[Samba] lib/util_str.c:safe_strcpy ERROR: string overflow by 1

Jeremy Allison jra at samba.org
Mon Nov 19 04:15:41 GMT 2007


On Sat, Nov 17, 2007 at 05:53:39AM +0000, Ken Smith wrote:
> Ken Smith wrote:
>> Hi,
>>
>> I've seeing the following error messages recorded in logwatch against 
>> samba in two FC6 XA-64 systems with samba 3.0.24-7.
>>
>> lib/util_str.c:safe_strcpy_fn(603)  ERROR: string overflow by 1 (24 - 23) 
>> in safe_strcpy
>>
>> The main share in use on the first machine is via the guest account with 
>> Vista and XP clients, the other has more conventional shares with the 
>> Vista PC's as domain members and acl's in use.
>>
>> I've seen some weird behaviour with the Vista clients at the first site. 
>> For example a Vista machine can create a folder but can't rename it. 
>> Someone using a windows briefcase on their vista pc syncing to the samba 
>> share sees very poor performance. nmbd is running and dhcpd is giving wins 
>> details to the network. But does Vista take on the Wins info?
>>
>> Any ideas?
>>
>> Thanks in advance
>>
>> Ken
>>
>>
>>
> Any one got any insight into this??

What might help is to change the code in safe_strcpy_fn
to call smb_panic on this detection, and then to reproduce
the error with the relevent panic action set in smb.conf.

If you get me a backtrace I can see if we've already
fixed this (most string handling code is massively
different in 3.2.x from 3.0.x).

Jeremy.


More information about the samba mailing list