summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ntdomain.h2
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c6
-rw-r--r--source3/smbd/close.c103
-rw-r--r--source3/smbd/dfree.c14
-rw-r--r--source3/smbd/pipes.c16
5 files changed, 84 insertions, 57 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index f1f9dcec4f..147150d978 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -321,7 +321,7 @@ typedef struct smb_np_struct {
* returns: state information representing the connection.
* is stored in np_state, above.
*/
- void * (*namedpipe_create)(char *pipe_name,
+ void * (*namedpipe_create)(const char *pipe_name,
connection_struct *conn, uint16 vuid);
/* call to perform a write / read namedpipe transaction.
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index fac3df453a..0dd3ee82a7 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -65,7 +65,7 @@ static ssize_t read_from_internal_pipe(void *np_conn, char *data, size_t n,
BOOL *is_data_outstanding);
static ssize_t write_to_internal_pipe(void *np_conn, char *data, size_t n);
static BOOL close_internal_rpc_pipe_hnd(void *np_conn);
-static void *make_internal_rpc_pipe_p(char *pipe_name,
+static void *make_internal_rpc_pipe_p(const char *pipe_name,
connection_struct *conn, uint16 vuid);
/****************************************************************************
@@ -167,7 +167,7 @@ static BOOL pipe_init_outgoing_data(pipes_struct *p)
Find first available pipe slot.
****************************************************************************/
-smb_np_struct *open_rpc_pipe_p(char *pipe_name,
+smb_np_struct *open_rpc_pipe_p(const char *pipe_name,
connection_struct *conn, uint16 vuid)
{
int i;
@@ -275,7 +275,7 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name,
Make an internal namedpipes structure
****************************************************************************/
-static void *make_internal_rpc_pipe_p(char *pipe_name,
+static void *make_internal_rpc_pipe_p(const char *pipe_name,
connection_struct *conn, uint16 vuid)
{
pipes_struct *p;
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 40db9f9b7f..aee1c92f7b 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -1,20 +1,20 @@
-/*
+/*
Unix SMB/CIFS implementation.
file closing
Copyright (C) Andrew Tridgell 1992-1998
Copyright (C) Jeremy Allison 1992-2007.
Copyright (C) Volker Lendecke 2005
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -29,60 +29,73 @@ extern struct current_user current_user;
static void check_magic(files_struct *fsp,connection_struct *conn)
{
- if (!*lp_magicscript(SNUM(conn)))
+ int ret;
+ const char *magic_output = NULL;
+ SMB_STRUCT_STAT st;
+ int tmp_fd, outfd;
+ TALLOC_CTX *ctx = NULL;
+ const char *p;
+
+ if (!*lp_magicscript(SNUM(conn))) {
return;
+ }
DEBUG(5,("checking magic for %s\n",fsp->fsp_name));
- {
- char *p;
- if (!(p = strrchr_m(fsp->fsp_name,'/')))
- p = fsp->fsp_name;
- else
- p++;
+ if (!(p = strrchr_m(fsp->fsp_name,'/'))) {
+ p = fsp->fsp_name;
+ } else {
+ p++;
+ }
- if (!strequal(lp_magicscript(SNUM(conn)),p))
- return;
+ if (!strequal(lp_magicscript(SNUM(conn)),p)) {
+ return;
}
- {
- int ret;
- pstring magic_output;
- pstring fname;
- SMB_STRUCT_STAT st;
- int tmp_fd, outfd;
-
- pstrcpy(fname,fsp->fsp_name);
- if (*lp_magicoutput(SNUM(conn)))
- pstrcpy(magic_output,lp_magicoutput(SNUM(conn)));
- else
- slprintf(magic_output,sizeof(fname)-1, "%s.out",fname);
-
- chmod(fname,0755);
- ret = smbrun(fname,&tmp_fd);
- DEBUG(3,("Invoking magic command %s gave %d\n",fname,ret));
- unlink(fname);
- if (ret != 0 || tmp_fd == -1) {
- if (tmp_fd != -1)
- close(tmp_fd);
- return;
- }
- outfd = open(magic_output, O_CREAT|O_EXCL|O_RDWR, 0600);
- if (outfd == -1) {
- close(tmp_fd);
- return;
- }
+ ctx = talloc_stackframe();
+
+ if (*lp_magicoutput(SNUM(conn))) {
+ magic_output = lp_magicoutput(SNUM(conn));
+ } else {
+ magic_output = talloc_asprintf(ctx,
+ "%s.out",
+ fsp->fsp_name);
+ }
+ if (!magic_output) {
+ TALLOC_FREE(ctx);
+ return;
+ }
- if (sys_fstat(tmp_fd,&st) == -1) {
+ chmod(fsp->fsp_name,0755);
+ ret = smbrun(fsp->fsp_name,&tmp_fd);
+ DEBUG(3,("Invoking magic command %s gave %d\n",
+ fsp->fsp_name,ret));
+
+ unlink(fsp->fsp_name);
+ if (ret != 0 || tmp_fd == -1) {
+ if (tmp_fd != -1) {
close(tmp_fd);
- close(outfd);
- return;
}
+ TALLOC_FREE(ctx);
+ return;
+ }
+ outfd = open(magic_output, O_CREAT|O_EXCL|O_RDWR, 0600);
+ if (outfd == -1) {
+ close(tmp_fd);
+ TALLOC_FREE(ctx);
+ return;
+ }
- transfer_file(tmp_fd,outfd,(SMB_OFF_T)st.st_size);
+ if (sys_fstat(tmp_fd,&st) == -1) {
close(tmp_fd);
close(outfd);
+ return;
}
+
+ transfer_file(tmp_fd,outfd,(SMB_OFF_T)st.st_size);
+ close(tmp_fd);
+ close(outfd);
+ TALLOC_FREE(ctx);
}
/****************************************************************************
@@ -90,7 +103,7 @@ static void check_magic(files_struct *fsp,connection_struct *conn)
****************************************************************************/
static NTSTATUS close_filestruct(files_struct *fsp)
-{
+{
NTSTATUS status = NT_STATUS_OK;
connection_struct *conn = fsp->conn;
diff --git a/source3/smbd/dfree.c b/source3/smbd/dfree.c
index 2290558f0a..9439468600 100644
--- a/source3/smbd/dfree.c
+++ b/source3/smbd/dfree.c
@@ -81,10 +81,18 @@ SMB_BIG_UINT sys_disk_free(connection_struct *conn, const char *path, BOOL small
dfree_command = lp_dfree_command(SNUM(conn));
if (dfree_command && *dfree_command) {
const char *p;
- char **lines;
- pstring syscmd;
+ char **lines = NULL;
+ char *syscmd = NULL;
+
+ syscmd = talloc_asprintf(talloc_tos(),
+ "%s %s",
+ dfree_command,
+ path);
+
+ if (!syscmd) {
+ return (SMB_BIG_UINT)-1;
+ }
- slprintf(syscmd, sizeof(syscmd)-1, "%s %s", dfree_command, path);
DEBUG (3, ("disk_free: Running command %s\n", syscmd));
lines = file_lines_pload(syscmd, NULL);
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index f43e243453..9906bfb45b 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -55,15 +55,21 @@ extern struct pipe_id_info pipe_names[];
void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req)
{
- pstring fname;
- pstring pipe_name;
+ const char *fname = NULL;
+ char *pipe_name = NULL;
smb_np_struct *p;
int size=0,fmode=0,mtime=0,rmode=0;
int i;
+ TALLOC_CTX *ctx = talloc_tos();
/* XXXX we need to handle passed times, sattr and flags */
- srvstr_pull_buf(req->inbuf, req->flags2, pipe_name,
- smb_buf(req->inbuf), sizeof(pipe_name), STR_TERMINATE);
+ srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &pipe_name,
+ smb_buf(req->inbuf), STR_TERMINATE);
+ if (!pipe_name) {
+ reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
+ ERRDOS, ERRbadpipe);
+ return;
+ }
/* If the name doesn't start \PIPE\ then this is directed */
/* at a mailslot or something we really, really don't understand, */
@@ -89,7 +95,7 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req)
}
/* Strip \PIPE\ off the name. */
- pstrcpy(fname, pipe_name + PIPELEN);
+ fname = pipe_name + PIPELEN;
#if 0
/*