r10669: reverted jelmers commit 10663 as it was causing lots of panics in 'make test'

I also think the method of getting rid of pstring isn't the right
one. I certainly do want to get rid of pstring/fstring, but the reason
for removing them is the use of arbitrary sized fixed length strings
on the stack and in structures. Changing to another fixed length stack
string format isn't really a win, and moving to use strncpy() is
actually worse than pstrcpy() as strncpy() has the absolutely awful
semantics of always zeroing all remaining bytes, so it ends up taking
a lot of cpu doing pointless memory writes.

I'd rather move to more use of asprintf()/talloc_asprintf() and
similar functions for dynamic string allocation.

You also have to be very careful about some of these system defined
string limits. One some systems PATH_MAX could be 64k or even larger,
which can quickly blow the stack out when you allocate a few of them.
(This used to be commit 194efd26e42d621b239052ed1fec8da916bd2144)

2 files changed, 13 insertions, 8 deletions

diff --git a/source4/auth/ntlmssp/ntlmssp_parse.c b/source4/auth/ntlmssp/ntlmssp_parse.c
index fa839b43d8..42546cb130 100644
--- a/source4/auth/ntlmssp/ntlmssp_parse.c
+++ b/source4/auth/ntlmssp/ntlmssp_parse.c
@@ -21,6 +21,7 @@
 */
 
 #include "includes.h"
+#include "pstring.h"
 
 /*
   this is a tiny msrpc packet generator. I am only using this to
@@ -209,7 +210,7 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
 	uint16_t len1, len2;
 	uint32_t ptr;
 	uint32_t *v;
-	char *p;
+	pstring p;
 
 	va_start(ap, format);
 	for (i=0; format[i]; i++) {
@@ -236,10 +237,13 @@ BOOL msrpc_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob,
 					return False;
 
 				if (0 < len1) {
-					if (convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, blob->data + ptr, len1, (void **)&p) < 0) {
+					pull_string(p, blob->data + ptr, sizeof(p), 
+						    len1, 
+						    STR_UNICODE|STR_NOALIGN);
+					(*ps) = talloc_strdup(mem_ctx, p);
+					if (!(*ps)) {
 						return False;
 					}
-					(*ps) = p;
 				} else {
 					(*ps) = "";
 				}
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index c448402a55..9f106da37c 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -26,6 +26,7 @@
 #include "auth/auth.h"
 #include "auth/ntlmssp/ntlmssp.h"
 #include "lib/crypto/crypto.h"
+#include "pstring.h"
 #include "system/filesys.h"
 
 /** 
@@ -106,7 +107,7 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms
 */
 static BOOL get_myfullname(char *my_name)
 {
-	char hostname[HOST_NAME_MAX];
+	pstring hostname;
 
 	*hostname = 0;
 
@@ -120,13 +121,13 @@ static BOOL get_myfullname(char *my_name)
 	hostname[sizeof(hostname)-1] = '\0';
 
 	if (my_name)
-		strncpy(my_name, hostname, sizeof(hostname));
+		fstrcpy(my_name, hostname);
 	return True;
 }
 
 static BOOL get_mydomname(char *my_domname)
 {
-	char hostname[HOST_NAME_MAX];
+	pstring hostname;
 	char *p;
 
 	/* arrgh! relies on full name in system */
@@ -149,7 +150,7 @@ static BOOL get_mydomname(char *my_domname)
 	p++;
 	
 	if (my_domname)
-		strncpy(my_domname, p, sizeof(hostname));
+		fstrcpy(my_domname, p);
 
 	return True;
 }
@@ -172,7 +173,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data;
 	DATA_BLOB struct_blob;
-	char dnsname[HOST_NAME_MAX], dnsdomname[HOST_NAME_MAX];
+	fstring dnsname, dnsdomname;
 	uint32_t neg_flags = 0;
 	uint32_t ntlmssp_command, chal_flags;
 	char *cliname=NULL, *domname=NULL;