Buffer overflow?

Martin Pool mbp at samba.org
Mon Jan 21 18:42:05 GMT 2002


On 21 Jan 2002, Benjamin Kuit <bj at it.uts.edu.au> wrote:
> I've been playing with samba for a couple of weeks now, and recently
> in the browse lists a funny looking domain/workgroup has been appearing,
> funny in the sense that it's name contains nothing but 8 bit chars.
> 
> The respective line in browse.dat looks like this:
> "\261\350\310\361\274\261"                   80001000  "\261\350\310\361\274\261"                      "\261\350\310\361\274\261"
> 
> I've used smbclient -L <server> on browse masters that I know of, to
> try and find the source of this name, but only browse lists coming from
> samba servers has this entry in them.

We're seeing something similar coming back in the HP browse list,
which contains thousands of hosts.

I wondered if perhaps somebody had given a host a non-ASCII name, and
it was not being properly interpreted.  I'm not sure what the correct
interpretation would be, though -- is there any chance it could be in
UTF8?

At the moment the smbclient -L output scrambles the terminal
(requiring a reset(1)) by emitting 8-bit codes.  I wonder if it would
be better to have d_printf() escape these characters when translating
to ascii?

-- 
Martin 




More information about the samba-technical mailing list