[SCM] Samba Shared Repository - branch v3-6-test updated
Jeremy Allison
jra at samba.org
Wed May 4 15:36:40 MDT 2011
The branch, v3-6-test has been updated
via c357147 Fix off-by-one when used with safe_strcpy. (cherry picked from commit 18582016d96e3f41f8828f0539969678ad7d233e)
via 0692059 BUGFIX when converting from safe_strcpy to strlcpy.
from 1766905 Remove unused function parse_add_domuser().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit c357147e0c40cbe00b0bc0d5f90ac0f4e2ad3ca5
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:57:30 2011 -0700
Fix off-by-one when used with safe_strcpy.
(cherry picked from commit 18582016d96e3f41f8828f0539969678ad7d233e)
commit 0692059d162cc146bd8f2cc302b5cba64f049a9a
Author: Jeremy Allison <jra at samba.org>
Date: Tue May 3 13:49:28 2011 -0700
BUGFIX when converting from safe_strcpy to strlcpy.
We must have a blob legth > 0 in order to safely copy
the (possibly) 16 bytes + 1 byte zero character safely.
(cherry picked from commit 265338c194ceab2520ed1df0f64b62e7169406dd)
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/negprot.c | 6 +++++-
source3/smbd/password.c | 2 +-
2 files changed, 6 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 0a56d36..a2e7e0b 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -234,6 +234,10 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
SAFE_FREE(host_princ_s);
}
+ if (blob.length == 0 || blob.data == NULL) {
+ return data_blob_null;
+ }
+
blob_out = data_blob_talloc(ctx, NULL, 16 + blob.length);
if (blob_out.data == NULL) {
data_blob_free(&blob);
@@ -245,7 +249,7 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
safe_strcpy(unix_name, global_myname(), sizeof(unix_name)-1);
strlower_m(unix_name);
push_ascii_nstring(dos_name, unix_name);
- safe_strcpy((char *)blob_out.data, dos_name, 16);
+ strlcpy((char *)blob_out.data, dos_name, 17);
#ifdef DEVELOPER
/* Fix valgrind 'uninitialized bytes' issue. */
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 4b38de7..ddc7ad1 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -549,7 +549,7 @@ static char *validate_group(struct smbd_server_connection *sconn,
DEBUG(10,("validate_group: = gr_mem = "
"%s\n", gptr->gr_mem[i]));
- safe_strcpy(member, gptr->gr_mem[i],
+ strlcpy(member, gptr->gr_mem[i],
list_len - (member-member_list));
member += member_len;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list