Possible string handling bug in samba 2.2.8a
M A Young
m.a.young at durham.ac.uk
Wed Apr 16 15:07:45 GMT 2003
On Wed, 16 Apr 2003, Gerald (Jerry) Carter wrote:
> On Wed, 16 Apr 2003, M A Young wrote:
>
> > > > [2003/04/15 01:49:16, 0] lib/util_str.c:string_sub(1221)
> > > > ERROR: string overflow by 4 in string_sub(%I, 406)
> > > > starting as soon as a session connected.
> > > >
>
> I checked and it is definitely a char[1024]. A level 10 debug would
> probably explain things more to you wrt to why the string is being
> expanded over that.
Level 10 debugging tells you very little about the substitutions, any
useful logging must come after the infinite list of error messages.
[2003/04/16 15:40:03, 3] smbd/process.c:switch_message(685)
switch message SMBclose (pid 5342)
[2003/04/16 15:40:03, 4] smbd/uid.c:change_to_user(119)
change_to_user: Skipping user change - already user
[2003/04/16 15:40:03, 3] smbd/reply.c:reply_close(3167)
close fd=24 fnum=13311 (numopen=1)
[2003/04/16 15:40:03, 0] lib/util_str.c:string_sub(1221)
ERROR: string overflow by 6 in string_sub(%I, 440)
[2003/04/16 15:40:03, 0] lib/util_str.c:string_sub(1221)
ERROR: string overflow by 0 in string_sub(%h, 292)
[2003/04/16 15:40:03, 0] lib/util_str.c:string_sub(1221)
ERROR: string overflow by 0 in string_sub(%h, 292)
etc.
Michael Young
More information about the samba-technical
mailing list