summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-10-01 01:04:34 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:39:16 -0500
commit69c7cd98ce8d2e529ce764a37a3b9b2a9d1917f7 (patch)
treef2b17423f590eaf238deffadd2110d973867e5df
parent67762d7965d74e4534a9dcb06276786fa9a37713 (diff)
downloadsamba-69c7cd98ce8d2e529ce764a37a3b9b2a9d1917f7.tar.gz
samba-69c7cd98ce8d2e529ce764a37a3b9b2a9d1917f7.tar.bz2
samba-69c7cd98ce8d2e529ce764a37a3b9b2a9d1917f7.zip
r10669: reverted jelmers commit 10663 as it was causing lots of panics in 'make test'
I also think the method of getting rid of pstring isn't the right one. I certainly do want to get rid of pstring/fstring, but the reason for removing them is the use of arbitrary sized fixed length strings on the stack and in structures. Changing to another fixed length stack string format isn't really a win, and moving to use strncpy() is actually worse than pstrcpy() as strncpy() has the absolutely awful semantics of always zeroing all remaining bytes, so it ends up taking a lot of cpu doing pointless memory writes. I'd rather move to more use of asprintf()/talloc_asprintf() and similar functions for dynamic string allocation. You also have to be very careful about some of these system defined string limits. One some systems PATH_MAX could be 64k or even larger, which can quickly blow the stack out when you allocate a few of them. (This used to be commit 194efd26e42d621b239052ed1fec8da916bd2144)
-rw-r--r--source4/auth/ntlmssp/ntlmssp_parse.c10
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c11
2 files changed, 13 insertions, 8 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp_parse.c b/source4/auth/ntlmssp/ntlmssp_parse.c
index fa839b43d8..42546cb130 100644
--- a/source4/auth/ntlmssp/ntlmssp_parse.c
+++ b/source4/auth/ntlmssp/ntlmssp_parse.c
@@ -21,6 +21,7 @@
*/
#include "includes.h"
+#include "pstring.h"
/*
this is a tiny msrpc packet generator. I am only using this to
@@ -209,7 +210,7 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
uint16_t len1, len2;
uint32_t ptr;
uint32_t *v;
- char *p;
+ pstring p;
va_start(ap, format);
for (i=0; format[i]; i++) {
@@ -236,10 +237,13 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
return False;
if (0 < len1) {
- if (convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, blob->data + ptr, len1, (void **)&p) < 0) {
+ pull_string(p, blob->data + ptr, sizeof(p),
+ len1,
+ STR_UNICODE|STR_NOALIGN);
+ (*ps) = talloc_strdup(mem_ctx, p);
+ if (!(*ps)) {
return False;
}
- (*ps) = p;
} else {
(*ps) = "";
}
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index c448402a55..9f106da37c 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -26,6 +26,7 @@
#include "auth/auth.h"
#include "auth/ntlmssp/ntlmssp.h"
#include "lib/crypto/crypto.h"
+#include "pstring.h"
#include "system/filesys.h"
/**
@@ -106,7 +107,7 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms
*/
static BOOL get_myfullname(char *my_name)
{
- char hostname[HOST_NAME_MAX];
+ pstring hostname;
*hostname = 0;
@@ -120,13 +121,13 @@ static BOOL get_myfullname(char *my_name)
hostname[sizeof(hostname)-1] = '\0';
if (my_name)
- strncpy(my_name, hostname, sizeof(hostname));
+ fstrcpy(my_name, hostname);
return True;
}
static BOOL get_mydomname(char *my_domname)
{
- char hostname[HOST_NAME_MAX];
+ pstring hostname;
char *p;
/* arrgh! relies on full name in system */
@@ -149,7 +150,7 @@ static BOOL get_mydomname(char *my_domname)
p++;
if (my_domname)
- strncpy(my_domname, p, sizeof(hostname));
+ fstrcpy(my_domname, p);
return True;
}
@@ -172,7 +173,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
{
struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data;
DATA_BLOB struct_blob;
- char dnsname[HOST_NAME_MAX], dnsdomname[HOST_NAME_MAX];
+ fstring dnsname, dnsdomname;
uint32_t neg_flags = 0;
uint32_t ntlmssp_command, chal_flags;
char *cliname=NULL, *domname=NULL;