summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>1998-05-11 06:38:36 +0000
committerAndrew Tridgell <tridge@samba.org>1998-05-11 06:38:36 +0000
commit3dfc0c847240ac7e12c39f4ed9c31a888949ade1 (patch)
tree305f006b62ed9dcdca0f751dbf40d2a34ee054df /source3/rpc_server
parentffc88e2d26217f99c34ce24c0836bec3c809ca1a (diff)
downloadsamba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.gz
samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.tar.bz2
samba-3dfc0c847240ac7e12c39f4ed9c31a888949ade1.zip
changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c6
-rw-r--r--source3/rpc_server/srv_netlog.c12
2 files changed, 9 insertions, 9 deletions
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index c8eabf35b4..1d1341d16e 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -115,7 +115,7 @@ BOOL open_lsa_policy_hnd(POLICY_HND *hnd)
memcpy(&(Policy[i].pol_hnd), hnd, sizeof(*hnd));
DEBUG(4,("Opened policy hnd[%x] ", i));
- dump_data(4, hnd->data, sizeof(hnd->data));
+ dump_data(4, (char *)hnd->data, sizeof(hnd->data));
return True;
}
@@ -143,14 +143,14 @@ int find_lsa_policy_by_hnd(POLICY_HND *hnd)
if (memcmp(&(Policy[i].pol_hnd), hnd, sizeof(*hnd)) == 0)
{
DEBUG(4,("Found policy hnd[%x] ", i));
- dump_data(4, hnd->data, sizeof(hnd->data));
+ dump_data(4, (char *)hnd->data, sizeof(hnd->data));
return i;
}
}
DEBUG(4,("Policy not found: "));
- dump_data(4, hnd->data, sizeof(hnd->data));
+ dump_data(4, (char *)hnd->data, sizeof(hnd->data));
return -1;
}
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 76dd5dd74d..28c44a57b7 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -281,7 +281,7 @@ static void api_net_req_chal( int uid,
strcat(mach_acct, "$");
- if (get_md4pw(vuser->dc.md4pw, mach_name, mach_acct))
+ if (get_md4pw((char *)vuser->dc.md4pw, mach_name, mach_acct))
{
/* copy the client credentials */
memcpy(vuser->dc.clnt_chal.data , q_r.clnt_chal.data, sizeof(q_r.clnt_chal.data));
@@ -297,7 +297,7 @@ static void api_net_req_chal( int uid,
/* from client / server challenges and md4 password, generate sess key */
cred_session_key(&(vuser->dc.clnt_chal), &(vuser->dc.srv_chal),
- vuser->dc.md4pw, vuser->dc.sess_key);
+ (char *)vuser->dc.md4pw, vuser->dc.sess_key);
}
else
{
@@ -489,8 +489,8 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1,
memcpy(lm_pwd, id1->lm_owf.data, 16);
memcpy(nt_pwd, id1->nt_owf.data, 16);
- SamOEMhash(lm_pwd, key, False);
- SamOEMhash(nt_pwd, key, False);
+ SamOEMhash((uchar *)lm_pwd, key, False);
+ SamOEMhash((uchar *)nt_pwd, key, False);
#ifdef DEBUG_PASSWORD
DEBUG(100,("decrypt of lm owf password:"));
@@ -526,7 +526,7 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2,
if (id2->hdr_nt_chal_resp.str_str_len == 24 &&
smb_pass->smb_nt_passwd != NULL)
{
- if(smb_password_check(id2->nt_chal_resp.buffer,
+ if(smb_password_check((char *)id2->nt_chal_resp.buffer,
smb_pass->smb_nt_passwd,
id2->lm_chal))
return 0x0;
@@ -543,7 +543,7 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2,
*/
if (id2->hdr_lm_chal_resp.str_str_len == 24 &&
- smb_password_check(id2->lm_chal_resp.buffer,
+ smb_password_check((char *)id2->lm_chal_resp.buffer,
smb_pass->smb_passwd,
id2->lm_chal))
{