Buffer overflow?
Martin Pool
mbp at samba.org
Mon Jan 21 18:42:05 GMT 2002
On 21 Jan 2002, Benjamin Kuit <bj at it.uts.edu.au> wrote:
> I've been playing with samba for a couple of weeks now, and recently
> in the browse lists a funny looking domain/workgroup has been appearing,
> funny in the sense that it's name contains nothing but 8 bit chars.
>
> The respective line in browse.dat looks like this:
> "\261\350\310\361\274\261" 80001000 "\261\350\310\361\274\261" "\261\350\310\361\274\261"
>
> I've used smbclient -L <server> on browse masters that I know of, to
> try and find the source of this name, but only browse lists coming from
> samba servers has this entry in them.
We're seeing something similar coming back in the HP browse list,
which contains thousands of hosts.
I wondered if perhaps somebody had given a host a non-ASCII name, and
it was not being properly interpreted. I'm not sure what the correct
interpretation would be, though -- is there any chance it could be in
UTF8?
At the moment the smbclient -L output scrambles the terminal
(requiring a reset(1)) by emitting 8-bit codes. I wonder if it would
be better to have d_printf() escape these characters when translating
to ascii?
--
Martin
More information about the samba-technical
mailing list