[PATCH] Fix bug 10716 - smbd constantly crashes when filename contains non-ascii character.
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Aug 5 03:28:25 MDT 2014
On Mon, Aug 04, 2014 at 11:20:38AM -0700, Jeremy Allison wrote:
> Turns out that strcasecmp_m_handle()
> and strncasecmp_m_handle() don't
> handle conversion errors very well.
>
> They skip over the non-converting
> characters, which means they can
> return a false match fore filenames
> where the non-converting character
> sequences occur at the end of the
> string.
>
> Fix confirmed by submitter.
>
> Please review and push if happy !
Pushed. Attached find a patch on top of this. Before I +1
the bugzilla entry, I'd like you to comment on that one.
Thanks,
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From 976f54f3607834040d6c1112cd1be6ae9d3019ac Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 5 Aug 2014 09:21:07 +0000
Subject: [PATCH] lib: strings: Simplify strcasecmp
This makes us fallback to strcasecmp early if any INVALID_CODEPOINT
appears. Without this patch we just continue to compare if both strings
happen to have an INVALID_CODEPOINT in the same spot.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/util/charset/util_str.c | 46 ++++++++++++---------------------------------
1 file changed, 12 insertions(+), 34 deletions(-)
diff --git a/lib/util/charset/util_str.c b/lib/util/charset/util_str.c
index f62c999..1164330 100644
--- a/lib/util/charset/util_str.c
+++ b/lib/util/charset/util_str.c
@@ -47,6 +47,11 @@ _PUBLIC_ int strcasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
c1 = next_codepoint_handle(iconv_handle, s1, &size1);
c2 = next_codepoint_handle(iconv_handle, s2, &size2);
+ if (c1 == INVALID_CODEPOINT ||
+ c2 == INVALID_CODEPOINT) {
+ return strcasecmp(s1, s2);
+ }
+
s1 += size1;
s2 += size2;
@@ -54,22 +59,6 @@ _PUBLIC_ int strcasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
continue;
}
- if (c1 == INVALID_CODEPOINT ||
- c2 == INVALID_CODEPOINT) {
- /*
- * Fall back to byte
- * comparison. We must
- * step back by the codepoint
- * length we just incremented
- * - otherwise we are not
- * checking the bytes that
- * failed the conversion.
- */
- s1 -= size1;
- s2 -= size2;
- return strcasecmp(s1, s2);
- }
-
if (toupper_m(c1) != toupper_m(c2)) {
return c1 - c2;
}
@@ -107,27 +96,9 @@ _PUBLIC_ int strncasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
c1 = next_codepoint_handle(iconv_handle, s1, &size1);
c2 = next_codepoint_handle(iconv_handle, s2, &size2);
- s1 += size1;
- s2 += size2;
-
- if (c1 == c2) {
- continue;
- }
-
if (c1 == INVALID_CODEPOINT ||
c2 == INVALID_CODEPOINT) {
/*
- * Fall back to byte
- * comparison. We must
- * step back by the codepoint
- * length we just incremented
- * by - otherwise we are not
- * checking the bytes that
- * failed the conversion.
- */
- s1 -= size1;
- s2 -= size2;
- /*
* n was specified in characters,
* now we must convert it to bytes.
* As bytes are the smallest
@@ -145,6 +116,13 @@ _PUBLIC_ int strncasecmp_m_handle(struct smb_iconv_handle *iconv_handle,
return strncasecmp(s1, s2, n);
}
+ s1 += size1;
+ s2 += size2;
+
+ if (c1 == c2) {
+ continue;
+ }
+
if (toupper_m(c1) != toupper_m(c2)) {
return c1 - c2;
}
--
1.8.1.2
More information about the samba-technical
mailing list