summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>1998-05-12 00:55:32 +0000
committerJeremy Allison <jra@samba.org>1998-05-12 00:55:32 +0000
commitf888868f46a5418bac9ab528497136c152895305 (patch)
treecf72c864807b19e098a856aaec8daf334189ff84 /source3/smbd
parent9141acecdcebd9276107a500435e3d4545020056 (diff)
downloadsamba-f888868f46a5418bac9ab528497136c152895305.tar.gz
samba-f888868f46a5418bac9ab528497136c152895305.tar.bz2
samba-f888868f46a5418bac9ab528497136c152895305.zip
This is a security audit change of the main source.
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/chgpasswd.c4
-rw-r--r--source3/smbd/connection.c12
-rw-r--r--source3/smbd/dir.c14
-rw-r--r--source3/smbd/ipc.c60
-rw-r--r--source3/smbd/mangle.c16
-rw-r--r--source3/smbd/password.c50
-rw-r--r--source3/smbd/quotas.c14
-rw-r--r--source3/smbd/reply.c112
-rw-r--r--source3/smbd/server.c56
-rw-r--r--source3/smbd/trans2.c38
-rw-r--r--source3/smbd/vt_mode.c10
11 files changed, 193 insertions, 193 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index e466455aeb..d900b54c1f 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -62,7 +62,7 @@ static int findpty(char **slave)
#if defined(SVR4) || defined(SUNOS5)
extern char *ptsname();
#else /* defined(SVR4) || defined(SUNOS5) */
- static char line[12];
+ static fstring line;
void *dirp;
char *dpname;
#endif /* defined(SVR4) || defined(SUNOS5) */
@@ -75,7 +75,7 @@ static int findpty(char **slave)
return (master);
}
#else /* defined(SVR4) || defined(SUNOS5) */
- strcpy( line, "/dev/ptyXX" );
+ fstrcpy( line, "/dev/ptyXX" );
dirp = OpenDir(-1, "/dev", True);
if (!dirp) return(-1);
diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c
index 5cf8b800f2..64b3f153cf 100644
--- a/source3/smbd/connection.c
+++ b/source3/smbd/connection.c
@@ -48,9 +48,9 @@ BOOL yield_connection(int cnum,char *name,int max_connections)
pstrcpy(fname,lp_lockdir());
trim_string(fname,"","/");
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
+ pstrcat(fname,"/");
+ pstrcat(fname,name);
+ pstrcat(fname,".LCK");
fd = open(fname,O_RDWR);
if (fd == -1) {
@@ -133,9 +133,9 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
if (!directory_exist(fname,NULL))
mkdir(fname,0755);
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
+ pstrcat(fname,"/");
+ pstrcat(fname,name);
+ pstrcat(fname,".LCK");
if (!file_exist(fname,NULL)) {
fd = open(fname,O_RDWR|O_CREAT|O_EXCL, 0644);
diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index a34406cc65..37fcd05743 100644
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -469,10 +469,10 @@ BOOL get_dir_entry(int cnum,char *mask,int dirtype,char *fname,int *size,int *mo
*path = 0;
pstrcpy(path,Connections[cnum].dirpath);
if(needslash)
- strcat(path,"/");
+ pstrcat(path,"/");
pstrcpy(pathreal,path);
- strcat(path,fname);
- strcat(pathreal,dname);
+ pstrcat(path,fname);
+ pstrcat(pathreal,dname);
if (sys_stat(pathreal,&sbuf) != 0)
{
DEBUG(5,("Couldn't stat 1 [%s]\n",path));
@@ -552,7 +552,7 @@ void *OpenDir(int cnum, char *name, BOOL use_veto)
dirp->mallocsize = s;
dirp->current = dirp->data;
}
- strcpy(dirp->data+used,n);
+ pstrcpy(dirp->data+used,n);
used += l;
dirp->numentries++;
}
@@ -671,9 +671,9 @@ void DirCacheAdd( char *path, char *name, char *dname, int snum )
return; /* so just return as if nothing happened. */
/* Set pointers correctly and load values. */
- entry->path = strcpy( (char *)&entry[1], path);
- entry->name = strcpy( &(entry->path[pathlen]), name);
- entry->dname = strcpy( &(entry->name[namelen]), dname);
+ entry->path = pstrcpy( (char *)&entry[1], path);
+ entry->name = pstrcpy( &(entry->path[pathlen]), name);
+ entry->dname = pstrcpy( &(entry->name[namelen]), dname);
entry->snum = snum;
/* Add the new entry to the linked list. */
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 8be9c10a13..7b82894c7f 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -491,7 +491,7 @@ static void PackDriverData(struct pack_desc* desc)
SIVAL(drivdata,0,sizeof drivdata); /* cb */
SIVAL(drivdata,4,1000); /* lVersion */
memset(drivdata+8,0,32); /* szDeviceName */
- strcpy(drivdata+8,"NULL");
+ pstrcpy(drivdata+8,"NULL");
PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */
}
@@ -650,7 +650,7 @@ static void fill_printq_info(int cnum, int snum, int uLevel,
FILE *f;
pstring fname;
- strcpy(fname,lp_driverfile());
+ pstrcpy(fname,lp_driverfile());
f=fopen(fname,"r");
if (!f) {
DEBUG(3,("fill_printq_info: Can't open %s - %s\n",fname,strerror(errno)));
@@ -748,7 +748,7 @@ int get_printerdrivernumber(int snum)
FILE *f;
pstring fname;
- strcpy(fname,lp_driverfile());
+ pstrcpy(fname,lp_driverfile());
DEBUG(4,("In get_printerdrivernumber: %s\n",fname));
f=fopen(fname,"r");
@@ -993,8 +993,8 @@ static int get_server_info(uint32 servertype,
pstrcpy(fname,lp_lockdir());
trim_string(fname,NULL,"/");
- strcat(fname,"/");
- strcat(fname,SERVER_LIST);
+ pstrcat(fname,"/");
+ pstrcat(fname,SERVER_LIST);
f = fopen(fname,"r");
@@ -1036,7 +1036,7 @@ static int get_server_info(uint32 servertype,
if (!next_token(&ptr,s->comment, NULL)) continue;
if (!next_token(&ptr,s->domain , NULL)) {
/* this allows us to cope with an old nmbd */
- strcpy(s->domain,global_myworkgroup);
+ pstrcpy(s->domain,global_myworkgroup);
}
if (sscanf(stype,"%X",&s->type) != 1) {
@@ -2115,18 +2115,18 @@ static BOOL api_NetWkstaGetInfo(int cnum,uint16 vuid, char *param,char *data,
SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */
- strcpy(p2,local_machine);
+ pstrcpy(p2,local_machine);
strupper(p2);
p2 = skip_string(p2,1);
p += 4;
SIVAL(p,0,PTR_DIFF(p2,*rdata));
- strcpy(p2,sesssetup_user);
+ pstrcpy(p2,sesssetup_user);
p2 = skip_string(p2,1);
p += 4;
SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */
- strcpy(p2,global_myworkgroup);
+ pstrcpy(p2,global_myworkgroup);
strupper(p2);
p2 = skip_string(p2,1);
p += 4;
@@ -2136,12 +2136,12 @@ static BOOL api_NetWkstaGetInfo(int cnum,uint16 vuid, char *param,char *data,
p += 2;
SIVAL(p,0,PTR_DIFF(p2,*rdata));
- strcpy(p2,global_myworkgroup); /* don't know. login domain?? */
+ pstrcpy(p2,global_myworkgroup); /* don't know. login domain?? */
p2 = skip_string(p2,1);
p += 4;
SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */
- strcpy(p2,"");
+ pstrcpy(p2,"");
p2 = skip_string(p2,1);
p += 4;
@@ -2378,16 +2378,16 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data,
if (uLevel >= 10)
{
SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */
- strcpy(p2,"Comment");
+ pstrcpy(p2,"Comment");
p2 = skip_string(p2,1);
SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */
- strcpy(p2,"UserComment");
+ pstrcpy(p2,"UserComment");
p2 = skip_string(p2,1);
/* EEK! the cifsrap.txt doesn't have this in!!!! */
SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */
- strcpy(p2,((vuser != NULL) ? vuser->real_name : UserName));
+ pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName));
p2 = skip_string(p2,1);
}
@@ -2397,22 +2397,22 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data,
SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */
SIVALS(p,usri11_password_age,-1); /* password age */
SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */
- strcpy(p2, lp_logon_path());
+ pstrcpy(p2, lp_logon_path());
p2 = skip_string(p2,1);
SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */
- strcpy(p2,"");
+ pstrcpy(p2,"");
p2 = skip_string(p2,1);
SIVAL(p,usri11_last_logon,0); /* last logon */
SIVAL(p,usri11_last_logoff,0); /* last logoff */
SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */
SSVALS(p,usri11_num_logons,-1); /* num logons */
SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */
- strcpy(p2,"\\\\*");
+ pstrcpy(p2,"\\\\*");
p2 = skip_string(p2,1);
SSVAL(p,usri11_country_code,0); /* country code */
SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */
- strcpy(p2,"");
+ pstrcpy(p2,"");
p2 = skip_string(p2,1);
SIVALS(p,usri11_max_storage,-1); /* max storage */
@@ -2433,7 +2433,7 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data,
SSVAL(p,42,
Connections[cnum].admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */
- strcpy(p2,lp_logon_path());
+ pstrcpy(p2,lp_logon_path());
p2 = skip_string(p2,1);
SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */
*p2++ = 0;
@@ -2443,11 +2443,11 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data,
{
SIVAL(p,60,0); /* auth_flags */
SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */
- strcpy(p2,((vuser != NULL) ? vuser->real_name : UserName));
+ pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName));
p2 = skip_string(p2,1);
SIVAL(p,68,0); /* urs_comment */
SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */
- strcpy(p2,"");
+ pstrcpy(p2,"");
p2 = skip_string(p2,1);
SIVAL(p,76,0); /* workstations */
SIVAL(p,80,0); /* last_logon */
@@ -2461,7 +2461,7 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data,
SSVALS(p,102,-1); /* bad_pw_count */
SSVALS(p,104,-1); /* num_logons */
SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */
- strcpy(p2,"\\\\%L");
+ pstrcpy(p2,"\\\\%L");
standard_sub_basic(p2);
p2 = skip_string(p2,1);
SSVAL(p,110,49); /* country_code */
@@ -2512,10 +2512,10 @@ static BOOL api_NetUserGetGroups(int cnum,uint16 vuid, char *param,char *data,
p = *rdata;
/* XXXX we need a real SAM database some day */
- strcpy(p,"Users"); p += 21; count++;
- strcpy(p,"Domain Users"); p += 21; count++;
- strcpy(p,"Guests"); p += 21; count++;
- strcpy(p,"Domain Guests"); p += 21; count++;
+ pstrcpy(p,"Users"); p += 21; count++;
+ pstrcpy(p,"Domain Users"); p += 21; count++;
+ pstrcpy(p,"Guests"); p += 21; count++;
+ pstrcpy(p,"Domain Guests"); p += 21; count++;
*rdata_len = PTR_DIFF(p,*rdata);
@@ -2574,8 +2574,8 @@ static BOOL api_WWkstaUserLogon(int cnum,uint16 vuid, char *param,char *data,
PACKI(&desc,"D",-1); /* password must change */
{
fstring mypath;
- strcpy(mypath,"\\\\");
- strcat(mypath,local_machine);
+ fstrcpy(mypath,"\\\\");
+ fstrcat(mypath,local_machine);
strupper(mypath);
PACKS(&desc,"z",mypath); /* computer */
}
@@ -3129,8 +3129,8 @@ static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
}
/* name has to be \PIPE\xxxxx */
- strcpy(ack_pipe_name, "\\PIPE\\");
- strcat(ack_pipe_name, p->pipe_srv_name);
+ fstrcpy(ack_pipe_name, "\\PIPE\\");
+ fstrcat(ack_pipe_name, p->pipe_srv_name);
DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__));
diff --git a/source3/smbd/mangle.c b/source3/smbd/mangle.c
index eb267faab3..e822894600 100644
--- a/source3/smbd/mangle.c
+++ b/source3/smbd/mangle.c
@@ -648,9 +648,9 @@ BOOL check_mangled_cache( char *s )
DEBUG( 3, ("Found %s on mangled stack ", s) );
- (void)strcpy( s, found_name );
+ (void)pstrcpy( s, found_name );
if( ext_start )
- (void)strcat( s, ext_start );
+ (void)pstrcat( s, ext_start );
DEBUG( 3, ("as %s\n", s) );
@@ -830,7 +830,7 @@ static void do_fwd_mangled_map(char *s, char *MangledMap)
*
* ************************************************************************** **
*/
-void mangle_name_83( char *s )
+void mangle_name_83( char *s, int s_len )
{
int csum = str_checksum(s);
char *p;
@@ -863,7 +863,7 @@ void mangle_name_83( char *s )
if( p )
{
if( p == s )
- strcpy( extension, "___" );
+ safe_strcpy( extension, "___", 3 );
else
{
*p++ = 0;
@@ -933,13 +933,13 @@ void mangle_name_83( char *s )
csum = csum % (36*36);
- (void)sprintf( s, "%s%c%c%c",
+ (void)slprintf( s, s_len - 1, "%s%c%c%c",
base, magic_char, base36( csum/36 ), base36( csum ) );
if( *extension )
{
- (void)strcat( s, "." );
- (void)strcat( s, extension );
+ (void)pstrcat( s, "." );
+ (void)pstrcat( s, extension );
}
DEBUG( 5, ( "%s\n", s ) );
@@ -996,7 +996,7 @@ BOOL name_map_mangle( char *OutName, BOOL need83, int snum )
/* mangle it into 8.3 */
tmp = strdup( OutName );
- mangle_name_83( OutName );
+ mangle_name_83( OutName, strlen(tmp) );
if( tmp )
{
cache_mangled_name( OutName, tmp );
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 327bfba371..3040775e03 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -349,8 +349,8 @@ void add_session_user(char *user)
DEBUG(1,("Too many session users??\n"));
else
{
- strcat(session_users," ");
- strcat(session_users,suser);
+ pstrcat(session_users," ");
+ pstrcat(session_users,suser);
}
}
}
@@ -364,7 +364,7 @@ static struct spwd *getspnam(char *username) /* fake shadow password routine */
{
FILE *f;
char line[1024];
- static char pw[20];
+ static fstring pw;
static struct spwd static_spwd;
static_spwd.sp_pwdp=0;
@@ -380,7 +380,7 @@ static struct spwd *getspnam(char *username) /* fake shadow password routine */
*q=0;
if (q-p+1>20)
break;
- strcpy(pw, p);
+ fstrcpy(pw, p);
static_spwd.sp_pwdp=pw;
}
break;
@@ -415,7 +415,7 @@ static char *osf1_bigcrypt(char *password,char *salt1)
for (i=0; i<parts;i++)
{
p1 = crypt(p2,salt);
- strcat(result,p1+2);
+ strncat(result,p1+2,AUTH_MAX_PASSWD_LENGTH-strlen(p1+2)-1);
StrnCpy(salt,&result[2+i*AUTH_CIPHERTEXT_SEG_CHARS],2);
p2 += AUTH_CLEARTEXT_SEG_CHARS;
}
@@ -809,9 +809,9 @@ static BOOL krb4_auth(char *this_user,char *password)
char tkfile[MAXPATHLEN];
if (krb_get_lrealm(realm, 1) != KSUCCESS)
- (void) strncpy(realm, KRB_REALM, sizeof (realm));
+ (void) safe_strcpy(realm, KRB_REALM, sizeof (realm) - 1);
- (void) sprintf(tkfile, "/tmp/samba_tkt_%d", getpid());
+ (void) slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", getpid());
krb_set_tkt_string(tkfile);
if (krb_verify_user(this_user, "", realm,
@@ -1217,8 +1217,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
mypasswd = getprpwnam (user);
if ( mypasswd )
{
- strcpy(pass->pw_name,mypasswd->ufld.fd_name);
- strcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt);
+ fstrcpy(pass->pw_name,mypasswd->ufld.fd_name);
+ fstrcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt);
}
else
{
@@ -1233,20 +1233,20 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
AUTHORIZATION *ap = getauthuid( pass->pw_uid );
if (ap)
{
- strcpy( pass->pw_passwd, ap->a_password );
+ fstrcpy( pass->pw_passwd, ap->a_password );
endauthent();
}
}
#endif
/* extract relevant info */
- strcpy(this_user,pass->pw_name);
- strcpy(this_salt,pass->pw_passwd);
+ fstrcpy(this_user,pass->pw_name);
+ fstrcpy(this_salt,pass->pw_passwd);
#ifdef HPUX
/* The crypt on HPUX won't work with more than 2 salt characters. */
this_salt[2] = 0;
#endif /* HPUX */
- strcpy(this_crypted,pass->pw_passwd);
+ fstrcpy(this_crypted,pass->pw_passwd);
if (!*this_crypted) {
if (!lp_null_passwords()) {
@@ -1295,7 +1295,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
update_protected_database(user,False);
/* restore it */
- strcpy(password,pass2);
+ fstrcpy(password,pass2);
return(False);
}
@@ -1314,7 +1314,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
update_protected_database(user,False);
/* restore it */
- strcpy(password,pass2);
+ fstrcpy(password,pass2);
return(False);
}
@@ -1384,7 +1384,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum)
while (member && *member)
{
static fstring name;
- strcpy(name,*member);
+ fstrcpy(name,*member);
if (user_ok(name,snum) &&
password_ok(name,password,pwlen,NULL))
return(&name[0]);
@@ -1400,7 +1400,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum)
if (*(pwd->pw_passwd) && pwd->pw_gid == gptr->gr_gid) {
/* This Entry have PASSWORD and same GID then check pwd */
if (password_ok(NULL, password, pwlen, pwd)) {
- strcpy(tm, pwd->pw_name);
+ fstrcpy(tm, pwd->pw_name);
endpwent ();
return tm;
}
@@ -1460,7 +1460,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
if (!ok && (vuser != 0) && vuser->guest) {
if (user_ok(vuser->name,snum) &&
password_ok(vuser->name, password, pwlen, NULL)) {
- strcpy(user, vuser->name);
+ fstrcpy(user, vuser->name);
vuser->guest = False;
DEBUG(3,("ACCEPTED: given password with registered user %s\n", user));
ok = True;
@@ -1480,12 +1480,12 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
auser = strtok(NULL,LIST_SEP))
{
fstring user2;
- strcpy(user2,auser);
+ fstrcpy(user2,auser);
if (!user_ok(user2,snum)) continue;
if (password_ok(user2,password, pwlen, NULL)) {
ok = True;
- strcpy(user,user2);
+ fstrcpy(user,user2);
DEBUG(3,("ACCEPTED: session list username and given password ok\n"));
}
}
@@ -1496,7 +1496,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
if (!ok && !lp_revalidate(snum) &&
(vuser != 0) && !vuser->guest &&
user_ok(vuser->name,snum)) {
- strcpy(user,vuser->name);
+ fstrcpy(user,vuser->name);
*guest = False;
DEBUG(3,("ACCEPTED: validated uid ok as non-guest\n"));
ok = True;
@@ -1526,19 +1526,19 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
if (auser)
{
ok = True;
- strcpy(user,auser);
+ fstrcpy(user,auser);
DEBUG(3,("ACCEPTED: group username and given password ok\n"));
}
}
else
{
fstring user2;
- strcpy(user2,auser);
+ fstrcpy(user2,auser);
if (user_ok(user2,snum) &&
password_ok(user2,password,pwlen,NULL))
{
ok = True;
- strcpy(user,user2);
+ fstrcpy(user,user2);
DEBUG(3,("ACCEPTED: user list username and given password ok\n"));
}
}
@@ -1553,7 +1553,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
StrnCpy(guestname,lp_guestaccount(snum),sizeof(guestname)-1);
if (Get_Pwnam(guestname,True))
{
- strcpy(user,guestname);
+ fstrcpy(user,guestname);
ok = True;
DEBUG(3,("ACCEPTED: guest account and guest ok\n"));
}
diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c
index df85f79b9b..ee08e48e65 100644
--- a/source3/smbd/quotas.c
+++ b/source3/smbd/quotas.c
@@ -138,7 +138,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
struct stat sbuf;
dev_t devno ;
static dev_t devno_cached = 0 ;
- static char name[MNTMAXSTR] ;
+ static pstring name;
struct q_request request ;
struct qf_header header ;
static int quota_default = 0 ;
@@ -172,7 +172,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
}
- strcpy(name,mnt->mnt_dir) ;
+ pstrcpy(name,mnt->mnt_dir) ;
endmntent(fd) ;
if ( ! found )
@@ -249,10 +249,10 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
struct quotctl command;
int file;
struct mnttab mnt;
- static char name[MNT_LINE_MAX] ;
+ static pstring name;
#else
struct mntent *mnt;
- static char name[MNTMAXSTR] ;
+ static pstring name;
#endif
FILE *fd;
struct stat sbuf;
@@ -283,8 +283,8 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
}
}
- strcpy(name,mnt.mnt_mountp) ;
- strcat(name,"/quotas") ;
+ pstrcpy(name,mnt.mnt_mountp) ;
+ pstrcat(name,"/quotas") ;
fclose(fd) ;
#else
if ((fd = setmntent(MOUNTED, "r")) == NULL)
@@ -302,7 +302,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
}
}
- strcpy(name,mnt->mnt_fsname) ;
+ pstrcpy(name,mnt->mnt_fsname) ;
endmntent(fd) ;
#endif
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index c927e09425..21a20b0712 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -308,7 +308,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize)
if (Protocol < PROTOCOL_NT1)
{
set_message(outbuf,2,strlen(devicename)+1,True);
- strcpy(smb_buf(outbuf),devicename);
+ pstrcpy(smb_buf(outbuf),devicename);
}
else
{
@@ -318,8 +318,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize)
set_message(outbuf,3,3,True);
p = smb_buf(outbuf);
- strcpy(p,devicename); p = skip_string(p,1); /* device name */
- strcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */
+ pstrcpy(p,devicename); p = skip_string(p,1); /* device name */
+ pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */
set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False);
@@ -578,7 +578,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
/* If no username is sent use the guest account */
if (!*user)
{
- strcpy(user,lp_guestaccount(-1));
+ pstrcpy(user,lp_guestaccount(-1));
/* If no user and no password then set guest flag. */
if( *smb_apasswd == 0)
guest = True;
@@ -593,7 +593,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
*/
if((lp_security() != SEC_SHARE) || *user)
- strcpy(sesssetup_user,user);
+ pstrcpy(sesssetup_user,user);
reload_services(True);
@@ -641,7 +641,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
#endif
}
if (*smb_apasswd || !Get_Pwnam(user,True))
- strcpy(user,lp_guestaccount(-1));
+ pstrcpy(user,lp_guestaccount(-1));
DEBUG(3,("Registered username %s for guest access\n",user));
guest = True;
}
@@ -649,7 +649,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
if (!Get_Pwnam(user,True)) {
DEBUG(3,("No such user %s - using guest account\n",user));
- strcpy(user,lp_guestaccount(-1));
+ pstrcpy(user,lp_guestaccount(-1));
guest = True;
}
@@ -670,9 +670,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
char *p;
set_message(outbuf,3,3,True);
p = smb_buf(outbuf);
- strcpy(p,"Unix"); p = skip_string(p,1);
- strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1);
- strcpy(p,global_myworkgroup); p = skip_string(p,1);
+ pstrcpy(p,"Unix"); p = skip_string(p,1);
+ pstrcpy(p,"Samba "); pstrcat(p,VERSION); p = skip_string(p,1);
+ pstrcpy(p,global_myworkgroup); p = skip_string(p,1);
set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False);
/* perhaps grab OS version here?? */
}
@@ -984,7 +984,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
p = strrchr(dir2,'/');
if (p == NULL)
{
- strcpy(mask,dir2);
+ pstrcpy(mask,dir2);
*dir2 = 0;
}
else
@@ -1000,7 +1000,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
*p = 0;
if (strlen(directory) == 0)
- strcpy(directory,"./");
+ pstrcpy(directory,"./");
bzero(status,21);
CVAL(status,0) = dirtype;
}
@@ -1027,8 +1027,8 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
fstrcpy(ext,p+1);
*p = 0;
trim_string(mask,NULL," ");
- strcat(mask,".");
- strcat(mask,ext);
+ pstrcat(mask,".");
+ pstrcat(mask,ext);
}
}
@@ -1049,7 +1049,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
fstrcpy(tmp,&mask[8]);
mask[8] = '.';
mask[9] = 0;
- strcat(mask,tmp);
+ pstrcat(mask,tmp);
}
DEBUG(5,("mask=%s directory=%s\n",mask,directory));
@@ -1566,7 +1566,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
cnum = SVAL(inbuf,smb_tid);
createmode = SVAL(inbuf,smb_vwv0);
pstrcpy(fname,smb_buf(inbuf)+1);
- strcat(fname,"/TMXXXXXX");
+ pstrcat(fname,"/TMXXXXXX");
unix_convert(fname,cnum,0,&bad_path);
unixmode = unix_mode(cnum,createmode);
@@ -1586,7 +1586,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
return(UNIXERROR(ERRDOS,ERRnoaccess));
}
- strcpy(fname2,(char *)mktemp(fname));
+ pstrcpy(fname2,(char *)mktemp(fname));
/* Open file in dos compatibility share mode. */
/* We should fail if file exists. */
@@ -1609,7 +1609,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
outsize = set_message(outbuf,1,2 + strlen(fname2),True);
SSVAL(outbuf,smb_vwv0,fnum);
CVAL(smb_buf(outbuf),0) = 4;
- strcpy(smb_buf(outbuf) + 1,fname2);
+ pstrcpy(smb_buf(outbuf) + 1,fname2);
if (oplock_request && lp_fake_oplocks(SNUM(cnum))) {
CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED;
@@ -1678,12 +1678,12 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
p = strrchr(name,'/');
if (!p) {
- strcpy(directory,"./");
- strcpy(mask,name);
+ pstrcpy(directory,"./");
+ pstrcpy(mask,name);
} else {
*p = 0;
- strcpy(directory,name);
- strcpy(mask,p+1);
+ pstrcpy(directory,name);
+ pstrcpy(mask,p+1);
}
if (is_mangled(mask))
@@ -1692,8 +1692,8 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
has_wild = strchr(mask,'*') || strchr(mask,'?');
if (!has_wild) {
- strcat(directory,"/");
- strcat(directory,mask);
+ pstrcat(directory,"/");
+ pstrcat(directory,mask);
if (can_delete(directory,cnum,dirtype) && !sys_unlink(directory)) count++;
if (!count) exists = file_exist(directory,NULL);
} else {
@@ -1713,7 +1713,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
error = ERRbadfile;
if (strequal(mask,"????????.???"))
- strcpy(mask,"*");
+ pstrcpy(mask,"*");
while ((dname = ReadDirName(dirptr)))
{
@@ -2636,7 +2636,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
if (fnum < 0)
return(ERROR(ERRSRV,ERRnofids));
- strcpy(fname2,(char *)mktemp(fname));
+ pstrcpy(fname2,(char *)mktemp(fname));
if (!check_name(fname2,cnum)) {
Files[fnum].reserved = False;
@@ -2877,9 +2877,9 @@ static BOOL recursive_rmdir(char *directory)
ret = True;
break;
}
- strcpy(fullname, directory);
- strcat(fullname, "/");
- strcat(fullname, dname);
+ pstrcpy(fullname, directory);
+ pstrcat(fullname, "/");
+ pstrcat(fullname, dname);
if(sys_lstat(fullname, &st) != 0)
{
@@ -2971,8 +2971,8 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
break;
}
pstrcpy(fullname, directory);
- strcat(fullname, "/");
- strcat(fullname, dname);
+ pstrcat(fullname, "/");
+ pstrcat(fullname, dname);
if(sys_lstat(fullname, &st) != 0)
break;
@@ -3078,10 +3078,10 @@ static BOOL resolve_wildcards(char *name1,char *name2)
if (*p) p++;
}
- strcpy(name2,root2);
+ pstrcpy(name2,root2);
if (ext2[0]) {
- strcat(name2,".");
- strcat(name2,ext2);
+ pstrcat(name2,".");
+ pstrcat(name2,ext2);
}
return(True);
@@ -3144,12 +3144,12 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
p = strrchr(name,'/');
if (!p) {
- strcpy(directory,".");
- strcpy(mask,name);
+ pstrcpy(directory,".");
+ pstrcpy(mask,name);
} else {
*p = 0;
- strcpy(directory,name);
- strcpy(mask,p+1);
+ pstrcpy(directory,name);
+ pstrcpy(mask,p+1);
*p = '/'; /* Replace needed for exceptional test below. */
}
@@ -3162,16 +3162,16 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
BOOL is_short_name = is_8_3(name, True);
/* Add a terminating '/' to the directory name. */
- strcat(directory,"/");
- strcat(directory,mask);
+ pstrcat(directory,"/");
+ pstrcat(directory,mask);
/* Ensure newname contains a '/' also */
if(strrchr(newname,'/') == 0) {
pstring tmpstr;
- strcpy(tmpstr, "./");
- strcat(tmpstr, newname);
- strcpy(newname, tmpstr);
+ pstrcpy(tmpstr, "./");
+ pstrcat(tmpstr, newname);
+ pstrcpy(newname, tmpstr);
}
DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n",
@@ -3197,7 +3197,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
* character above.
*/
p = strrchr(newname,'/');
- strcpy(newname_modified_last_component,p+1);
+ pstrcpy(newname_modified_last_component,p+1);
if(strcsequal(newname_modified_last_component,
newname_last_component) == False) {
@@ -3205,7 +3205,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
* Replace the modified last component with
* the original.
*/
- strcpy(p+1, newname_last_component);
+ pstrcpy(p+1, newname_last_component);
}
}
@@ -3235,7 +3235,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
error = ERRbadfile;
if (strequal(mask,"????????.???"))
- strcpy(mask,"*");
+ pstrcpy(mask,"*");
while ((dname = ReadDirName(dirptr)))
{
@@ -3309,8 +3309,8 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun,
p++;
else
p = src;
- strcat(dest,"/");
- strcat(dest,p);
+ pstrcat(dest,"/");
+ pstrcat(dest,p);
}
if (!file_exist(src,&st)) return(False);
@@ -3415,12 +3415,12 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
p = strrchr(name,'/');
if (!p) {
- strcpy(directory,"./");
- strcpy(mask,name);
+ pstrcpy(directory,"./");
+ pstrcpy(mask,name);
} else {
*p = 0;
- strcpy(directory,name);
- strcpy(mask,p+1);
+ pstrcpy(directory,name);
+ pstrcpy(mask,p+1);
}
if (is_mangled(mask))
@@ -3429,8 +3429,8 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
has_wild = strchr(mask,'*') || strchr(mask,'?');
if (!has_wild) {
- strcat(directory,"/");
- strcat(directory,mask);
+ pstrcat(directory,"/");
+ pstrcat(directory,mask);
if (resolve_wildcards(directory,newname) &&
copy_file(directory,newname,cnum,ofun,
count,target_is_directory)) count++;
@@ -3448,7 +3448,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
error = ERRbadfile;
if (strequal(mask,"????????.???"))
- strcpy(mask,"*");
+ pstrcpy(mask,"*");
while ((dname = ReadDirName(dirptr)))
{
@@ -3459,7 +3459,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
error = ERRnoaccess;
slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
- strcpy(destname,newname);
+ pstrcpy(destname,newname);
if (resolve_wildcards(fname,destname) &&
copy_file(directory,newname,cnum,ofun,
count,target_is_directory)) count++;
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 7788b142e0..540f9f799f 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -427,8 +427,8 @@ static BOOL mangled_equal(char *name1, char *name2)
if (is_8_3(name2, True))
return(False);
- strcpy(tmpname,name2);
- mangle_name_83(tmpname);
+ pstrcpy(tmpname,name2);
+ mangle_name_83(tmpname,sizeof(tmpname));
return(strequal(name1,tmpname));
}
@@ -453,7 +453,7 @@ static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache)
path = ".";
if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) {
- strcpy(name, dname);
+ pstrcpy(name, dname);
return(True);
}
@@ -489,7 +489,7 @@ static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache)
{
/* we've found the file, change it's name and return */
if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
- strcpy(name, dname);
+ pstrcpy(name, dname);
CloseDir(cur_dir);
return(True);
}
@@ -547,9 +547,9 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa
if(saved_last_component) {
end = strrchr(name, '/');
if(end)
- strcpy(saved_last_component, end + 1);
+ pstrcpy(saved_last_component, end + 1);
else
- strcpy(saved_last_component, name);
+ pstrcpy(saved_last_component, name);
}
if (!case_sensitive &&
@@ -567,7 +567,7 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa
/* sanitise the name */
for (s=name2 ; *s ; s++)
if (!issafe(*s)) *s = '_';
- strcpy(name,(char *)mktemp(name2));
+ pstrcpy(name,(char *)mktemp(name2));
}
return(True);
}
@@ -604,7 +604,7 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa
if (end) *end = 0;
if(saved_last_component != 0)
- strcpy(saved_last_component, end ? end + 1 : start);
+ pstrcpy(saved_last_component, end ? end + 1 : start);
/* check if the name exists up to this point */
if (sys_stat(name, &st) == 0)
@@ -669,14 +669,14 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa
/* restore the rest of the string */
if (end)
{
- strcpy(start+strlen(start)+1,rest);
+ pstrcpy(start+strlen(start)+1,rest);
end = start + strlen(start);
}
}
/* add to the dirpath that we have resolved so far */
- if (*dirpath) strcat(dirpath,"/");
- strcat(dirpath,start);
+ if (*dirpath) pstrcat(dirpath,"/");
+ pstrcat(dirpath,start);
/* restore the / that we wiped out earlier */
if (end) *end = '/';
@@ -990,7 +990,7 @@ static int fd_attempt_open(char *fname, int flags, int mode)
if((fd == -1) && (errno == ENOENT) &&
(strchr(fname,'.')==NULL))
{
- strcat(fname,".");
+ pstrcat(fname,".");
fd = sys_open(fname,flags,mode);
}
@@ -3370,7 +3370,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
{
if (validated_username(vuid))
{
- strcpy(user,validated_username(vuid));
+ pstrcpy(user,validated_username(vuid));
return(make_connection(user,user,password,pwlen,dev,vuid));
}
}
@@ -3381,7 +3381,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
*/
if(*sesssetup_user)
{
- strcpy(user,sesssetup_user);
+ pstrcpy(user,sesssetup_user);
return(make_connection(user,user,password,pwlen,dev,vuid));
}
}
@@ -3393,14 +3393,14 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
/* you can only connect to the IPC$ service as an ipc device */
if (strequal(service,"IPC$"))
- strcpy(dev,"IPC");
+ pstrcpy(dev,"IPC");
if (*dev == '?' || !*dev)
{
if (lp_print_ok(snum))
- strcpy(dev,"LPT1:");
+ pstrcpy(dev,"LPT1:");
else
- strcpy(dev,"A:");
+ pstrcpy(dev,"A:");
}
/* if the request is as a printer and you can't print then refuse */
@@ -3964,7 +3964,7 @@ int reply_nt1(char *outbuf)
data_len = crypt_len + strlen(global_myworkgroup) + 1;
set_message(outbuf,17,data_len,True);
- strcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup);
+ pstrcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup);
CVAL(outbuf,smb_vwv1) = secword;
SSVALS(outbuf,smb_vwv16+1,crypt_len);
@@ -4221,7 +4221,7 @@ void close_cnum(int cnum, uint16 vuid)
if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid))
{
pstring cmd;
- strcpy(cmd,lp_postexec(SNUM(cnum)));
+ pstrcpy(cmd,lp_postexec(SNUM(cnum)));
standard_sub(cnum,cmd);
smbrun(cmd,NULL,False);
unbecome_user();
@@ -4232,7 +4232,7 @@ void close_cnum(int cnum, uint16 vuid)
if (*lp_rootpostexec(SNUM(cnum)))
{
pstring cmd;
- strcpy(cmd,lp_rootpostexec(SNUM(cnum)));
+ pstrcpy(cmd,lp_rootpostexec(SNUM(cnum)));
standard_sub(cnum,cmd);
smbrun(cmd,NULL,False);
}
@@ -4270,7 +4270,7 @@ static BOOL dump_core(void)
pstring dname;
pstrcpy(dname,debugf);
if ((p=strrchr(dname,'/'))) *p=0;
- strcat(dname,"/corefiles");
+ pstrcat(dname,"/corefiles");
mkdir(dname,0700);
sys_chown(dname,getuid(),getgid());
chmod(dname,0700);
@@ -5060,9 +5060,9 @@ static void usage(char *pname)
TimeInit();
- strcpy(debugf,SMBLOGFILE);
+ pstrcpy(debugf,SMBLOGFILE);
- strcpy(remote_machine, "smb");
+ pstrcpy(remote_machine, "smb");
setup_logging(argv[0],False);
@@ -5101,10 +5101,10 @@ static void usage(char *pname)
switch (opt)
{
case 'O':
- strcpy(user_socket_options,optarg);
+ pstrcpy(user_socket_options,optarg);
break;
case 'i':
- strcpy(scope,optarg);
+ pstrcpy(scope,optarg);
break;
case 'P':
{
@@ -5113,10 +5113,10 @@ static void usage(char *pname)
}
break;
case 's':
- strcpy(servicesf,optarg);
+ pstrcpy(servicesf,optarg);
break;
case 'l':
- strcpy(debugf,optarg);
+ pstrcpy(debugf,optarg);
break;
case 'a':
{
@@ -5185,7 +5185,7 @@ static void usage(char *pname)
codepage_initialise(lp_client_code_page());
- strcpy(global_myworkgroup, lp_workgroup());
+ pstrcpy(global_myworkgroup, lp_workgroup());
#ifndef NO_SIGNAL_TEST
signal(SIGHUP,SIGNAL_CAST sig_hup);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index fb45efcc0b..db44dc984d 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -325,7 +325,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
if(p != NULL)
{
if(p[1] == '\0')
- strcpy(mask,"*.*");
+ pstrcpy(mask,"*.*");
else
pstrcpy(mask, p+1);
}
@@ -368,8 +368,8 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
pstrcpy(pathreal,Connections[cnum].dirpath);
if(needslash)
- strcat(pathreal,"/");
- strcat(pathreal,dname);
+ pstrcat(pathreal,"/");
+ pstrcat(pathreal,dname);
if (sys_stat(pathreal,&sbuf) != 0)
{
DEBUG(5,("get_lanman2_dir_entry:Couldn't stat [%s] (%s)\n",pathreal,strerror(errno)));
@@ -417,7 +417,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,l1_cbFileAlloc,ROUNDUP(size,1024));
SSVAL(p,l1_attrFile,mode);
SCVAL(p,l1_cchName,strlen(fname));
- strcpy(p + l1_achName, fname);
+ pstrcpy(p + l1_achName, fname);
nameptr = p + l1_achName;
p += l1_achName + strlen(fname) + 1;
break;
@@ -436,7 +436,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SSVAL(p,l2_attrFile,mode);
SIVAL(p,l2_cbList,0); /* No extended attributes */
SCVAL(p,l2_cchName,strlen(fname));
- strcpy(p + l2_achName, fname);
+ pstrcpy(p + l2_achName, fname);
nameptr = p + l2_achName;
p += l2_achName + strlen(fname) + 1;
break;
@@ -451,7 +451,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SSVAL(p,24,mode);
SIVAL(p,26,4);
CVAL(p,30) = strlen(fname);
- strcpy(p+31, fname);
+ pstrcpy(p+31, fname);
nameptr = p+31;
p += 31 + strlen(fname) + 1;
break;
@@ -469,7 +469,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,20,ROUNDUP(size,1024));
SSVAL(p,24,mode);
CVAL(p,32) = strlen(fname);
- strcpy(p + 33, fname);
+ pstrcpy(p + 33, fname);
nameptr = p+33;
p += 33 + strlen(fname) + 1;
break;
@@ -490,7 +490,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,0,strlen(fname)); p += 4;
SIVAL(p,0,0); p += 4;
if (!was_8_3) {
- strcpy(p+2,fname);
+ pstrcpy(p+2,fname);
if (!name_map_mangle(p+2,True,SNUM(cnum)))
(p+2)[12] = 0;
} else
@@ -499,7 +499,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SSVAL(p,0,strlen(p+2));
p += 2 + 24;
/* nameptr = p; */
- strcpy(p,fname); p += strlen(p);
+ pstrcpy(p,fname); p += strlen(p);
p = pdata + len;
break;
@@ -516,7 +516,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,0,size); p += 8;
SIVAL(p,0,nt_extmode); p += 4;
SIVAL(p,0,strlen(fname)); p += 4;
- strcpy(p,fname);
+ pstrcpy(p,fname);
p = pdata + len;
break;
@@ -535,7 +535,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,0,nt_extmode); p += 4;
SIVAL(p,0,strlen(fname)); p += 4;
SIVAL(p,0,0); p += 4;
- strcpy(p,fname);
+ pstrcpy(p,fname);
p = pdata + len;
break;
@@ -545,7 +545,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l
SIVAL(p,0,len); p += 4;
SIVAL(p,0,reskey); p += 4;
SIVAL(p,0,strlen(fname)); p += 4;
- strcpy(p,fname);
+ pstrcpy(p,fname);
p = pdata + len;
break;
@@ -651,10 +651,10 @@ static int call_trans2findfirst(char *inbuf, char *outbuf, int bufsize, int cnum
p = strrchr(directory,'/');
if(p == NULL) {
- strcpy(mask,directory);
- strcpy(directory,"./");
+ pstrcpy(mask,directory);
+ pstrcpy(directory,"./");
} else {
- strcpy(mask,p+1);
+ pstrcpy(mask,p+1);
*p = 0;
}
@@ -686,7 +686,7 @@ static int call_trans2findfirst(char *inbuf, char *outbuf, int bufsize, int cnum
}
/* a special case for 16 bit apps */
- if (strequal(mask,"????????.???")) strcpy(mask,"*");
+ if (strequal(mask,"????????.???")) pstrcpy(mask,"*");
/* handle broken clients that send us old 8.3 format */
string_sub(mask,"????????","*");
@@ -863,8 +863,8 @@ resume_key = %d resume name = %s continue=%d level = %d\n",
DEBUG(2,("dptr_num %d has no wildcard\n", dptr_num));
return (ERROR(ERRDOS,ERRnofiles));
}
- strcpy(mask, p);
- strcpy(directory,Connections[cnum].dirpath);
+ pstrcpy(mask, p);
+ pstrcpy(directory,Connections[cnum].dirpath);
/* Get the attr mask from the dptr */
dirtype = dptr_attr(dptr_num);
@@ -1060,7 +1060,7 @@ static int call_trans2qfsinfo(char *inbuf, char *outbuf, int length, int bufsize
case SMB_QUERY_FS_LABEL_INFO:
data_len = 4 + strlen(vname);
SIVAL(pdata,0,strlen(vname));
- strcpy(pdata+4,vname);
+ pstrcpy(pdata+4,vname);
break;
case SMB_QUERY_FS_VOLUME_INFO:
data_len = 18 + 2*strlen(vname);
diff --git a/source3/smbd/vt_mode.c b/source3/smbd/vt_mode.c
index dcb6ce831d..19f8259464 100644
--- a/source3/smbd/vt_mode.c
+++ b/source3/smbd/vt_mode.c
@@ -50,7 +50,7 @@ extern int DEBUGLEVEL;
extern char *InBuffer, *OutBuffer;
extern int done_become_user;
-char master_name [64], slave_name [64];
+fstring master_name, slave_name;
int master, slave, i, o, e;
int ms_type = MS_NONE,
@@ -202,8 +202,8 @@ int VT_Start(void)
#endif
if(ms_poll == MS_VTY || ms_poll == 0) {
- strcpy(master_name, MASTER_TMPL);
- strcpy(slave_name, SLAVE_TMPL);
+ fstrcpy(master_name, MASTER_TMPL);
+ fstrcpy(slave_name, SLAVE_TMPL);
for(X = LETTER1; *X && master < 0; X++)
for(Y = LETTER2; *Y && master < 0; Y++) {
@@ -242,9 +242,9 @@ int VT_Start(void)
int i;
for(i = MIN_I; i <= MAX_I && master < 0; i++) {
- sprintf(master_name, MASTER_TMPL, i);
+ slprintf(master_name, sizeof(fstring) - 1, MASTER_TMPL, i);
if((master = open(master_name, O_RDWR)) >= 0) {
- sprintf(slave_name, SLAVE_TMPL, i);
+ slprintf(slave_name, sizeof(fstring) - 1, SLAVE_TMPL, i);
if((slave = open(slave_name, O_RDWR)) < 0)
close(master);
}