[PATCH 4/5] s3-safe_string: Add checked_strlcpy()

Andrew Bartlett abartlet at samba.org
Tue Mar 22 04:03:59 MDT 2011 

This is strlcpy, just with an extra check of the parameters with
sizeof(), use only where that works.

Andrew Bartlett
---
 source3/include/safe_string.h |   12 ++++++++++++
 source3/smbd/negprot.c        |    2 +-
 2 files changed, 13 insertions(+), 1 deletions(-)

diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h
index a4648b5..611f850 100644
--- a/source3/include/safe_string.h
+++ b/source3/include/safe_string.h
@@ -144,6 +144,17 @@ size_t __unsafe_string_function_usage_here_char__(void);
     ? __unsafe_string_function_usage_here_size_t__() \
     : srvstr_push_fn(base_ptr, smb_flags2, dest, src, dest_len, flags))
 
+/* This allows the developer to choose to check the arguments to
+   strlcpy.  if the compiler will optimize out function calls, then
+   use this to tell if we are have the correct size buffer (this works only
+   where sizeof() returns the size of the buffer, not the size of the
+   pointer), so stack and static variables only */
+
+#define checked_strlcpy(dest, src, size) \
+    (sizeof(dest) != (size) \
+    ? __unsafe_string_function_usage_here_size_t__() \
+     : strlcpy(dest, src, size))
+
 #else
 
 #define safe_strcpy safe_strcpy_fn
@@ -153,6 +164,7 @@ size_t __unsafe_string_function_usage_here_char__(void);
 #define clistr_push clistr_push_fn
 #define clistr_pull clistr_pull_fn
 #define srvstr_push srvstr_push_fn
+#define checked_strlcpy strlcpy
 
 #endif
 
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index eb6dfa3..f128396 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -238,7 +238,7 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
 
 	memset(blob_out.data, '\0', 16);
 
-	safe_strcpy(unix_name, global_myname(), sizeof(unix_name)-1);
+	checked_strlcpy(unix_name, global_myname(), sizeof(unix_name));
 	strlower_m(unix_name);
 	push_ascii_nstring(dos_name, unix_name);
 	safe_strcpy((char *)blob_out.data, dos_name, 16);
-- 
1.7.4


--=-CKea5WF8d91yCrI3Skri
Content-Disposition: attachment; filename*0=0003-s3-safe_str-Futher-simplify-the-macros-by-removing-i.pat; filename*1=ch
Content-Type: text/x-patch; name="0003-s3-safe_str-Futher-simplify-the-macros-by-removing-i.patch"; charset="UTF-8"
Content-Transfer-Encoding: 7bit

More information about the samba-technical mailing list