diff options
author | Michael Adam <obnox@samba.org> | 2009-04-27 18:10:14 +0200 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2009-04-28 12:20:38 +0200 |
commit | d5f2bbdc489b751331e86afae58b0d80c5fedb9c (patch) | |
tree | c27d3a0db04183f39788dd5d1119d25abefa992c | |
parent | 09ec85715b0e99740156ebb7213eddd1edfea631 (diff) | |
download | samba-d5f2bbdc489b751331e86afae58b0d80c5fedb9c.tar.gz samba-d5f2bbdc489b751331e86afae58b0d80c5fedb9c.tar.bz2 samba-d5f2bbdc489b751331e86afae58b0d80c5fedb9c.zip |
s3:loadparm: prevent infinite include nesting.
This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.
One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement
step.
Michael
-rw-r--r-- | source3/param/loadparm.c | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index b7c34d0028..7e2affed08 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -6908,6 +6908,10 @@ done: return ret; } +#define MAX_INCLUDE_DEPTH 100 + +static uint8_t include_depth; + static struct file_lists { struct file_lists *next; char *name; @@ -7095,12 +7099,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) { char *fname; + if (include_depth >= MAX_INCLUDE_DEPTH) { + DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n", + include_depth)); + return false; + } + if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) { if (!bAllowIncludeRegistry) { return true; } if (bInGlobalSection) { - return process_registry_globals(); + bool ret; + include_depth++; + ret = process_registry_globals(); + include_depth--; + return ret; } else { DEBUG(1, ("\"include = registry\" only effective " "in %s section\n", GLOBAL_NAME)); @@ -7117,7 +7131,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) string_set(ptr, fname); if (file_exist(fname)) { - bool ret = pm_process(fname, do_section, do_parameter, NULL); + bool ret; + include_depth++; + ret = pm_process(fname, do_section, do_parameter, NULL); + include_depth--; SAFE_FREE(fname); return ret; } |