diff options
author | Jeremy Allison <jra@samba.org> | 2007-11-13 12:51:31 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2007-11-13 12:51:31 -0800 |
commit | 052efa9a33d7a9a3b9ae9b038f6b3943c85c4bfc (patch) | |
tree | fcfd470f6db1ac8262e76f1bd29af2db5e2b4aee /source3/smbd/password.c | |
parent | b2f942cfe2672fac9449ce730b18cf7b5fc6e1f0 (diff) | |
download | samba-052efa9a33d7a9a3b9ae9b038f6b3943c85c4bfc.tar.gz samba-052efa9a33d7a9a3b9ae9b038f6b3943c85c4bfc.tar.bz2 samba-052efa9a33d7a9a3b9ae9b038f6b3943c85c4bfc.zip |
Remove last pstring from smbd/*.c
Jeremy.
(This used to be commit f1680bada913af4eaf5c0d686983018d6c8b3e5f)
Diffstat (limited to 'source3/smbd/password.c')
-rw-r--r-- | source3/smbd/password.c | 70 |
1 files changed, 45 insertions, 25 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 995abbf663..80b541584d 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -669,46 +669,51 @@ static char *validate_group(char *group, DATA_BLOB password,int snum) /* * As user_ok can recurse doing a getgrent(), we must - * copy the member list into a pstring on the stack before + * copy the member list onto the heap before * use. Bug pointed out by leon@eatworms.swmed.edu. */ if (gptr) { - pstring member_list; + char *member_list = NULL; + size_t list_len = 0; char *member; - size_t copied_len = 0; int i; + for(i = 0; gptr->gr_mem && gptr->gr_mem[i]; i++) { + list_len += strlen(gptr->gr_mem[i])+1; + } + list_len++; + + member_list = SMB_MALLOC(list_len); + if (!member_list) { + endgrent(); + return NULL; + } + *member_list = '\0'; member = member_list; for(i = 0; gptr->gr_mem && gptr->gr_mem[i]; i++) { size_t member_len = strlen(gptr->gr_mem[i])+1; - if(copied_len+member_len < sizeof(pstring)) { - - DEBUG(10,("validate_group: = gr_mem = " - "%s\n", gptr->gr_mem[i])); - - safe_strcpy(member, gptr->gr_mem[i], - sizeof(pstring) - - copied_len - 1); - copied_len += member_len; - member += copied_len; - } else { - *member = '\0'; - } + + DEBUG(10,("validate_group: = gr_mem = " + "%s\n", gptr->gr_mem[i])); + + safe_strcpy(member, gptr->gr_mem[i], + list_len - (member-member_list)); + member += member_len; } endgrent(); member = member_list; while (*member) { - static fstring name; - fstrcpy(name,member); - if (user_ok(name,snum) && - password_ok(name,password)) { - endgrent(); - return(&name[0]); + if (user_ok(member,snum) && + password_ok(member,password)) { + char *name = talloc_strdup(talloc_tos(), + member); + SAFE_FREE(member_list); + return name; } DEBUG(10,("validate_group = member = %s\n", @@ -716,6 +721,8 @@ static char *validate_group(char *group, DATA_BLOB password,int snum) member += strlen(member) + 1; } + + SAFE_FREE(member_list); } else { endgrent(); return NULL; @@ -790,11 +797,22 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password, /* check the user= fields and the given password */ if (!ok && lp_username(snum)) { + TALLOC_CTX *ctx = talloc_tos(); char *auser; - pstring user_list; - pstrcpy(user_list,lp_username(snum)); + char *user_list = talloc_strdup(ctx, lp_username(snum)); + + if (!user_list) { + goto check_guest; + } - pstring_sub(user_list,"%S",lp_servicename(snum)); + user_list = talloc_string_sub(ctx, + user_list, + "%S", + lp_servicename(snum)); + + if (!user_list) { + goto check_guest; + } for (auser=strtok(user_list,LIST_SEP); auser && !ok; auser = strtok(NULL,LIST_SEP)) { @@ -823,6 +841,8 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password, } } + check_guest: + /* check for a normal guest connection */ if (!ok && GUEST_OK(snum)) { fstring guestname; |