diff options
-rw-r--r-- | source3/smbd/mangle_hash.c | 4 | ||||
-rw-r--r-- | source3/smbd/mangle_hash2.c | 5 | ||||
-rw-r--r-- | source3/smbd/reply.c | 6 |
3 files changed, 15 insertions, 0 deletions
diff --git a/source3/smbd/mangle_hash.c b/source3/smbd/mangle_hash.c index fee386d6db..871702623a 100644 --- a/source3/smbd/mangle_hash.c +++ b/source3/smbd/mangle_hash.c @@ -95,6 +95,10 @@ static NTSTATUS has_illegal_chars(const smb_ucs2_t *s, BOOL allow_wildcards) } while (*s) { + if (*s <= 0x1f) { + /* Control characters. */ + return NT_STATUS_UNSUCCESSFUL; + } switch(*s) { case UCS2_CHAR('\\'): case UCS2_CHAR('/'): diff --git a/source3/smbd/mangle_hash2.c b/source3/smbd/mangle_hash2.c index 6a8462ee3d..4325c07f58 100644 --- a/source3/smbd/mangle_hash2.c +++ b/source3/smbd/mangle_hash2.c @@ -633,6 +633,11 @@ static void init_tables(void) memset(char_flags, 0, sizeof(char_flags)); for (i=1;i<128;i++) { + if (i <= 0x1f) { + /* Control characters. */ + char_flags[i] |= FLAG_ILLEGAL; + } + if ((i >= '0' && i <= '9') || (i >= 'a' && i <= 'z') || (i >= 'A' && i <= 'Z')) { diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 686f54c5e7..1c2e950836 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -118,6 +118,9 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } if (!(*s & 0x80)) { + if (*s <= 0x1f) { + return NT_STATUS_OBJECT_NAME_INVALID; + } switch (*s) { case '*': case '?': @@ -244,6 +247,9 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) } if (!(*s & 0x80)) { + if (*s <= 0x1f) { + return NT_STATUS_OBJECT_NAME_INVALID; + } *d++ = *s++; } else { switch(next_mb_char_size(s)) { |