539969678ad7d233e)

commit 0692059d162cc146bd8f2cc302b5cba64f049a9a
Author: Jeremy Allison <jra at samba.org>
Date:   Tue May 3 13:49:28 2011 -0700

    BUGFIX when converting from safe_strcpy to strlcpy.
    
    We must have a blob legth > 0 in order to safely copy
    the (possibly) 16 bytes + 1 byte zero character safely.
    (cherry picked from commit 265338c194ceab2520ed1df0f64b62e7169406dd)

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/negprot.c  |    6 +++++-
 source3/smbd/password.c |    2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 0a56d36..a2e7e0b 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -234,6 +234,10 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
 		SAFE_FREE(host_princ_s);
 	}
 
+	if (blob.length == 0 || blob.data == NULL) {
+		return data_blob_null;
+	}
+
 	blob_out = data_blob_talloc(ctx, NULL, 16 + blob.length);
 	if (blob_out.data == NULL) {
 		data_blob_free(&blob);
@@ -245,7 +249,7 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
 	safe_strcpy(unix_name, global_myname(), sizeof(unix_name)-1);
 	strlower_m(unix_name);
 	push_ascii_nstring(dos_name, unix_name);
-	safe_strcpy((char *)blob_out.data, dos_name, 16);
+	strlcpy((char *)blob_out.data, dos_name, 17);
 
 #ifdef DEVELOPER
 	/* Fix valgrind 'uninitialized bytes' issue. */
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 4b38de7..ddc7ad1 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -549,7 +549,7 @@ static char *validate_group(struct smbd_server_connection *sconn,
 				DEBUG(10,("validate_group: = gr_mem = "
 					  "%s\n", gptr->gr_mem[i]));
 
-				safe_strcpy(member, gptr->gr_mem[i],
+				strlcpy(member, gptr->gr_mem[i],
 					list_len - (member-member_list));
 				member += member_len;
 			}


-- 
Samba Shared Repository
