summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2004-04-14 22:35:28 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:51:14 -0500
commit5573a9ed661b5b07f52e90516edb3fbe210c9c87 (patch)
treec27e2023ac94d3fca5b6e722874217f2fbcfef83
parent81996162d6ecb6236dfb154eac8ed6d4f0ad1079 (diff)
downloadsamba-5573a9ed661b5b07f52e90516edb3fbe210c9c87.tar.gz
samba-5573a9ed661b5b07f52e90516edb3fbe210c9c87.tar.bz2
samba-5573a9ed661b5b07f52e90516edb3fbe210c9c87.zip
r225: Patch from Pat.Hayward@propero.net to make the session_users list dynamic.
I restricted it to 128k max to prevent DOS attacks. Jeremy. (This used to be commit 70fb2a196d83c4bde11d27608da27f956f3f19b8)
-rw-r--r--source3/smbd/password.c36
-rw-r--r--source3/smbd/trans2.c2
2 files changed, 29 insertions, 9 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index ef5d0a97ac..d15970cbef 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -21,7 +21,8 @@
#include "includes.h"
/* users from session setup */
-static pstring session_users="";
+static char *session_userlist = NULL;
+static int len_session_userlist = 0;
/* this holds info on user ids that are already validated for this VC */
static user_struct *validated_users;
@@ -295,14 +296,33 @@ void add_session_user(const char *user)
fstrcpy(suser,passwd->pw_name);
- if (suser && *suser && !in_list(suser,session_users,False)) {
- if (strlen(suser) + strlen(session_users) + 2 >= sizeof(pstring)) {
- DEBUG(1,("Too many session users??\n"));
- } else {
- pstrcat(session_users," ");
- pstrcat(session_users,suser);
+ if(!*suser)
+ return;
+
+ if( session_userlist && in_list(suser,session_userlist,False) )
+ return;
+
+ if( !session_userlist || (strlen(suser) + strlen(session_userlist) + 2 >= len_session_userlist) ) {
+ char *newlist;
+
+ if (len_session_userlist > 128 * PSTRING_LEN) {
+ DEBUG(3,("add_session_user: session userlist already too large.\n"));
+ return;
+ }
+ newlist = Realloc( session_userlist, len_session_userlist + PSTRING_LEN );
+ if( newlist == NULL ) {
+ DEBUG(1,("Unable to resize session_userlist\n"));
+ return;
}
+ if (!session_userlist) {
+ *newlist = '\0';
+ }
+ session_userlist = newlist;
+ len_session_userlist += PSTRING_LEN;
}
+
+ safe_strcat(session_userlist," ",len_session_userlist-1);
+ safe_strcat(session_userlist,suser,len_session_userlist-1);
}
/****************************************************************************
@@ -468,7 +488,7 @@ BOOL authorise_login(int snum, fstring user, DATA_BLOB password,
/* now check the list of session users */
if (!ok) {
char *auser;
- char *user_list = strdup(session_users);
+ char *user_list = strdup(session_userlist);
if (!user_list)
return(False);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 16c2d83aa2..1d07e7851d 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -1239,7 +1239,7 @@ static BOOL get_lanman2_dir_entry(connection_struct *conn,
SOFF_T(p,0,get_allocation_size(NULL,&sbuf)); /* Number of bytes used on disk - 64 Bit */
p+= 8;
- put_long_date(p,sbuf.st_ctime); /* Creation Time 64 Bit */
+ put_long_date(p,sbuf.st_ctime); /* Inode change Time 64 Bit */
put_long_date(p+8,sbuf.st_atime); /* Last access time 64 Bit */
put_long_date(p+16,sbuf.st_mtime); /* Last modification time 64 Bit */
p+= 24;