CVS update: samba/source/lib
Andrew Bartlett
abartlet at samba.org
Fri Aug 22 09:01:07 GMT 2003
On Thu, 2003-08-21 at 08:06, jra at samba.org wrote:
> Date: Wed Aug 20 22:06:19 2003
> Author: jra
>
> Update of /data/cvs/samba/source/lib
> In directory dp.samba.org:/tmp/cvs-serv18021/lib
>
> Modified Files:
> Tag: SAMBA_3_0
> charcnv.c
> Log Message:
> Attempt to fix the charcnv issues causing nmbd to crash. If we get a failed
> conversion simply copy as is. Also fixed the horrid malloc-twice-copy code
> in the convert alloc path.
> Jeremy.
I'm quite worried about the 'simply copy' part of this change.
Firstly, I specifically relied on that behaviour in the StrCaseCmp() and
fnmatch patches - those assumed that they convert_string_alloc()
succeeding (via it's wrappers) meant that the input and output were
validated.
I'm worried in particular about what will happen when a particular 'unix
string' character pair gets compared as unicode, for case equivilance.
Similarly, I'm worried that if we get an invalid string in from a
client, that we will copy raw unicode into our 'unix string' code, or
that we will push 'unix' strings into unicode buffers to the client.
What problem was this trying to solve exactly? NMBD should have it's
own wrappers if it's going to pass in 'arbitary' strings as 'unix' - at
least nmbd's strings won't be unicode.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030822/f0e91f9c/attachment.bin
More information about the samba-technical
mailing list