summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>1997-12-26 10:01:57 +0000
committerAndrew Tridgell <tridge@samba.org>1997-12-26 10:01:57 +0000
commited2ed5671bf868234d540cf9e0b887a19d25cc10 (patch)
treece87ea7a550edf71c0c490226ea9b1601a18e9ed
parent65a21bcbddd768a5aa41fc684150d9c5ceb9d5d9 (diff)
downloadsamba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.tar.gz
samba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.tar.bz2
samba-ed2ed5671bf868234d540cf9e0b887a19d25cc10.zip
fixed a couple of illegal uses of scanf() in the nmbd wins code. They
caused a core dump under IRIX when compiled with -64. In general you cannot assume things about variable sizes. In particular sizeof(time_t) may not equal sizeof(long) and sizeof(uint16) may not equal sizeof(short). There are probably other bugs like this. We'll need to check all format statements for use of %ld, %hx etc. In general these should not be used unless you have an explicit cast to the appropriate type. (This used to be commit 6ea907e78672558d470e9a819982940a9228e2fa)
-rw-r--r--source3/lib/util.c2
-rw-r--r--source3/nmbd/nmbd_winsserver.c12
2 files changed, 7 insertions, 7 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 5c81a14c66..403ebb73eb 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -3754,7 +3754,7 @@ void standard_sub_basic(char *str)
struct passwd *pass;
char *username = sam_logon_in_ssb ? samlogon_user : sesssetup_user;
- for (s = str ; (p = strchr(s,'%')) != NULL ; s = p )
+ for (s = str ; s && *s && (p = strchr(s,'%')); s = p )
{
switch (*(p+1))
{
diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c
index bd8febd65d..7bb3081e10 100644
--- a/source3/nmbd/nmbd_winsserver.c
+++ b/source3/nmbd/nmbd_winsserver.c
@@ -150,8 +150,8 @@ BOOL initialise_wins(void)
pstring name;
struct in_addr *ip_list;
int type = 0;
- uint16 nb_flags;
- time_t ttl;
+ int nb_flags;
+ int ttl;
enum name_source source;
char *ptr;
char *p;
@@ -262,8 +262,8 @@ BOOL initialise_wins(void)
}
/* Decode the netbios flags (hex) and the time-to-live (in seconds). */
- sscanf(nb_flags_str,"%hx",&nb_flags);
- sscanf(ttl_str,"%ld",&ttl);
+ sscanf(nb_flags_str,"%x",&nb_flags);
+ sscanf(ttl_str,"%d",&ttl);
/* add all entries that have 60 seconds or more to live */
if ((ttl - 60) > time_now || ttl == PERMANENT_TTL)
@@ -273,7 +273,7 @@ BOOL initialise_wins(void)
if(ttl != PERMANENT_TTL)
ttl -= time_now;
- DEBUG(4, ("initialise_wins: add name: %s#%02x ttl = %ld first IP %s flags = %2hx\n",
+ DEBUG(4, ("initialise_wins: add name: %s#%02x ttl = %d first IP %s flags = %2x\n",
name, type, ttl, inet_ntoa(ip_list[0]), nb_flags));
namerec = add_name_to_subnet(wins_server_subnet, name, type, nb_flags,
@@ -282,7 +282,7 @@ BOOL initialise_wins(void)
}
else
{
- DEBUG(4, ("initialise_wins: not adding name (ttl problem) %s#%02x ttl = %ld first IP %s flags = %2hx\n",
+ DEBUG(4, ("initialise_wins: not adding name (ttl problem) %s#%02x ttl = %ld first IP %s flags = %2x\n",
name, type, ttl, inet_ntoa(ip_list[0]), nb_flags));
}