diff options
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/include/proto.h | 47 | ||||
-rw-r--r-- | source3/include/safe_string.h | 79 | ||||
-rw-r--r-- | source3/lib/charcnv.c | 90 | ||||
-rw-r--r-- | source3/lib/clobber.c | 63 | ||||
-rw-r--r-- | source3/lib/util.c | 14 | ||||
-rw-r--r-- | source3/lib/util_sock.c | 4 | ||||
-rw-r--r-- | source3/lib/util_str.c | 63 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 7 | ||||
-rw-r--r-- | source3/libsmb/clistr.c | 27 | ||||
-rw-r--r-- | source3/smbd/srvstr.c | 5 | ||||
-rwxr-xr-x | source3/wscript_build | 2 |
12 files changed, 87 insertions, 316 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 065f0cbad7..01245c1c12 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -450,7 +450,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ) \ lib/access.o lib/smbrun.o \ lib/bitmap.o lib/dprintf.o $(UTIL_REG_OBJ) \ lib/wins_srv.o \ - lib/util_str.o lib/clobber.o lib/util_sid.o \ + lib/util_str.o lib/util_sid.o \ lib/util_unistr.o ../lib/util/charset/codepoints.o lib/util_file.o \ lib/util.o lib/util_names.o \ lib/util_sock.o lib/sock_exec.o lib/util_sec.o \ diff --git a/source3/include/proto.h b/source3/include/proto.h index bb9241c893..d806b36dd2 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -449,25 +449,19 @@ bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src, size_t *converted_size); bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size); -size_t push_string_check_fn(const char *function, unsigned int line, - void *dest, const char *src, +size_t push_string_check_fn(void *dest, const char *src, size_t dest_len, int flags); -size_t push_string_base(const char *function, unsigned int line, - const char *base, uint16 flags2, +size_t push_string_base(const char *base, uint16 flags2, void *dest, const char *src, size_t dest_len, int flags); -size_t pull_string_fn(const char *function, - unsigned int line, - const void *base_ptr, +size_t pull_string_fn(const void *base_ptr, uint16 smb_flags2, char *dest, const void *src, size_t dest_len, size_t src_len, int flags); -size_t pull_string_talloc_fn(const char *function, - unsigned int line, - TALLOC_CTX *ctx, +size_t pull_string_talloc_fn(TALLOC_CTX *ctx, const void *base_ptr, uint16 smb_flags2, char **ppdest, @@ -479,10 +473,6 @@ codepoint_t next_codepoint_ext(const char *str, charset_t src_charset, size_t *bytes_consumed); codepoint_t next_codepoint(const char *str, size_t *size); -/* The following definitions come from lib/clobber.c */ - -void clobber_region(const char *fn, unsigned int line, char *dest, size_t len); - /* The following definitions come from lib/conn_tdb.c */ struct db_record *connections_fetch_entry(TALLOC_CTX *mem_ctx, @@ -1356,23 +1346,17 @@ size_t str_ascii_charnum(const char *s); bool trim_char(char *s,char cfront,char cback); bool strhasupper(const char *s); bool strhaslower(const char *s); -char *safe_strcpy_fn(const char *fn, - int line, - char *dest, +char *safe_strcpy_fn(char *dest, const char *src, size_t maxlength); -char *safe_strcat_fn(const char *fn, - int line, - char *dest, +char *safe_strcat_fn(char *dest, const char *src, size_t maxlength); -char *alpha_strcpy_fn(const char *fn, - int line, - char *dest, +char *alpha_strcpy_fn(char *dest, const char *src, const char *other_safe_chars, size_t maxlength); -char *StrnCpy_fn(const char *fn, int line,char *dest,const char *src,size_t n); +char *StrnCpy_fn(char *dest,const char *src,size_t n); bool in_list(const char *s, const char *list, bool casesensitive); void string_free(char **s); bool string_set(char **dest,const char *src); @@ -2333,24 +2317,18 @@ bool spnego_mech_list_blob(TALLOC_CTX *mem_ctx, /* The following definitions come from libsmb/clistr.c */ -size_t clistr_push_fn(const char *function, - unsigned int line, - struct cli_state *cli, +size_t clistr_push_fn(struct cli_state *cli, void *dest, const char *src, int dest_len, int flags); -size_t clistr_pull_fn(const char *function, - unsigned int line, - const char *inbuf, +size_t clistr_pull_fn(const char *inbuf, char *dest, const void *src, int dest_len, int src_len, int flags); -size_t clistr_pull_talloc_fn(const char *function, - unsigned int line, - TALLOC_CTX *ctx, +size_t clistr_pull_talloc_fn(TALLOC_CTX *ctx, const char *base, uint16_t flags2, char **pp_dest, @@ -5024,8 +5002,7 @@ bool is_share_read_only_for_token(const char *username, /* The following definitions come from smbd/srvstr.c */ -size_t srvstr_push_fn(const char *function, unsigned int line, - const char *base_ptr, uint16 smb_flags2, void *dest, +size_t srvstr_push_fn(const char *base_ptr, uint16 smb_flags2, void *dest, const char *src, int dest_len, int flags); ssize_t message_push_string(uint8 **outbuf, const char *str, int flags); diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h index 56e3b67aa6..f54464e9c0 100644 --- a/source3/include/safe_string.h +++ b/source3/include/safe_string.h @@ -62,14 +62,6 @@ #endif /* !_SPLINT_ */ -#ifdef DEVELOPER -#define SAFE_STRING_FUNCTION_NAME __FUNCTION__ -#define SAFE_STRING_LINE __LINE__ -#else -#define SAFE_STRING_FUNCTION_NAME ("") -#define SAFE_STRING_LINE (0) -#endif - /* We need a number of different prototypes for our non-existant fuctions */ char * __unsafe_string_function_usage_here__(void); @@ -94,8 +86,7 @@ size_t __unsafe_string_function_usage_here_char__(void); safe_strcpy(dest, src, size-PTR_DIFF(dest,base)-1) /* String copy functions - macro hell below adds 'type checking' (limited, - but the best we can do in C) and may tag with function name/number to - record the last 'clobber region' on that string */ + but the best we can do in C) */ #define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1) #define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1) @@ -106,61 +97,43 @@ size_t __unsafe_string_function_usage_here_char__(void); * update a lot of code. To make this a little easier here are some * functions that provide the lengths with less pain */ -/* Inside the _fn variants of these is a call to clobber_region(), - - * which might destroy the stack on a buggy function. We help the - * debugging process by putting the function and line who last caused - * a clobbering into a static buffer. If the program crashes at - * address 0xf1f1f1f1 then this function is probably, but not - * necessarily, to blame. */ - /* overmalloc_safe_strcpy: DEPRECATED! Used when you know the * destination buffer is longer than maxlength, but you don't know how * long. This is not a good situation, because we can't do the normal * sanity checks. Don't use in new code! */ #define overmalloc_safe_strcpy(dest,src,maxlength) \ - safe_strcpy_fn(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - dest,src,maxlength) + safe_strcpy_fn(dest,src,maxlength) #define safe_strcpy(dest,src,maxlength) \ - safe_strcpy_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - dest,src,maxlength) + safe_strcpy_fn2(dest,src,maxlength) #define safe_strcat(dest,src,maxlength) \ - safe_strcat_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - dest,src,maxlength) + safe_strcat_fn2(dest,src,maxlength) #define push_string_check(dest, src, dest_len, flags) \ - push_string_check_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - dest, src, dest_len, flags) + push_string_check_fn2(dest, src, dest_len, flags) #define pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ - pull_string_talloc_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - ctx, base_ptr, smb_flags2, dest, src, src_len, flags) + pull_string_talloc_fn2(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) #define clistr_push(cli, dest, src, dest_len, flags) \ - clistr_push_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - cli, dest, src, dest_len, flags) + clistr_push_fn2(cli, dest, src, dest_len, flags) #define clistr_pull(inbuf, dest, src, dest_len, src_len, flags) \ - clistr_pull_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - inbuf, dest, src, dest_len, src_len, flags) + clistr_pull_fn2(inbuf, dest, src, dest_len, src_len, flags) #define clistr_pull_talloc(ctx, base, flags2, pp_dest, src, src_len, flags) \ - clistr_pull_talloc_fn(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - ctx, base, flags2, pp_dest, src, src_len, flags) + clistr_pull_talloc_fn(ctx, base, flags2, pp_dest, src, src_len, flags) #define srvstr_push(base_ptr, smb_flags2, dest, src, dest_len, flags) \ - srvstr_push_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - base_ptr, smb_flags2, dest, src, dest_len, flags) + srvstr_push_fn2(base_ptr, smb_flags2, dest, src, dest_len, flags) #define alpha_strcpy(dest,src,other_safe_chars,maxlength) \ - alpha_strcpy_fn(SAFE_STRING_FUNCTION_NAME,SAFE_STRING_LINE, \ - dest,src,other_safe_chars,maxlength) + alpha_strcpy_fn(dest,src,other_safe_chars,maxlength) #define StrnCpy(dest,src,n) \ - StrnCpy_fn(SAFE_STRING_FUNCTION_NAME,SAFE_STRING_LINE, \ - dest,src,n) + StrnCpy_fn(dest,src,n) #ifdef HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS @@ -168,38 +141,38 @@ size_t __unsafe_string_function_usage_here_char__(void); have the correct types (this works only where sizeof() returns the size of the buffer, not the size of the pointer). */ -#define safe_strcpy_fn2(fn_name, fn_line, d, s, max_len) \ +#define safe_strcpy_fn2(d, s, max_len) \ (CHECK_STRING_SIZE(d, max_len+1) \ ? __unsafe_string_function_usage_here__() \ - : safe_strcpy_fn(fn_name, fn_line, (d), (s), (max_len))) + : safe_strcpy_fn((d), (s), (max_len))) -#define safe_strcat_fn2(fn_name, fn_line, d, s, max_len) \ +#define safe_strcat_fn2(d, s, max_len) \ (CHECK_STRING_SIZE(d, max_len+1) \ ? __unsafe_string_function_usage_here__() \ - : safe_strcat_fn(fn_name, fn_line, (d), (s), (max_len))) + : safe_strcat_fn((d), (s), (max_len))) -#define push_string_check_fn2(fn_name, fn_line, dest, src, dest_len, flags) \ +#define push_string_check_fn2(dest, src, dest_len, flags) \ (CHECK_STRING_SIZE(dest, dest_len) \ ? __unsafe_string_function_usage_here_size_t__() \ - : push_string_check_fn(fn_name, fn_line, dest, src, dest_len, flags)) + : push_string_check_fn(dest, src, dest_len, flags)) -#define pull_string_talloc_fn2(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ - pull_string_talloc_fn(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) +#define pull_string_talloc_fn2(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ + pull_string_talloc_fn(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) -#define clistr_push_fn2(fn_name, fn_line, cli, dest, src, dest_len, flags) \ +#define clistr_push_fn2(cli, dest, src, dest_len, flags) \ (CHECK_STRING_SIZE(dest, dest_len) \ ? __unsafe_string_function_usage_here_size_t__() \ - : clistr_push_fn(fn_name, fn_line, cli, dest, src, dest_len, flags)) + : clistr_push_fn(cli, dest, src, dest_len, flags)) -#define clistr_pull_fn2(fn_name, fn_line, inbuf, dest, src, dest_len, srclen, flags) \ +#define clistr_pull_fn2(inbuf, dest, src, dest_len, srclen, flags) \ (CHECK_STRING_SIZE(dest, dest_len) \ ? __unsafe_string_function_usage_here_size_t__() \ - : clistr_pull_fn(fn_name, fn_line, inbuf, dest, src, dest_len, srclen, flags)) + : clistr_pull_fn(inbuf, dest, src, dest_len, srclen, flags)) -#define srvstr_push_fn2(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, flags) \ +#define srvstr_push_fn2(base_ptr, smb_flags2, dest, src, dest_len, flags) \ (CHECK_STRING_SIZE(dest, dest_len) \ ? __unsafe_string_function_usage_here_size_t__() \ - : srvstr_push_fn(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, flags)) + : srvstr_push_fn(base_ptr, smb_flags2, dest, src, dest_len, flags)) #else diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 5b2149b9c1..1779c4fbf7 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -1297,11 +1297,11 @@ size_t pull_ucs2(const void *base_ptr, char *dest, const void *src, size_t dest_ **/ size_t pull_ucs2_base_talloc(TALLOC_CTX *ctx, - const void *base_ptr, - char **ppdest, - const void *src, - size_t src_len, - int flags) + const void *base_ptr, + char **ppdest, + const void *src, + size_t src_len, + int flags) { char *dest; size_t dest_len; @@ -1476,24 +1476,9 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, is -1 then no maxiumum is used. **/ -size_t push_string_check_fn(const char *function, unsigned int line, - void *dest, const char *src, - size_t dest_len, int flags) +size_t push_string_check_fn(void *dest, const char *src, + size_t dest_len, int flags) { -#ifdef DEVELOPER - /* We really need to zero fill here, not clobber - * region, as we want to ensure that valgrind thinks - * all of the outgoing buffer has been written to - * so a send() or write() won't trap an error. - * JRA. - */ -#if 0 - clobber_region(function, line, dest, dest_len); -#else - memset(dest, '\0', dest_len); -#endif -#endif - if (!(flags & STR_ASCII) && (flags & STR_UNICODE)) { return push_ucs2(NULL, dest, src, dest_len, flags); } @@ -1515,24 +1500,10 @@ size_t push_string_check_fn(const char *function, unsigned int line, is -1 then no maxiumum is used. **/ -size_t push_string_base(const char *function, unsigned int line, - const char *base, uint16 flags2, +size_t push_string_base(const char *base, uint16 flags2, void *dest, const char *src, size_t dest_len, int flags) { -#ifdef DEVELOPER - /* We really need to zero fill here, not clobber - * region, as we want to ensure that valgrind thinks - * all of the outgoing buffer has been written to - * so a send() or write() won't trap an error. - * JRA. - */ -#if 0 - clobber_region(function, line, dest, dest_len); -#else - memset(dest, '\0', dest_len); -#endif -#endif if (!(flags & STR_ASCII) && \ ((flags & STR_UNICODE || \ @@ -1559,15 +1530,6 @@ size_t push_string_base(const char *function, unsigned int line, ssize_t push_string(void *dest, const char *src, size_t dest_len, int flags) { size_t ret; -#ifdef DEVELOPER - /* We really need to zero fill here, not clobber - * region, as we want to ensure that valgrind thinks - * all of the outgoing buffer has been written to - * so a send() or write() won't trap an error. - * JRA. - */ - memset(dest, '\0', dest_len); -#endif if (!(flags & STR_ASCII) && \ (flags & STR_UNICODE)) { @@ -1595,20 +1557,14 @@ ssize_t push_string(void *dest, const char *src, size_t dest_len, int flags) The resulting string in "dest" is always null terminated. **/ -size_t pull_string_fn(const char *function, - unsigned int line, - const void *base_ptr, - uint16 smb_flags2, - char *dest, - const void *src, - size_t dest_len, - size_t src_len, - int flags) +size_t pull_string_fn(const void *base_ptr, + uint16 smb_flags2, + char *dest, + const void *src, + size_t dest_len, + size_t src_len, + int flags) { -#ifdef DEVELOPER - clobber_region(function, line, dest, dest_len); -#endif - if ((base_ptr == NULL) && ((flags & (STR_ASCII|STR_UNICODE)) == 0)) { smb_panic("No base ptr to get flg2 and neither ASCII nor " "UNICODE defined"); @@ -1637,15 +1593,13 @@ size_t pull_string_fn(const char *function, The resulting string in "dest" is always null terminated. **/ -size_t pull_string_talloc_fn(const char *function, - unsigned int line, - TALLOC_CTX *ctx, - const void *base_ptr, - uint16 smb_flags2, - char **ppdest, - const void *src, - size_t src_len, - int flags) +size_t pull_string_talloc(TALLOC_CTX *ctx, + const void *base_ptr, + uint16 smb_flags2, + char **ppdest, + const void *src, + size_t src_len, + int flags) { if ((base_ptr == NULL) && ((flags & (STR_ASCII|STR_UNICODE)) == 0)) { smb_panic("No base ptr to get flg2 and neither ASCII nor " diff --git a/source3/lib/clobber.c b/source3/lib/clobber.c deleted file mode 100644 index e77e786fb5..0000000000 --- a/source3/lib/clobber.c +++ /dev/null @@ -1,63 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba utility functions - Copyright (C) Martin Pool 2003 - Copyright (C) Andrew Bartlett 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -#ifdef DEVELOPER -const char *global_clobber_region_function; -unsigned int global_clobber_region_line; -#endif - -/** - * In developer builds, clobber a region of memory. - * - * If we think a string buffer is longer than it really is, this ought - * to make the failure obvious, by segfaulting (if in the heap) or by - * killing the return address (on the stack), or by trapping under a - * memory debugger. - * - * This is meant to catch possible string overflows, even if the - * actual string copied is not big enough to cause an overflow. - * - * In addition, under Valgrind the buffer is marked as uninitialized. - **/ -void clobber_region(const char *fn, unsigned int line, char *dest, size_t len) -{ -#ifdef DEVELOPER - global_clobber_region_function = fn; - global_clobber_region_line = line; - - /* F1 is odd and 0xf1f1f1f1 shouldn't be a valid pointer */ - memset(dest, 0xF1, len); -#ifdef VALGRIND - /* Even though we just wrote to this, from the application's - * point of view it is not initialized. - * - * (This is not redundant with the clobbering above. The - * marking might not actually take effect if we're not running - * under valgrind.) */ -#if defined(VALGRIND_MAKE_MEM_UNDEFINED) - VALGRIND_MAKE_MEM_UNDEFINED(dest, len); -#elif defined(VALGRIND_MAKE_WRITABLE) - VALGRIND_MAKE_WRITABLE(dest, len); -#endif -#endif /* VALGRIND */ -#endif /* DEVELOPER */ -} diff --git a/source3/lib/util.c b/source3/lib/util.c index 79b10fda5e..b99d9d42a8 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -26,9 +26,6 @@ #include "secrets.h" #include "ctdbd_conn.h" -extern char *global_clobber_region_function; -extern unsigned int global_clobber_region_line; - /* Max allowable allococation - 256mb - 0x10000000 */ #define MAX_ALLOC_SIZE (1024*1024*256) @@ -1349,17 +1346,6 @@ void smb_panic_s3(const char *why) char *cmd; int result; -#ifdef DEVELOPER - { - - if (global_clobber_region_function) { - DEBUG(0,("smb_panic: clobber_region() last called from [%s(%u)]\n", - global_clobber_region_function, - global_clobber_region_line)); - } - } -#endif - DEBUG(0,("PANIC (pid %llu): %s\n", (unsigned long long)sys_getpid(), why)); log_stack_trace(); diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 3c97495099..eea153ad91 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -1380,10 +1380,6 @@ const char *get_peer_name(int fd, bool force_lookup) } } - /* can't pass the same source and dest strings in when you - use --enable-developer or the clobber_region() call will - get you */ - strlcpy(tmp_name, name_buf, sizeof(tmp_name)); alpha_strcpy(name_buf, tmp_name, "_-.", sizeof(name_buf)); if (strstr(name_buf,"..")) { diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index 6a17297231..a1dfc70707 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -500,24 +500,16 @@ bool strhaslower(const char *s) include the terminating zero. **/ -char *safe_strcpy_fn(const char *fn, - int line, - char *dest, - const char *src, - size_t maxlength) +char *safe_strcpy_fn(char *dest, + const char *src, + size_t maxlength) { size_t len; if (!dest) { - DEBUG(0,("ERROR: NULL dest in safe_strcpy, " - "called from [%s][%d]\n", fn, line)); - return NULL; + smb_panic("ERROR: NULL dest in safe_strcpy"); } -#ifdef DEVELOPER - clobber_region(fn,line,dest, maxlength+1); -#endif - if (!src) { *dest = 0; return dest; @@ -542,18 +534,14 @@ char *safe_strcpy_fn(const char *fn, Safe string cat into a string. maxlength does not include the terminating zero. **/ -char *safe_strcat_fn(const char *fn, - int line, - char *dest, - const char *src, - size_t maxlength) +char *safe_strcat_fn(char *dest, + const char *src, + size_t maxlength) { size_t src_len, dest_len; if (!dest) { - DEBUG(0,("ERROR: NULL dest in safe_strcat, " - "called from [%s][%d]\n", fn, line)); - return NULL; + smb_panic("ERROR: NULL dest in safe_strcat"); } if (!src) @@ -562,10 +550,6 @@ char *safe_strcat_fn(const char *fn, src_len = strnlen(src, maxlength + 1); dest_len = strnlen(dest, maxlength + 1); -#ifdef DEVELOPER - clobber_region(fn, line, dest + dest_len, maxlength + 1 - dest_len); -#endif - if (src_len + dest_len > maxlength) { DEBUG(0,("ERROR: string overflow by %d " "in safe_strcat [%.50s]\n", @@ -589,23 +573,15 @@ char *safe_strcat_fn(const char *fn, characters. Don't change it ! **/ -char *alpha_strcpy_fn(const char *fn, - int line, - char *dest, - const char *src, - const char *other_safe_chars, - size_t maxlength) +char *alpha_strcpy_fn(char *dest, + const char *src, + const char *other_safe_chars, + size_t maxlength) { size_t len, i; -#ifdef DEVELOPER - clobber_region(fn, line, dest, maxlength); -#endif - if (!dest) { - DEBUG(0,("ERROR: NULL dest in alpha_strcpy, " - "called from [%s][%d]\n", fn, line)); - return NULL; + smb_panic("ERROR: NULL dest in alpha_strcpy"); } if (!src) { @@ -638,18 +614,12 @@ char *alpha_strcpy_fn(const char *fn, Like strncpy but always null terminates. Make sure there is room! The variable n should always be one less than the available size. **/ -char *StrnCpy_fn(const char *fn, int line,char *dest,const char *src,size_t n) +char *StrnCpy_fn(char *dest,const char *src,size_t n) { char *d = dest; -#ifdef DEVELOPER - clobber_region(fn, line, dest, n+1); -#endif - if (!dest) { - DEBUG(0,("ERROR: NULL dest in StrnCpy, " - "called from [%s][%d]\n", fn, line)); - return(NULL); + smb_panic("ERROR: NULL dest in StrnCpy"); } if (!src) { @@ -677,9 +647,6 @@ static char *strncpyn(char *dest, const char *src, size_t n, char c) char *p; size_t str_len; -#ifdef DEVELOPER - clobber_region(dest, n+1); -#endif p = strchr_m(src, c); if (p == NULL) { DEBUG(5, ("strncpyn: separator character (%c) not found\n", c)); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 096dd2f3fd..7eb10c4f1d 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -615,13 +615,6 @@ struct cli_state *cli_initialise_ex(int signing_state) memset(cli->outbuf, 0, cli->bufsize); memset(cli->inbuf, 0, cli->bufsize); - -#if defined(DEVELOPER) - /* just because we over-allocate, doesn't mean it's right to use it */ - clobber_region(__FUNCTION__, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN); - clobber_region(__FUNCTION__, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN); -#endif - /* initialise signing */ cli->signing_state = smb_signing_init(cli, allow_smb_signing, diff --git a/source3/libsmb/clistr.c b/source3/libsmb/clistr.c index aeb0bc64c8..8856e03dd0 100644 --- a/source3/libsmb/clistr.c +++ b/source3/libsmb/clistr.c @@ -20,9 +20,7 @@ #include "includes.h" -size_t clistr_push_fn(const char *function, - unsigned int line, - struct cli_state *cli, +size_t clistr_push_fn(struct cli_state *cli, void *dest, const char *src, int dest_len, @@ -32,42 +30,35 @@ size_t clistr_push_fn(const char *function, if (dest_len == -1) { if (((ptrdiff_t)dest < (ptrdiff_t)cli->outbuf) || (buf_used > cli->bufsize)) { DEBUG(0, ("Pushing string of 'unlimited' length into non-SMB buffer!\n")); - return push_string_base(function, line, - cli->outbuf, + return push_string_base(cli->outbuf, (uint16_t)(cli_ucs2(cli) ? FLAGS2_UNICODE_STRINGS : 0), dest, src, -1, flags); } - return push_string_base(function, line, - cli->outbuf, + return push_string_base(cli->outbuf, (uint16_t)(cli_ucs2(cli) ? FLAGS2_UNICODE_STRINGS : 0), dest, src, cli->bufsize - buf_used, flags); } /* 'normal' push into size-specified buffer */ - return push_string_base(function, line, - cli->outbuf, + return push_string_base(cli->outbuf, (uint16_t)(cli_ucs2(cli) ? FLAGS2_UNICODE_STRINGS : 0), dest, src, dest_len, flags); } -size_t clistr_pull_fn(const char *function, - unsigned int line, - const char *inbuf, +size_t clistr_pull_fn(const char *inbuf, char *dest, const void *src, int dest_len, int src_len, int flags) { - return pull_string_fn(function, line, inbuf, + return pull_string_fn(inbuf, SVAL(inbuf, smb_flg2), dest, src, dest_len, src_len, flags); } -size_t clistr_pull_talloc_fn(const char *function, - unsigned int line, - TALLOC_CTX *ctx, +size_t clistr_pull_talloc_fn(TALLOC_CTX *ctx, const char *base, uint16_t flags2, char **pp_dest, @@ -75,9 +66,7 @@ size_t clistr_pull_talloc_fn(const char *function, int src_len, int flags) { - return pull_string_talloc_fn(function, - line, - ctx, + return pull_string_talloc_fn(ctx, base, flags2, pp_dest, diff --git a/source3/smbd/srvstr.c b/source3/smbd/srvstr.c index d3f341138c..4fd533fcaf 100644 --- a/source3/smbd/srvstr.c +++ b/source3/smbd/srvstr.c @@ -23,8 +23,7 @@ /* Make sure we can't write a string past the end of the buffer */ -size_t srvstr_push_fn(const char *function, unsigned int line, - const char *base_ptr, uint16 smb_flags2, void *dest, +size_t srvstr_push_fn(const char *base_ptr, uint16 smb_flags2, void *dest, const char *src, int dest_len, int flags) { if (dest_len < 0) { @@ -32,7 +31,7 @@ size_t srvstr_push_fn(const char *function, unsigned int line, } /* 'normal' push into size-specified buffer */ - return push_string_base(function, line, base_ptr, smb_flags2, dest, src, + return push_string_base(base_ptr, smb_flags2, dest, src, dest_len, flags); } diff --git a/source3/wscript_build b/source3/wscript_build index cb3bbc29be..fa8c18edaa 100755 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -77,7 +77,7 @@ LIB_SRC = ''' lib/access.c lib/smbrun.c lib/bitmap.c lib/dprintf.c lib/wins_srv.c - lib/clobber.c lib/util_sid.c + lib/util_sid.c lib/util_file.c lib/util.c lib/util_names.c lib/util_sock.c lib/sock_exec.c lib/util_sec.c |