diff options
author | Andrew Tridgell <tridge@samba.org> | 1997-12-26 10:01:57 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1997-12-26 10:01:57 +0000 |
commit | ed2ed5671bf868234d540cf9e0b887a19d25cc10 (patch) | |
tree | ce87ea7a550edf71c0c490226ea9b1601a18e9ed | |
parent | 65a21bcbddd768a5aa41fc684150d9c5ceb9d5d9 (diff) | |
download | samba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.tar.gz samba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.tar.bz2 samba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.zip |
fixed a couple of illegal uses of scanf() in the nmbd wins code. They
caused a core dump under IRIX when compiled with -64.
In general you cannot assume things about variable sizes. In
particular sizeof(time_t) may not equal sizeof(long) and
sizeof(uint16) may not equal sizeof(short).
There are probably other bugs like this. We'll need to check all
format statements for use of %ld, %hx etc. In general these should not
be used unless you have an explicit cast to the appropriate type.
(This used to be commit 6ea907e78672558d470e9a819982940a9228e2fa)
-rw-r--r-- | source3/lib/util.c | 2 | ||||
-rw-r--r-- | source3/nmbd/nmbd_winsserver.c | 12 |
2 files changed, 7 insertions, 7 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index 5c81a14c66..403ebb73eb 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3754,7 +3754,7 @@ void standard_sub_basic(char *str) struct passwd *pass; char *username = sam_logon_in_ssb ? samlogon_user : sesssetup_user; - for (s = str ; (p = strchr(s,'%')) != NULL ; s = p ) + for (s = str ; s && *s && (p = strchr(s,'%')); s = p ) { switch (*(p+1)) { diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c index bd8febd65d..7bb3081e10 100644 --- a/source3/nmbd/nmbd_winsserver.c +++ b/source3/nmbd/nmbd_winsserver.c @@ -150,8 +150,8 @@ BOOL initialise_wins(void) pstring name; struct in_addr *ip_list; int type = 0; - uint16 nb_flags; - time_t ttl; + int nb_flags; + int ttl; enum name_source source; char *ptr; char *p; @@ -262,8 +262,8 @@ BOOL initialise_wins(void) } /* Decode the netbios flags (hex) and the time-to-live (in seconds). */ - sscanf(nb_flags_str,"%hx",&nb_flags); - sscanf(ttl_str,"%ld",&ttl); + sscanf(nb_flags_str,"%x",&nb_flags); + sscanf(ttl_str,"%d",&ttl); /* add all entries that have 60 seconds or more to live */ if ((ttl - 60) > time_now || ttl == PERMANENT_TTL) @@ -273,7 +273,7 @@ BOOL initialise_wins(void) if(ttl != PERMANENT_TTL) ttl -= time_now; - DEBUG(4, ("initialise_wins: add name: %s#%02x ttl = %ld first IP %s flags = %2hx\n", + DEBUG(4, ("initialise_wins: add name: %s#%02x ttl = %d first IP %s flags = %2x\n", name, type, ttl, inet_ntoa(ip_list[0]), nb_flags)); namerec = add_name_to_subnet(wins_server_subnet, name, type, nb_flags, @@ -282,7 +282,7 @@ BOOL initialise_wins(void) } else { - DEBUG(4, ("initialise_wins: not adding name (ttl problem) %s#%02x ttl = %ld first IP %s flags = %2hx\n", + DEBUG(4, ("initialise_wins: not adding name (ttl problem) %s#%02x ttl = %ld first IP %s flags = %2x\n", name, type, ttl, inet_ntoa(ip_list[0]), nb_flags)); } |