diff options
29 files changed, 563 insertions, 406 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 13fc968b88..1ab0c8b3eb 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -188,15 +188,14 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx, if (*workstation_list) { bool invalid_ws = True; - fstring tok; + char *tok; const char *s = workstation_list; const char *machine_name = talloc_asprintf(mem_ctx, "%s$", user_info->wksta_name); if (machine_name == NULL) return NT_STATUS_NO_MEMORY; - - - while (next_token(&s, tok, ",", sizeof(tok))) { + + while (next_token_talloc(mem_ctx, &s, &tok, ",")) { DEBUG(10,("sam_account_ok: checking for workstation match %s and %s\n", tok, user_info->wksta_name)); if(strequal(tok, user_info->wksta_name)) { @@ -211,9 +210,11 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx, break; } } + TALLOC_FREE(tok); } - - if (invalid_ws) + TALLOC_FREE(tok); + + if (invalid_ws) return NT_STATUS_INVALID_WORKSTATION; } @@ -221,7 +222,7 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx, DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", pdb_get_username(sampass))); return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT; } - + if (acct_ctrl & ACB_SVRTRUST) { if (!(user_info->logon_parameters & MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT)) { DEBUG(2,("sam_account_ok: Server trust account %s denied by server\n", pdb_get_username(sampass))); diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 8b10be93fc..7c99848612 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -32,10 +32,10 @@ extern userdom_struct current_user_info; static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) { struct cli_state *cli = NULL; - fstring desthost; + char *desthost = NULL; struct sockaddr_storage dest_ss; const char *p; - char *pserver; + char *pserver = NULL; bool connected_ok = False; if (!(cli = cli_initialise())) @@ -47,11 +47,16 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) pserver = talloc_strdup(mem_ctx, lp_passwordserver()); p = pserver; - while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) { + while(next_token_talloc(mem_ctx, &p, &desthost, LIST_SEP)) { NTSTATUS status; - standard_sub_basic(current_user_info.smb_name, current_user_info.domain, - desthost, sizeof(desthost)); + desthost = talloc_sub_basic(mem_ctx, + current_user_info.smb_name, + current_user_info.domain, + desthost); + if (!desthost) { + return NULL; + } strupper_m(desthost); if(!resolve_name( desthost, &dest_ss, 0x20)) { @@ -64,9 +69,9 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) continue; } - /* we use a mutex to prevent two connections at once - when a - Win2k PDC get two connections where one hasn't completed a - session setup yet it will send a TCP reset to the first + /* we use a mutex to prevent two connections at once - when a + Win2k PDC get two connections where one hasn't completed a + session setup yet it will send a TCP reset to the first connection (tridge) */ if (!grab_server_mutex(desthost)) { @@ -81,27 +86,27 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) } DEBUG(10,("server_cryptkey: failed to connect to server %s. Error %s\n", desthost, nt_errstr(status) )); + release_server_mutex(); } if (!connected_ok) { - release_server_mutex(); DEBUG(0,("password server not available\n")); cli_shutdown(cli); return NULL; } - - if (!attempt_netbios_session_request(&cli, global_myname(), + + if (!attempt_netbios_session_request(&cli, global_myname(), desthost, &dest_ss)) { release_server_mutex(); DEBUG(1,("password server fails session request\n")); cli_shutdown(cli); return NULL; } - + if (strequal(desthost,myhostname())) { exit_server_cleanly("Password server loop!"); } - + DEBUG(3,("got session\n")); if (!cli_negprot(cli)) { @@ -119,9 +124,9 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) return NULL; } - /* Get the first session setup done quickly, to avoid silly + /* Get the first session setup done quickly, to avoid silly Win2k bugs. (The next connection to the server will kill - this one... + this one... */ if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0, @@ -132,11 +137,11 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) cli_shutdown(cli); return NULL; } - + release_server_mutex(); DEBUG(3,("password server OK\n")); - + return cli; } diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c index 739e0a78fd..554df3c157 100644 --- a/source3/auth/pampass.c +++ b/source3/auth/pampass.c @@ -207,15 +207,17 @@ struct chat_struct { static struct chat_struct *make_pw_chat(const char *p) { - fstring prompt; - fstring reply; + char *prompt; + char *reply; struct chat_struct *list = NULL; struct chat_struct *t; + TALLOC_CTX *frame = talloc_stackframe(); while (1) { t = SMB_MALLOC_P(struct chat_struct); if (!t) { DEBUG(0,("make_pw_chat: malloc failed!\n")); + TALLOC_FREE(frame); return NULL; } @@ -223,22 +225,26 @@ static struct chat_struct *make_pw_chat(const char *p) DLIST_ADD_END(list, t, struct chat_struct*); - if (!next_token(&p, prompt, NULL, sizeof(fstring))) + if (!next_token_talloc(frame, &p, &prompt, NULL)) { break; + } - if (strequal(prompt,".")) + if (strequal(prompt,".")) { fstrcpy(prompt,"*"); + } special_char_sub(prompt); fstrcpy(t->prompt, prompt); strlower_m(t->prompt); trim_char(t->prompt, ' ', ' '); - if (!next_token(&p, reply, NULL, sizeof(fstring))) + if (!next_token_talloc(frame, &p, reply, NULL)) { break; + } - if (strequal(reply,".")) - fstrcpy(reply,""); + if (strequal(reply,".")) { + fstrcpy(reply,""); + } special_char_sub(reply); fstrcpy(t->reply, reply); @@ -246,6 +252,7 @@ static struct chat_struct *make_pw_chat(const char *p) trim_char(t->reply, ' ', ' '); } + TALLOC_FREE(frame); return list; } diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c index ab7ac0b913..205111e5ac 100644 --- a/source3/groupdb/mapping_ldb.c +++ b/source3/groupdb/mapping_ldb.c @@ -578,8 +578,9 @@ static int upgrade_alias_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, void *state) { const char *p = (const char *)data.dptr; - fstring string_sid; + char *string_sid; DOM_SID member; + TALLOC_CTX *frame; if (strncmp((char *)key.dptr, MEMBEROF_PREFIX, MIN(key.dsize, strlen(MEMBEROF_PREFIX))) != 0) { @@ -592,7 +593,8 @@ static int upgrade_alias_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key, *(int *)state = -1; } - while (next_token(&p, string_sid, " ", sizeof(string_sid))) { + frame = talloc_stackframe(); + while (next_token_talloc(frame,&p, &string_sid, " ")) { DOM_SID alias; NTSTATUS status; string_to_sid(&alias, string_sid); @@ -604,10 +606,11 @@ static int upgrade_alias_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key, DEBUG(0,("Failed to add alias member during upgrade - %s\n", nt_errstr(status))); *(int *)state = -1; + TALLOC_FREE(frame); return -1; } } - + TALLOC_FREE(frame); return 0; } diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c index 539b02e54b..2e4ed4623e 100644 --- a/source3/groupdb/mapping_tdb.c +++ b/source3/groupdb/mapping_tdb.c @@ -388,9 +388,11 @@ static bool enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_ static NTSTATUS one_alias_membership(const DOM_SID *member, DOM_SID **sids, size_t *num) { - fstring key, string_sid; + fstring key; + char *string_sid; TDB_DATA dbuf; const char *p; + TALLOC_CTX *frame; sid_to_string(string_sid, member); slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid); @@ -402,19 +404,20 @@ static NTSTATUS one_alias_membership(const DOM_SID *member, } p = (const char *)dbuf.dptr; - - while (next_token(&p, string_sid, " ", sizeof(string_sid))) { - + frame = talloc_stackframe(); + while (next_token_talloc(frame, &p, &string_sid, " ")) { DOM_SID alias; if (!string_to_sid(&alias, string_sid)) continue; if (!add_sid_to_array_unique(NULL, &alias, sids, num)) { + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } } + TALLOC_FREE(frame); SAFE_FREE(dbuf.dptr); return NT_STATUS_OK; } @@ -518,7 +521,8 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, { struct aliasmem_closure *closure = (struct aliasmem_closure *)state; const char *p; - fstring alias_string; + char *alias_string; + TALLOC_CTX *frame; if (strncmp((const char *)key.dptr, MEMBEROF_PREFIX, strlen(MEMBEROF_PREFIX)) != 0) @@ -526,11 +530,10 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, p = (const char *)data.dptr; - while (next_token(&p, alias_string, " ", sizeof(alias_string))) { - + frame = talloc_stackframe(); + while (next_token_talloc(frame, &p, &alias_string, " ")) { DOM_SID alias, member; const char *member_string; - if (!string_to_sid(&alias, alias_string)) continue; @@ -552,13 +555,14 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data, if (!string_to_sid(&member, member_string)) continue; - + if (!add_sid_to_array(NULL, &member, closure->sids, closure->num)) { /* talloc fail. */ break; } } + TALLOC_FREE(frame); return 0; } diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c index 4b1ec556c5..b3b000579f 100644 --- a/source3/lib/sharesec.c +++ b/source3/lib/sharesec.c @@ -290,10 +290,10 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, SEC_DESC **ppsd) uint32 g_access; uint32 s_access; DOM_SID sid; - fstring sidstr; + char *sidstr; uint8 type = SEC_ACE_TYPE_ACCESS_ALLOWED; - if (!next_token(&pacl, sidstr, ":", sizeof(sidstr))) { + if (!next_token_talloc(ctx, &pacl, &sidstr, ":")) { DEBUG(0,("parse_usershare_acl: malformed usershare acl looking " "for ':' in string '%s'\n", pacl)); return False; diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index e49db340ae..e919cc5a46 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -785,9 +785,10 @@ static void print_socket_options(int s) void set_socket_options(int fd, const char *options) { - fstring tok; + TALLOC_CTX *ctx = talloc_stackframe(); + char *tok; - while (next_token(&options,tok," \t,", sizeof(tok))) { + while (next_token_talloc(ctx, &options, &tok," \t,")) { int ret=0,i; int value = 1; char *p; @@ -836,6 +837,7 @@ void set_socket_options(int fd, const char *options) } } + TALLOC_FREE(ctx); print_socket_options(fd); } diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index 2c0d86ec9a..ee76e33de8 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -29,62 +29,6 @@ * @brief String utilities. **/ -/** - * Internal function to get the next token from a string, return false if none - * found. Handles double-quotes. This is the work horse function called by - * next_token() and next_token_no_ltrim(). - * - * Based on a routine by GJC@VILLAGE.COM. - * Extensively modified by Andrew.Tridgell@anu.edu.au - */ -static bool next_token_internal(const char **ptr, - char *buff, - const char *sep, - size_t bufsize, - bool ltrim) -{ - char *s; - char *pbuf; - bool quoted; - size_t len=1; - - if (!ptr) - return(false); - - s = (char *)*ptr; - - /* default to simple separators */ - if (!sep) - sep = " \t\n\r"; - - /* find the first non sep char, if left-trimming is requested */ - if (ltrim) { - while (*s && strchr_m(sep,*s)) - s++; - } - - /* nothing left? */ - if (! *s) - return(false); - - /* copy over the token */ - pbuf = buff; - for (quoted = false; len < bufsize && *s && - (quoted || !strchr_m(sep,*s)); s++) { - if ( *s == '\"' ) { - quoted = !quoted; - } else { - len++; - *pbuf++ = *s; - } - } - - *ptr = (*s) ? s+1 : s; - *pbuf = 0; - - return(true); -} - static bool next_token_internal_talloc(TALLOC_CTX *ctx, const char **ptr, char **pp_buff, @@ -111,8 +55,9 @@ static bool next_token_internal_talloc(TALLOC_CTX *ctx, /* find the first non sep char, if left-trimming is requested */ if (ltrim) { - while (*s && strchr_m(sep,*s)) + while (*s && strchr_m(sep,*s)) { s++; + } } /* nothing left? */ @@ -157,6 +102,7 @@ static bool next_token_internal_talloc(TALLOC_CTX *ctx, return true; } +#if 0 /* * Get the next token from a string, return false if none found. Handles * double-quotes. This version trims leading separator characters before @@ -166,6 +112,7 @@ bool next_token(const char **ptr, char *buff, const char *sep, size_t bufsize) { return next_token_internal(ptr, buff, sep, bufsize, true); } +#endif bool next_token_talloc(TALLOC_CTX *ctx, const char **ptr, @@ -180,13 +127,6 @@ bool next_token_talloc(TALLOC_CTX *ctx, * double-quotes. This version does not trim leading separator characters * before looking for a token. */ -bool next_token_no_ltrim(const char **ptr, - char *buff, - const char *sep, - size_t bufsize) -{ - return next_token_internal(ptr, buff, sep, bufsize, false); -} bool next_token_no_ltrim_talloc(TALLOC_CTX *ctx, const char **ptr, @@ -204,18 +144,6 @@ but beware the fact that it is not re-entrant! static const char *last_ptr=NULL; -bool next_token_nr(const char **ptr,char *buff, const char *sep, size_t bufsize) -{ - bool ret; - if (!ptr) { - ptr = &last_ptr; - } - - ret = next_token(ptr, buff, sep, bufsize); - last_ptr = *ptr; - return ret; -} - bool next_token_nr_talloc(TALLOC_CTX *ctx, const char **ptr, char **pp_buff, @@ -1097,23 +1025,16 @@ char *hex_encode(TALLOC_CTX *mem_ctx, const unsigned char *buff_in, size_t len) bool in_list(const char *s, const char *list, bool casesensitive) { - char *tok; - const char *p=list; - size_t bufsize = strlen(list); + char *tok = NULL; bool ret = false; + TALLOC_CTX *frame; - if (!list) - return(false); - - /* We know a token can't be larger - * than the entire list. */ - - tok = SMB_MALLOC_ARRAY(char, bufsize+1); - if (!tok) { + if (!list) { return false; } - while (next_token(&p,tok,LIST_SEP,bufsize+1)) { + frame = talloc_stackframe(); + while (next_token_talloc(frame, &list, &tok,LIST_SEP)) { if (casesensitive) { if (strcmp(tok,s) == 0) { ret = true; @@ -1126,8 +1047,7 @@ bool in_list(const char *s, const char *list, bool casesensitive) } } } - - SAFE_FREE(tok); + TALLOC_FREE(frame); return ret; } @@ -2409,7 +2329,8 @@ char *ipstr_list_make(char **ipstr_list, int ipstr_list_parse(const char *ipstr_list, struct ip_service **ip_list) { - fstring token_str; + TALLOC_CTX *frame; + char *token_str = NULL; size_t count; int i; @@ -2423,8 +2344,9 @@ int ipstr_list_parse(const char *ipstr_list, struct ip_service **ip_list) return 0; } - for ( i=0; next_token(&ipstr_list, token_str, - IPSTR_LIST_SEP, FSTRING_LEN) && i<count; i++ ) { + frame = talloc_stackframe(); + for ( i=0; next_token_talloc(frame, &ipstr_list, &token_str, + IPSTR_LIST_SEP) && i<count; i++ ) { char *s = token_str; char *p = strrchr(token_str, ':'); @@ -2449,7 +2371,7 @@ int ipstr_list_parse(const char *ipstr_list, struct ip_service **ip_list) continue; } } - + TALLOC_FREE(frame); return count; } diff --git a/source3/libgpo/gpo_fetch.c b/source3/libgpo/gpo_fetch.c index d9995eca21..916db2b3d3 100644 --- a/source3/libgpo/gpo_fetch.c +++ b/source3/libgpo/gpo_fetch.c @@ -30,7 +30,6 @@ NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx, char **nt_path, char **unix_path) { - fstring tok; char *path = NULL; *server = NULL; @@ -42,22 +41,14 @@ NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - if (!next_token(&file_sys_path, tok, "\\", sizeof(tok))) { + if (!next_token_talloc(mem_ctx, &file_sys_path, server, "\\")) { return NT_STATUS_INVALID_PARAMETER; } - if ((*server = talloc_strdup(mem_ctx, tok)) == NULL) { - return NT_STATUS_NO_MEMORY; - } - - if (!next_token(&file_sys_path, tok, "\\", sizeof(tok))) { + if (!next_token_talloc(mem_ctx, &file_sys_path, service, "\\")) { return NT_STATUS_INVALID_PARAMETER; } - if ((*service = talloc_strdup(mem_ctx, tok)) == NULL) { - return NT_STATUS_NO_MEMORY; - } - if ((*nt_path = talloc_asprintf(mem_ctx, "\\%s", file_sys_path)) == NULL) { return NT_STATUS_NO_MEMORY; @@ -91,7 +82,7 @@ static NTSTATUS gpo_prepare_local_store(TALLOC_CTX *mem_ctx, { const char *top_dir = lock_path(GPO_CACHE_DIR); char *current_dir; - fstring tok; + char *tok; current_dir = talloc_strdup(mem_ctx, top_dir); NT_STATUS_HAVE_NO_MEMORY(current_dir); @@ -100,15 +91,13 @@ static NTSTATUS gpo_prepare_local_store(TALLOC_CTX *mem_ctx, return NT_STATUS_ACCESS_DENIED; } - while (next_token(&unix_path, tok, "/", sizeof(tok))) { - + while (next_token_talloc(mem_ctx, &unix_path, &tok, "/")) { if (strequal(tok, GPO_CACHE_DIR)) { break; } } - while (next_token(&unix_path, tok, "/", sizeof(tok))) { - + while (next_token_talloc(mem_ctx, &unix_path, &tok, "/")) { current_dir = talloc_asprintf_append_buffer(current_dir, "/%s", tok); NT_STATUS_HAVE_NO_MEMORY(current_dir); diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index d996d61a48..549574caad 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -1592,6 +1592,7 @@ done: krb5_error_code ret = 0; TALLOC_CTX *mem_ctx; char keytab_string[MAX_KEYTAB_NAME_LEN]; + char *kt_str = NULL; bool found_valid_name = False; const char *pragma = "FILE"; const char *tmp = NULL; @@ -1654,29 +1655,27 @@ done: ret = ENOMEM; goto out; } - + if (strncmp(tmp, "ANY:", 4) == 0) { tmp += 4; } memset(&keytab_string, '\0', sizeof(keytab_string)); - while (next_token(&tmp, keytab_string, ",", sizeof(keytab_string))) { - - if (strncmp(keytab_string, "WRFILE:", 7) == 0) { + while (next_token_talloc(mem_ctx, &tmp, &kt_str, ",")) { + if (strncmp(kt_str, "WRFILE:", 7) == 0) { found_valid_name = True; - tmp = keytab_string; + tmp = kt_str; tmp += 7; } - if (strncmp(keytab_string, "FILE:", 5) == 0) { + if (strncmp(kt_str, "FILE:", 5) == 0) { found_valid_name = True; - tmp = keytab_string; + tmp = kt_str; tmp += 5; } if (found_valid_name) { - if (tmp[0] != '/') { ret = KRB5_KT_BADNAME; goto out; @@ -1690,7 +1689,7 @@ done: break; } } - + if (!found_valid_name) { ret = KRB5_KT_UNKNOWN_TYPE; goto out; diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index de2eaa7cfa..9f5567576f 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -4219,7 +4219,7 @@ parse_ace(struct cli_state *ipc_cli, { char *p; const char *cp; - fstring tok; + char *tok; unsigned int atype; unsigned int aflags; unsigned int amask; @@ -4230,6 +4230,7 @@ parse_ace(struct cli_state *ipc_cli, const char *perm; uint32 mask; }; + TALLOC_CTX *frame = talloc_stackframe(); /* These values discovered by inspection */ static const struct perm_value special_values[] = { @@ -4252,7 +4253,10 @@ parse_ace(struct cli_state *ipc_cli, ZERO_STRUCTP(ace); p = strchr_m(str,':'); - if (!p) return False; + if (!p) { + TALLOC_FREE(frame); + return False; + } *p = '\0'; p++; /* Try to parse numeric form */ @@ -4265,12 +4269,14 @@ parse_ace(struct cli_state *ipc_cli, /* Try to parse text form */ if (!convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) { - return False; + TALLOC_FREE(frame); + return false; } cp = p; - if (!next_token(&cp, tok, "/", sizeof(fstring))) { - return False; + if (!next_token_talloc(frame, &cp, &tok, "/")) { + TALLOC_FREE(frame); + return false; } if (StrnCaseCmp(tok, "ALLOWED", strlen("ALLOWED")) == 0) { @@ -4278,23 +4284,27 @@ parse_ace(struct cli_state *ipc_cli, } else if (StrnCaseCmp(tok, "DENIED", strlen("DENIED")) == 0) { atype = SEC_ACE_TYPE_ACCESS_DENIED; } else { - return False; + TALLOC_FREE(frame); + return false; } /* Only numeric form accepted for flags at present */ - if (!(next_token(&cp, tok, "/", sizeof(fstring)) && + if (!(next_token_talloc(frame, &cp, &tok, "/") && sscanf(tok, "%i", &aflags))) { - return False; + TALLOC_FREE(frame); + return false; } - if (!next_token(&cp, tok, "/", sizeof(fstring))) { - return False; + if (!next_token_talloc(frame, &cp, &tok, "/")) { + TALLOC_FREE(frame); + return false; } if (strncmp(tok, "0x", 2) == 0) { if (sscanf(tok, "%i", &amask) != 1) { - return False; + TALLOC_FREE(frame); + return false; } goto done; } @@ -4318,18 +4328,23 @@ parse_ace(struct cli_state *ipc_cli, } } - if (!found) return False; + if (!found) { + TALLOC_FREE(frame); + return false; + } p++; } if (*p) { - return False; + TALLOC_FREE(frame); + return false; } done: mask = amask; init_sec_ace(ace, &sid, atype, mask, aflags); - return True; + TALLOC_FREE(frame); + return true; } /* add an ACE to a list of ACEs in a SEC_ACL */ @@ -4368,7 +4383,7 @@ sec_desc_parse(TALLOC_CTX *ctx, char *str) { const char *p = str; - fstring tok; + char *tok; SEC_DESC *ret = NULL; size_t sd_size; DOM_SID *group_sid=NULL; @@ -4376,7 +4391,7 @@ sec_desc_parse(TALLOC_CTX *ctx, SEC_ACL *dacl=NULL; int revision=1; - while (next_token(&p, tok, "\t,\r\n", sizeof(tok))) { + while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) { if (StrnCaseCmp(tok,"REVISION:", 9) == 0) { revision = strtol(tok+9, NULL, 16); @@ -4544,7 +4559,8 @@ dos_attr_parse(SMBCCTX *context, { int n; const char *p = str; - fstring tok; + char *tok = NULL; + TALLOC_CTX *frame = NULL; struct { const char * create_time_attr; const char * access_time_attr; @@ -4577,8 +4593,8 @@ dos_attr_parse(SMBCCTX *context, } } - while (next_token(&p, tok, "\t,\r\n", sizeof(tok))) { - + frame = talloc_stackframe(); + while (next_token_talloc(frame, &p, &tok, "\t,\r\n")) { if (StrnCaseCmp(tok, "MODE:", 5) == 0) { dad->mode = strtol(tok+5, NULL, 16); continue; @@ -4622,6 +4638,7 @@ dos_attr_parse(SMBCCTX *context, continue; } } + TALLOC_FREE(frame); } /***************************************************** diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 04db3322ca..9650b5fc45 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -791,10 +791,10 @@ bool getlmhostsent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, int *name_type, *pp_name = NULL; while(!x_feof(fp) && !x_ferror(fp)) { - char ip[INET6_ADDRSTRLEN]; - fstring flags; - fstring extra; - fstring name; + char *ip; + char *flags; + char *extra; + char *name; const char *ptr; char *ptr1; int count = 0; @@ -815,13 +815,13 @@ bool getlmhostsent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, int *name_type, ptr = line; - if (next_token(&ptr,ip ,NULL,sizeof(ip))) + if (next_token_talloc(ctx, &ptr, &ip, NULL)) ++count; - if (next_token(&ptr,name ,NULL, sizeof(name))) + if (next_token_talloc(ctx, &ptr, &name, NULL)) ++count; - if (next_token(&ptr,flags,NULL, sizeof(flags))) + if (next_token_talloc(ctx, &ptr, &flags, NULL)) ++count; - if (next_token(&ptr,extra,NULL, sizeof(extra))) + if (next_token_talloc(ctx, &ptr, &extra, NULL)) ++count; if (count <= 0) @@ -1422,10 +1422,11 @@ NTSTATUS internal_resolve_name(const char *name, const char *resolve_order) { const char *name_resolve_list; - fstring tok; + char *tok; const char *ptr; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; int i; + TALLOC_CTX *frame = NULL; *return_iplist = NULL; *return_count = 0; @@ -1488,7 +1489,8 @@ NTSTATUS internal_resolve_name(const char *name, /* iterate through the name resolution backends */ - while (next_token(&ptr, tok, LIST_SEP, sizeof(tok))) { + frame = talloc_stackframe(); + while (next_token_talloc(frame, &ptr, &tok, LIST_SEP)) { if((strequal(tok, "host") || strequal(tok, "hosts"))) { status = resolve_hosts(name, name_type, return_iplist, return_count); @@ -1545,6 +1547,7 @@ NTSTATUS internal_resolve_name(const char *name, /* All of the resolve_* functions above have returned false. */ + TALLOC_FREE(frame); SAFE_FREE(*return_iplist); *return_count = 0; @@ -1595,6 +1598,7 @@ NTSTATUS internal_resolve_name(const char *name, DEBUG(10, ("\n")); } + TALLOC_FREE(frame); return status; } @@ -1738,7 +1742,7 @@ static NTSTATUS get_dc_list(const char *domain, const char *p; char *port_str = NULL; int port; - fstring name; + char *name; int num_addresses = 0; int local_count, i, j; struct ip_service *return_iplist = NULL; @@ -1826,7 +1830,7 @@ static NTSTATUS get_dc_list(const char *domain, */ p = pserver; - while (next_token(&p,name,LIST_SEP,sizeof(name))) { + while (next_token_talloc(ctx, &p, &name, LIST_SEP)) { if (strequal(name, "*")) { status = internal_resolve_name(domain, 0x1C, sitename, &auto_ip_list, @@ -1870,7 +1874,7 @@ static NTSTATUS get_dc_list(const char *domain, /* fill in the return list now with real IP's */ while ((local_count<num_addresses) && - next_token(&p,name,LIST_SEP,sizeof(name))) { + next_token_talloc(ctx, &p, &name, LIST_SEP)) { struct sockaddr_storage name_ss; /* copy any addersses from the auto lookup */ diff --git a/source3/nmbd/nmbd_sendannounce.c b/source3/nmbd/nmbd_sendannounce.c index a4e646771f..3cc9bb52b0 100644 --- a/source3/nmbd/nmbd_sendannounce.c +++ b/source3/nmbd/nmbd_sendannounce.c @@ -457,10 +457,11 @@ void announce_remote(time_t t) char *s; const char *ptr; static time_t last_time = 0; - fstring s2; + char *s2; struct in_addr addr; char *comment; int stype = lp_default_server_announce(); + TALLOC_CTX *frame = NULL; if (last_time && (t < (last_time + REMOTE_ANNOUNCE_INTERVAL))) return; @@ -473,7 +474,8 @@ void announce_remote(time_t t) comment = string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH); - for (ptr=s; next_token(&ptr,s2,NULL,sizeof(s2)); ) { + frame = talloc_stackframe(); + for (ptr=s; next_token_talloc(frame,&ptr,&s2,NULL); ) { /* The entries are of the form a.b.c.d/WORKGROUP with WORKGROUP being optional */ const char *wgroup; @@ -510,6 +512,7 @@ void announce_remote(time_t t) comment); } } + TALLOC_FREE(frame); } /**************************************************************************** @@ -522,12 +525,13 @@ void browse_sync_remote(time_t t) char *s; const char *ptr; static time_t last_time = 0; - fstring s2; + char *s2; struct in_addr addr; struct work_record *work; char outbuf[1024]; char *p; unstring myname; + TALLOC_CTX *frame = NULL; if (last_time && (t < (last_time + REMOTE_ANNOUNCE_INTERVAL))) return; @@ -567,7 +571,8 @@ for workgroup %s on subnet %s.\n", lp_workgroup(), FIRST_SUBNET->subnet_name )); p = skip_string(outbuf,sizeof(outbuf),p); - for (ptr=s; next_token(&ptr,s2,NULL,sizeof(s2)); ) { + frame = talloc_stackframe(); + for (ptr=s; next_token_talloc(frame,&ptr,&s2,NULL); ) { /* The entries are of the form a.b.c.d */ (void)interpret_addr2(&addr,s2); @@ -577,4 +582,5 @@ for workgroup %s on subnet %s.\n", lp_workgroup(), FIRST_SUBNET->subnet_name )); send_mailslot(True, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf), global_myname(), 0x0, "*", 0x0, addr, FIRST_SUBNET->myip, DGRAM_PORT); } + TALLOC_FREE(frame); } diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c index 8abf60c8ce..147df68a69 100644 --- a/source3/nmbd/nmbd_synclists.c +++ b/source3/nmbd/nmbd_synclists.c @@ -201,7 +201,7 @@ done: Handle one line from a completed sync file. **********************************************************************/ -static void complete_one(struct sync_record *s, +static void complete_one(struct sync_record *s, char *sname, uint32 stype, char *comment) { struct work_record *work; @@ -258,9 +258,10 @@ static void complete_one(struct sync_record *s, static void complete_sync(struct sync_record *s) { XFILE *f; - unstring server, type_str; + char *server; + char *type_str; unsigned type; - fstring comment; + char *comment; char line[1024]; const char *ptr; int count=0; @@ -271,15 +272,18 @@ static void complete_sync(struct sync_record *s) return; while (!x_feof(f)) { + TALLOC_CTX *frame = NULL; if (!fgets_slash(line,sizeof(line),f)) continue; ptr = line; - if (!next_token(&ptr,server,NULL,sizeof(server)) || - !next_token(&ptr,type_str,NULL, sizeof(type_str)) || - !next_token(&ptr,comment,NULL, sizeof(comment))) { + frame = talloc_stackframe(); + if (!next_token_talloc(frame,&ptr,&server,NULL) || + !next_token_talloc(frame,&ptr,&type_str,NULL) || + !next_token_talloc(frame,&ptr,&comment,NULL)) { + TALLOC_FREE(frame); continue; } @@ -288,8 +292,8 @@ static void complete_sync(struct sync_record *s) complete_one(s, server, type, comment); count++; + TALLOC_FREE(frame); } - x_fclose(f); unlink(s->fname); diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c index 88cc395af4..7dafa66b11 100644 --- a/source3/nmbd/nmbd_winsserver.c +++ b/source3/nmbd/nmbd_winsserver.c @@ -601,30 +601,33 @@ bool initialise_wins(void) } while (!x_feof(fp)) { - fstring name_str; - char ip_str[1024]; - fstring ttl_str, nb_flags_str; + char *name_str = NULL; + char *ip_str = NULL; + char *ttl_str = NULL, *nb_flags_str = NULL; unsigned int num_ips; - char *name; - struct in_addr *ip_list; + char *name = NULL; + struct in_addr *ip_list = NULL; int type = 0; int nb_flags; int ttl; const char *ptr; - char *p; + char *p = NULL; bool got_token; bool was_ip; int i; unsigned int hash; int version; + TALLOC_CTX *frame = NULL; /* Read a line from the wins.dat file. Strips whitespace from the beginning and end of the line. */ - if (!fgets_slash(line,sizeof(line),fp)) + if (!fgets_slash(line,sizeof(line),fp)) { continue; + } - if (*line == '#') + if (*line == '#') { continue; + } if (strncmp(line,"VERSION ", 8) == 0) { if (sscanf(line,"VERSION %d %u", &version, &hash) != 2 || @@ -645,13 +648,16 @@ bool initialise_wins(void) * time to actually parse them into the ip_list array. */ - if (!next_token(&ptr,name_str,NULL,sizeof(name_str))) { + frame = talloc_stackframe(); + if (!next_token_talloc(frame,&ptr,&name_str,NULL)) { DEBUG(0,("initialise_wins: Failed to parse name when parsing line %s\n", line )); + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,ttl_str,NULL,sizeof(ttl_str))) { + if (!next_token_talloc(frame,&ptr,ttl_str,NULL)) { DEBUG(0,("initialise_wins: Failed to parse time to live when parsing line %s\n", line )); + TALLOC_FREE(frame); continue; } @@ -660,22 +666,24 @@ bool initialise_wins(void) */ num_ips = 0; do { - got_token = next_token(&ptr,ip_str,NULL,sizeof(ip_str)); + got_token = next_token_talloc(frame,&ptr,&ip_str,NULL); was_ip = False; if(got_token && strchr(ip_str, '.')) { num_ips++; was_ip = True; } - } while( got_token && was_ip); + } while(got_token && was_ip); if(num_ips == 0) { DEBUG(0,("initialise_wins: Missing IP address when parsing line %s\n", line )); + TALLOC_FREE(frame); continue; } if(!got_token) { DEBUG(0,("initialise_wins: Missing nb_flags when parsing line %s\n", line )); + TALLOC_FREE(frame); continue; } @@ -683,20 +691,21 @@ bool initialise_wins(void) if((ip_list = SMB_MALLOC_ARRAY( struct in_addr, num_ips)) == NULL) { DEBUG(0,("initialise_wins: Malloc fail !\n")); x_fclose(fp); + TALLOC_FREE(frame); return False; } /* Reset and re-parse the line. */ ptr = line; - next_token(&ptr,name_str,NULL,sizeof(name_str)); - next_token(&ptr,ttl_str,NULL,sizeof(ttl_str)); + next_token_talloc(frame,&ptr,&name_str,NULL); + next_token_talloc(frame,&ptr,&ttl_str,NULL); for(i = 0; i < num_ips; i++) { - next_token(&ptr, ip_str, NULL, sizeof(ip_str)); + next_token_talloc(frame,&ptr, &ip_str, NULL); (void)interpret_addr2(&ip_list[i], ip_str); } - next_token(&ptr,nb_flags_str,NULL, sizeof(nb_flags_str)); + next_token_talloc(frame,&ptr,&nb_flags_str,NULL); - /* + /* * Deal with SELF or REGISTER name encoding. Default is REGISTER * for compatibility with old nmbds. */ @@ -704,6 +713,7 @@ bool initialise_wins(void) if(nb_flags_str[strlen(nb_flags_str)-1] == 'S') { DEBUG(5,("initialise_wins: Ignoring SELF name %s\n", line)); SAFE_FREE(ip_list); + TALLOC_FREE(frame); continue; } @@ -740,9 +750,10 @@ bool initialise_wins(void) name, type, ttl, inet_ntoa(ip_list[0]), nb_flags)); } + TALLOC_FREE(frame); SAFE_FREE(ip_list); - } - + } + x_fclose(fp); return True; } diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 488a080287..481f51779f 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -374,20 +374,23 @@ static bool wbinfo_list_domains(bool list_all_domains) if (response.extra_data.data) { const char *extra_data = (char *)response.extra_data.data; - fstring name; + char *name; char *p; + TALLOC_CTX *frame = talloc_stackframe(); - while(next_token(&extra_data, name, "\n", sizeof(fstring))) { + while(next_token_talloc(frame,&extra_data,&name,"\n")) { p = strchr(name, '\\'); if (p == 0) { d_fprintf(stderr, "Got invalid response: %s\n", extra_data); + TALLOC_FREE(frame); + SAFE_FREE(response.extra_data.data); return False; } *p = 0; d_printf("%s\n", name); } - + TALLOC_FREE(frame); SAFE_FREE(response.extra_data.data); } @@ -713,7 +716,7 @@ static bool wbinfo_lookuprids(char *domain, char *arg) int num_rids; uint32 *rids; const char *p; - char ridstr[32]; + char *ridstr; const char **names; enum lsa_SidType *types; const char *domain_name; @@ -752,7 +755,7 @@ static bool wbinfo_lookuprids(char *domain, char *arg) rids = NULL; p = arg; - while (next_token(&p, ridstr, " ,\n", sizeof(ridstr))) { + while (next_token_talloc(mem_ctx, &p, &ridstr, " ,\n")) { uint32 rid = strtoul(ridstr, NULL, 10); ADD_TO_ARRAY(mem_ctx, uint32, rid, &rids, &num_rids); } @@ -1072,13 +1075,14 @@ static bool print_domain_users(const char *domain) struct winbindd_request request; struct winbindd_response response; const char *extra_data; - fstring name; + char *name; + TALLOC_CTX *frame = NULL; /* Send request to winbind daemon */ ZERO_STRUCT(request); ZERO_STRUCT(response); - + if (domain) { /* '.' is the special sign for our own domain */ if ( strequal(domain, ".") ) @@ -1098,9 +1102,11 @@ static bool print_domain_users(const char *domain) extra_data = (const char *)response.extra_data.data; - while(next_token(&extra_data, name, ",", sizeof(fstring))) + frame = talloc_stackframe(); + while(next_token_talloc(frame,&extra_data,&name, ",")) d_printf("%s\n", name); - + TALLOC_FREE(frame); + SAFE_FREE(response.extra_data.data); return True; @@ -1113,7 +1119,8 @@ static bool print_domain_groups(const char *domain) struct winbindd_request request; struct winbindd_response response; const char *extra_data; - fstring name; + TALLOC_CTX *frame = NULL; + char *name; ZERO_STRUCT(request); ZERO_STRUCT(response); @@ -1136,11 +1143,13 @@ static bool print_domain_groups(const char *domain) extra_data = (const char *)response.extra_data.data; - while(next_token(&extra_data, name, ",", sizeof(fstring))) + frame = talloc_stackframe(); + while(next_token_talloc(frame,&extra_data,&name, ",")) d_printf("%s\n", name); + TALLOC_FREE(frame); SAFE_FREE(response.extra_data.data); - + return True; } diff --git a/source3/nsswitch/winbind_nss_linux.c b/source3/nsswitch/winbind_nss_linux.c index 7322da0001..bfac2ecdd1 100644 --- a/source3/nsswitch/winbind_nss_linux.c +++ b/source3/nsswitch/winbind_nss_linux.c @@ -85,7 +85,7 @@ static char *get_static(char **buffer, size_t *buflen, size_t len) /* Error check. We return false if things aren't set up right, or there isn't enough buffer space left. */ - + if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) { return NULL; } @@ -99,46 +99,79 @@ static char *get_static(char **buffer, size_t *buflen, size_t len) return result; } -/* I've copied the strtok() replacement function next_token() from +/* I've copied the strtok() replacement function next_token_Xalloc() from lib/util_str.c as I really don't want to have to link in any other objects if I can possibly avoid it. */ -static bool next_token(char **ptr,char *buff,const char *sep, size_t bufsize) +static bool next_token_alloc(const char **ptr, + char **pp_buff, + const char *sep) { char *s; + char *saved_s; + char *pbuf; bool quoted; size_t len=1; - if (!ptr) return false; + *pp_buff = NULL; + if (!ptr) { + return(false); + } - s = *ptr; + s = (char *)*ptr; /* default to simple separators */ - if (!sep) sep = " \t\n\r"; + if (!sep) { + sep = " \t\n\r"; + } /* find the first non sep char */ - while (*s && strchr(sep,*s)) s++; - + while (*s && strchr(sep,*s)) { + s++; + } + /* nothing left? */ - if (! *s) return false; - - /* copy over the token */ - for (quoted = false; len < bufsize && *s && (quoted || !strchr(sep,*s)); s++) { + if (!*s) { + return false; + } + + /* When restarting we need to go from here. */ + saved_s = s; + + /* Work out the length needed. */ + for (quoted = false; *s && + (quoted || !strchr(sep,*s)); s++) { if (*s == '\"') { quoted = !quoted; } else { len++; - *buff++ = *s; } } - - *ptr = (*s) ? s+1 : s; - *buff = 0; - + + /* We started with len = 1 so we have space for the nul. */ + *pp_buff = malloc(len); + if (!*pp_buff) { + return false; + } + + /* copy over the token */ + pbuf = *pp_buff; + s = saved_s; + for (quoted = false; *s && + (quoted || !strchr(sep,*s)); s++) { + if ( *s == '\"' ) { + quoted = !quoted; + } else { + *pbuf++ = *s; + } + } + + *ptr = (*s) ? s+1 : s; + *pbuf = 0; + return true; } - /* Fill a pwent structure from a winbindd_response structure. We use the static data passed to us by libc to put strings and stuff in. Return NSS_STATUS_TRYAGAIN if we run out of memory. */ @@ -233,7 +266,7 @@ static NSS_STATUS fill_pwent(struct passwd *result, static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, char *gr_mem, char **buffer, size_t *buflen) { - fstring name; + char *name; int i; char *tst; @@ -255,7 +288,6 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, get_static(buffer, buflen, strlen(gr->gr_passwd) + 1)) == NULL) { /* Out of memory */ - return NSS_STATUS_TRYAGAIN; } @@ -276,8 +308,8 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, /* Calculate number of extra bytes needed to align on pointer size boundry */ if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0) i = sizeof(char*) - i; - - if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) * + + if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) * sizeof(char *)+i))) == NULL) { /* Out of memory */ @@ -298,19 +330,16 @@ static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr, i = 0; - while(next_token((char **)&gr_mem, name, ",", sizeof(fstring))) { - + while(next_token_alloc((const char **)&gr_mem, &name, ",")) { /* Allocate space for member */ - - if (((result->gr_mem)[i] = + if (((result->gr_mem)[i] = get_static(buffer, buflen, strlen(name) + 1)) == NULL) { - + free(name); /* Out of memory */ - return NSS_STATUS_TRYAGAIN; - } - + } strcpy((result->gr_mem)[i], name); + free(name); i++; } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 7a3d55999e..205ca68fe3 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -194,7 +194,7 @@ static NTSTATUS ldapsam_get_seq_num(struct pdb_methods *my_methods, time_t *seq_ char **values = NULL; int rc, num_result, num_values, rid; char *suffix = NULL; - fstring tok; + char *tok; const char *p; const char **attrs; @@ -292,7 +292,7 @@ static NTSTATUS ldapsam_get_seq_num(struct pdb_methods *my_methods, time_t *seq_ } p = values[0]; - if (!next_token(&p, tok, "#", sizeof(tok))) { + if (!next_token_talloc(mem_ctx, &p, &tok, "#")) { DEBUG(0,("ldapsam_get_seq_num: failed to parse sequence number\n")); goto done; } diff --git a/source3/printing/lpq_parse.c b/source3/printing/lpq_parse.c index d4520b04ba..56e228f219 100644 --- a/source3/printing/lpq_parse.c +++ b/source3/printing/lpq_parse.c @@ -27,7 +27,7 @@ static const char *Months[13] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", Process time fields ********************************************************************/ -static time_t EntryTime(fstring tok[], int ptr, int count, int minimum) +static time_t EntryTime(char *tok[], int ptr, int count, int minimum) { time_t jobtime,jobtime1; @@ -35,7 +35,6 @@ static time_t EntryTime(fstring tok[], int ptr, int count, int minimum) if (count >= minimum) { struct tm *t; int i, day, hour, min, sec; - char *c; for (i=0; i<13; i++) { if (!strncmp(tok[ptr], Months[i],3)) { @@ -44,12 +43,13 @@ static time_t EntryTime(fstring tok[], int ptr, int count, int minimum) } if (i<12) { + fstring c; t = localtime(&jobtime); if (!t) { return (time_t)-1; } day = atoi(tok[ptr+1]); - c=(char *)(tok[ptr+2]); + fstrcpy(c,tok[ptr+2]); *(c+2)=0; hour = atoi(c); *(c+5)=0; @@ -143,7 +143,7 @@ static bool parse_lpq_bsd(char *line,print_queue_struct *buf,bool first) } #endif /* OSF1 */ - /* FIXME: Use next_token rather than strtok! */ + /* FIXME: Use next_token_talloc rather than strtok! */ tok[0] = strtok(line2," \t"); count++; @@ -255,22 +255,26 @@ static bool parse_lpq_lprng(char *line,print_queue_struct *buf,bool first) #define LPRNG_NTOK 7 #define LPRNG_MAXTOK 128 /* PFMA just to keep us from running away. */ - fstring tokarr[LPRNG_MAXTOK]; + char *tokarr[LPRNG_MAXTOK]; const char *cptr; char *ptr; int num_tok = 0; + TALLOC_CTX *frame = talloc_stackframe(); cptr = line; - while((num_tok < LPRNG_MAXTOK) && next_token( &cptr, tokarr[num_tok], " \t", sizeof(fstring))) { + while((num_tok < LPRNG_MAXTOK) && next_token_talloc(frame, &cptr, + &tokarr[num_tok], " \t")) { num_tok++; } /* We must get at least LPRNG_NTOK tokens. */ if (num_tok < LPRNG_NTOK) { + TALLOC_FREE(frame); return False; } if (!isdigit((int)*tokarr[LPRNG_JOBTOK]) || !isdigit((int)*tokarr[LPRNG_TOTALTOK])) { + TALLOC_FREE(frame); return False; } @@ -317,6 +321,7 @@ static bool parse_lpq_lprng(char *line,print_queue_struct *buf,bool first) buf->fs_file[sizeof(buf->fs_file)-1] = '\0'; } + TALLOC_FREE(frame); return True; } @@ -335,16 +340,18 @@ lazer lazer RUNNING 537 6297doc.A kvintus@IE 0 10 2445 1 1 static bool parse_lpq_aix(char *line,print_queue_struct *buf,bool first) { - fstring tok[11]; + char *tok[11]; int count=0; const char *cline = line; + TALLOC_CTX *frame = talloc_stackframe(); /* handle the case of "(standard input)" as a filename */ string_sub(line,"standard input","STDIN",0); all_string_sub(line,"(","\"",0); all_string_sub(line,")","\"",0); - for (count=0; count<10 && next_token(&cline,tok[count],NULL, sizeof(tok[count])); count++) { + for (count=0; count<10 && + next_token_talloc(frame,&cline,&tok[count],NULL); count++) { ; } @@ -353,21 +360,24 @@ static bool parse_lpq_aix(char *line,print_queue_struct *buf,bool first) if ((count == 7) && ((strcmp(tok[0],"QUEUED") == 0) || (strcmp(tok[0],"HELD") == 0))) { /* the 2nd and 5th columns must be integer */ if (!isdigit((int)*tok[1]) || !isdigit((int)*tok[4])) { + TALLOC_FREE(frame); return False; } buf->size = atoi(tok[4]) * 1024; /* if the fname contains a space then use STDIN */ if (strchr_m(tok[2],' ')) { - fstrcpy(tok[2],"STDIN"); + tok[2] = talloc_strdup(frame,"STDIN"); + if (!tok[2]) { + TALLOC_FREE(frame); + return false; + } } /* only take the last part of the filename */ { - fstring tmp; char *p = strrchr_m(tok[2],'/'); if (p) { - fstrcpy(tmp,p+1); - fstrcpy(tok[2],tmp); + tok[2] = p+1; } } @@ -379,27 +389,31 @@ static bool parse_lpq_aix(char *line,print_queue_struct *buf,bool first) fstrcpy(buf->fs_file,tok[2]); } else { DEBUG(6,("parse_lpq_aix count=%d\n", count)); + TALLOC_FREE(frame); return False; } } else { /* the 4th and 9th columns must be integer */ if (!isdigit((int)*tok[3]) || !isdigit((int)*tok[8])) { + TALLOC_FREE(frame); return False; } buf->size = atoi(tok[8]) * 1024; /* if the fname contains a space then use STDIN */ if (strchr_m(tok[4],' ')) { - fstrcpy(tok[4],"STDIN"); + tok[4] = talloc_strdup(frame,"STDIN"); + if (!tok[4]) { + TALLOC_FREE(frame); + return false; + } } /* only take the last part of the filename */ { - fstring tmp; char *p = strrchr_m(tok[4],'/'); if (p) { - fstrcpy(tmp,p+1); - fstrcpy(tok[4],tmp); + tok[4] = p+1; } } @@ -411,6 +425,7 @@ static bool parse_lpq_aix(char *line,print_queue_struct *buf,bool first) fstrcpy(buf->fs_file,tok[4]); } + TALLOC_FREE(frame); return True; } @@ -438,12 +453,13 @@ static bool parse_lpq_hpux(char *line, print_queue_struct *buf, bool first) with -p option first, to work */ static int base_prio; int count; - char htab = '\011'; + char htab = '\011'; const char *cline = line; - fstring tok[12]; + char *tok[12]; + TALLOC_CTX *frame = talloc_stackframe(); /* If a line begins with a horizontal TAB, it is a subline type */ - + if (line[0] == htab) { /* subline */ /* check if it contains the base priority */ if (!strncmp(line,"\tfence priority : ",18)) { @@ -452,6 +468,7 @@ static bool parse_lpq_hpux(char *line, print_queue_struct *buf, bool first) } if (!header_line_ok) { + TALLOC_FREE(frame); return False; /* incorrect header line */ } @@ -459,35 +476,44 @@ static bool parse_lpq_hpux(char *line, print_queue_struct *buf, bool first) string_sub(line,"standard input","STDIN",0); all_string_sub(line,"(","\"",0); all_string_sub(line,")","\"",0); - - for (count=0; count<2 && next_token(&cline,tok[count],NULL,sizeof(tok[count])); count++) { + + for (count=0; count<2 && + next_token_talloc(frame, &cline, &tok[count],NULL); + count++) { ; } /* we must get 2 tokens */ if (count < 2) { + TALLOC_FREE(frame); return False; } - + /* the 2nd column must be integer */ if (!isdigit((int)*tok[1])) { + TALLOC_FREE(frame); return False; } - + /* if the fname contains a space then use STDIN */ if (strchr_m(tok[0],' ')) { - fstrcpy(tok[0],"STDIN"); + tok[0] = talloc_strdup(frame, "STDIN"); + if (!tok[0]) { + TALLOC_FREE(frame); + return false; + } } - + buf->size = atoi(tok[1]); fstrcpy(buf->fs_file,tok[0]); - + /* fill things from header line */ buf->time = jobtime; buf->job = jobid; buf->status = jobstat; buf->priority = jobprio; fstrcpy(buf->fs_user,jobuser); - + + TALLOC_FREE(frame); return True; } else { /* header line */ header_line_ok=False; /* reset it */ @@ -499,28 +525,32 @@ static bool parse_lpq_hpux(char *line, print_queue_struct *buf, bool first) } else if (base_prio) { base_prio_reset=False; } - + /* handle the dash in the job id */ string_sub(line,"-"," ",0); - - for (count=0; count<12 && next_token(&cline,tok[count],NULL,sizeof(tok[count])); count++) { + + for (count=0; count<12 && + next_token_talloc(frame, &cline, &tok[count],NULL); + count++) { ; } - + /* we must get 8 tokens */ if (count < 8) { + TALLOC_FREE(frame); return False; } - + /* first token must be printer name (cannot check ?) */ /* the 2nd, 5th & 7th column must be integer */ if (!isdigit((int)*tok[1]) || !isdigit((int)*tok[4]) || !isdigit((int)*tok[6])) { + TALLOC_FREE(frame); return False; } jobid = atoi(tok[1]); fstrcpy(jobuser,tok[2]); jobprio = atoi(tok[4]); - + /* process time */ jobtime=EntryTime(tok, 5, count, 8); if (jobprio < base_prio) { @@ -535,8 +565,9 @@ static bool parse_lpq_hpux(char *line, print_queue_struct *buf, bool first) jobstat = LPQ_PRINTING; } } - + header_line_ok=True; /* information is correct */ + TALLOC_FREE(frame); return False; /* need subline info to include into queuelist */ } } @@ -553,12 +584,13 @@ dcslw-897 tridge 4712 Dec 20 10:30:30 being held static bool parse_lpq_sysv(char *line,print_queue_struct *buf,bool first) { - fstring tok[9]; + char *tok[9]; int count=0; char *p; const char *cline = line; + TALLOC_CTX *frame = NULL; - /* + /* * Handle the dash in the job id, but make sure that we skip over * the printer name in case we have a dash in that. * Patch from Dom.Mitchell@palmerharvey.co.uk. @@ -583,28 +615,32 @@ static bool parse_lpq_sysv(char *line,print_queue_struct *buf,bool first) *p = ' '; } - for (count=0; count<9 && next_token(&cline,tok[count],NULL,sizeof(tok[count])); count++) { + frame = talloc_stackframe(); + for (count=0; count<9 && + next_token_talloc(frame, &cline, &tok[count],NULL); + count++) { ; } /* we must get 7 tokens */ if (count < 7) { + TALLOC_FREE(frame); return False; } /* the 2nd and 4th, 6th columns must be integer */ if (!isdigit((int)*tok[1]) || !isdigit((int)*tok[3])) { + TALLOC_FREE(frame); return False; } if (!isdigit((int)*tok[5])) { + TALLOC_FREE(frame); return False; } - /* if the user contains a ! then trim the first part of it */ + /* if the user contains a ! then trim the first part of it */ if ((p=strchr_m(tok[2],'!'))) { - fstring tmp; - fstrcpy(tmp,p+1); - fstrcpy(tok[2],tmp); + tok[2] = p+1; } buf->job = atoi(tok[1]); @@ -620,6 +656,7 @@ static bool parse_lpq_sysv(char *line,print_queue_struct *buf,bool first) buf->time = EntryTime(tok, 4, count, 7); fstrcpy(buf->fs_user,tok[2]); fstrcpy(buf->fs_file,tok[2]); + TALLOC_FREE(frame); return True; } @@ -628,7 +665,7 @@ parse a lpq line here is an example of lpq output under qnx Spooler: /qnx/spooler, on node 1 -Printer: txt (ready) +Printer: txt (ready) 0000: root [job #1 ] active 1146 bytes /etc/profile 0001: root [job #2 ] ready 2378 bytes /etc/install 0002: root [job #3 ] ready 1146 bytes -- standard input -- @@ -636,9 +673,10 @@ Printer: txt (ready) static bool parse_lpq_qnx(char *line,print_queue_struct *buf,bool first) { - fstring tok[7]; + char *tok[7]; int count=0; const char *cline = line; + TALLOC_CTX *frame = NULL; DEBUG(4,("antes [%s]\n", line)); @@ -653,30 +691,33 @@ static bool parse_lpq_qnx(char *line,print_queue_struct *buf,bool first) string_sub(line,"]","",0); DEBUG(4,("despues 2 [%s]\n", line)); - for (count=0; count<7 && next_token(&cline,tok[count],NULL,sizeof(tok[count])); count++) { + frame = talloc_stackframe(); + for (count=0; count<7 && + next_token_talloc(frame,&cline,&tok[count],NULL); + count++) { ; } /* we must get 7 tokens */ if (count < 7) { + TALLOC_FREE(frame); return False; } /* the 3rd and 5th columns must be integer */ if (!isdigit((int)*tok[2]) || !isdigit((int)*tok[4])) { + TALLOC_FREE(frame); return False; } /* only take the last part of the filename */ { - fstring tmp; char *p = strrchr_m(tok[6],'/'); if (p) { - fstrcpy(tmp,p+1); - fstrcpy(tok[6],tmp); + tok[6] = p+1; } } - + buf->job = atoi(tok[2]); buf->size = atoi(tok[4]); buf->status = strequal(tok[3],"active")?LPQ_PRINTING:LPQ_QUEUED; @@ -684,6 +725,7 @@ static bool parse_lpq_qnx(char *line,print_queue_struct *buf,bool first) buf->time = time(NULL); fstrcpy(buf->fs_user,tok[1]); fstrcpy(buf->fs_file,tok[6]); + TALLOC_FREE(frame); return True; } @@ -703,37 +745,47 @@ Local Printer 'lp2' (fjall): static bool parse_lpq_plp(char *line,print_queue_struct *buf,bool first) { - fstring tok[11]; + char *tok[11]; int count=0; const char *cline = line; + TALLOC_CTX *frame = talloc_stackframe(); /* handle the case of "(standard input)" as a filename */ string_sub(line,"stdin","STDIN",0); all_string_sub(line,"(","\"",0); all_string_sub(line,")","\"",0); - - for (count=0; count<11 && next_token(&cline,tok[count],NULL,sizeof(tok[count])); count++) { + + for (count=0; count<11 && + next_token_talloc(frame,&cline,&tok[count],NULL); + count++) { ; } /* we must get 11 tokens */ if (count < 11) { + TALLOC_FREE(frame); return False; } /* the first must be "active" or begin with an integer */ if (strcmp(tok[0],"active") && !isdigit((int)tok[0][0])) { + TALLOC_FREE(frame); return False; } /* the 5th and 8th must be integer */ if (!isdigit((int)*tok[4]) || !isdigit((int)*tok[7])) { + TALLOC_FREE(frame); return False; } /* if the fname contains a space then use STDIN */ if (strchr_m(tok[6],' ')) { - fstrcpy(tok[6],"STDIN"); + tok[6] = talloc_strdup(frame, "STDIN"); + if (!tok[6]) { + TALLOC_FREE(frame); + return false; + } } /* only take the last part of the filename */ @@ -761,6 +813,7 @@ static bool parse_lpq_plp(char *line,print_queue_struct *buf,bool first) buf->time = time(NULL); fstrcpy(buf->fs_user,tok[1]); fstrcpy(buf->fs_file,tok[6]); + TALLOC_FREE(frame); return True; } @@ -944,16 +997,20 @@ parse a vlp line static bool parse_lpq_vlp(char *line,print_queue_struct *buf,bool first) { int toknum = 0; - fstring tok; + char *tok; + TALLOC_CTX *frame = talloc_stackframe(); const char *cline = line; /* First line is printer status */ - if (!isdigit(line[0])) return False; + if (!isdigit(line[0])) { + TALLOC_FREE(frame); + return False; + } /* Parse a print job entry */ - while(next_token(&cline, tok, NULL, sizeof(fstring))) { + while(next_token_talloc(frame, &cline, &tok, NULL)) { switch (toknum) { case 0: buf->job = atoi(tok); @@ -977,6 +1034,7 @@ static bool parse_lpq_vlp(char *line,print_queue_struct *buf,bool first) toknum++; } + TALLOC_FREE(frame); return True; } diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c index 7c4ea18b1e..12a37d10a1 100644 --- a/source3/registry/reg_db.c +++ b/source3/registry/reg_db.c @@ -89,7 +89,8 @@ static bool init_registry_data( void ) char *base = NULL; char *remaining = NULL; TALLOC_CTX *ctx = talloc_tos(); - fstring keyname, subkeyname; + char *keyname; + char *subkeyname; REGSUBKEY_CTR *subkeys; REGVAL_CTR *values; int i; @@ -125,7 +126,7 @@ static bool init_registry_data( void ) } p = path; - while (next_token(&p, keyname, "\\", sizeof(keyname))) { + while (next_token_talloc(ctx, &p, &keyname, "\\")) { /* build up the registry path from the components */ @@ -142,7 +143,10 @@ static bool init_registry_data( void ) /* get the immediate subkeyname (if we have one ) */ - *subkeyname = '\0'; + subkeyname = talloc_strdup(ctx, ""); + if (!subkeyname) { + goto fail; + } if (*p) { TALLOC_FREE(remaining); remaining = talloc_strdup(ctx, p); @@ -151,9 +155,12 @@ static bool init_registry_data( void ) } p2 = remaining; - if (!next_token(&p2, subkeyname, "\\", - sizeof(subkeyname))) { - fstrcpy( subkeyname, p2 ); + if (!next_token_talloc(ctx, &p2, + &subkeyname, "\\")) { + subkeyname = talloc_strdup(ctx,p2); + if (!subkeyname) { + goto fail; + } } } diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index df11c6d75a..65607a4ac8 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -1086,7 +1086,7 @@ bool net_io_r_srv_pwset(const char *desc, NET_R_SRV_PWSET *r_s, prs_struct *ps, static int init_dom_sid2s(TALLOC_CTX *ctx, const char *sids_str, DOM_SID2 **ppsids) { const char *ptr; - fstring s2; + char *s2; int count = 0; DEBUG(4,("init_dom_sid2s: %s\n", sids_str ? sids_str:"")); @@ -1096,9 +1096,11 @@ static int init_dom_sid2s(TALLOC_CTX *ctx, const char *sids_str, DOM_SID2 **ppsi if(sids_str) { int number; DOM_SID2 *sids; + TALLOC_CTX *frame = talloc_stackframe(); /* Count the number of valid SIDs. */ - for (count = 0, ptr = sids_str; next_token(&ptr, s2, NULL, sizeof(s2)); ) { + for (count = 0, ptr = sids_str; + next_token_talloc(frame,&ptr, &s2, NULL); ) { DOM_SID tmpsid; if (string_to_sid(&tmpsid, s2)) count++; @@ -1107,15 +1109,18 @@ static int init_dom_sid2s(TALLOC_CTX *ctx, const char *sids_str, DOM_SID2 **ppsi /* Now allocate space for them. */ if (count) { *ppsids = TALLOC_ZERO_ARRAY(ctx, DOM_SID2, count); - if (*ppsids == NULL) + if (*ppsids == NULL) { + TALLOC_FREE(frame); return 0; + } } else { *ppsids = NULL; } sids = *ppsids; - for (number = 0, ptr = sids_str; next_token(&ptr, s2, NULL, sizeof(s2)); ) { + for (number = 0, ptr = sids_str; + next_token_talloc(frame, &ptr, &s2, NULL); ) { DOM_SID tmpsid; if (string_to_sid(&tmpsid, s2)) { /* count only valid sids */ @@ -1123,6 +1128,7 @@ static int init_dom_sid2s(TALLOC_CTX *ctx, const char *sids_str, DOM_SID2 **ppsi number++; } } + TALLOC_FREE(frame); } return count; diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index aef5adb72f..5a1d71d2af 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -304,34 +304,50 @@ static void pwd_sub(char *buf) static int talktochild(int master, const char *seq) { + TALLOC_CTX *frame = talloc_stackframe(); int count = 0; - fstring issue, expected; + char *issue; + char *expected; - fstrcpy(issue, "."); + issue = talloc_strdup(frame, "."); + if (!issue) { + TALLOC_FREE(frame); + return false; + } - while (next_token(&seq, expected, NULL, sizeof(expected))) - { + while (next_token_talloc(frame, &seq, &expected, NULL)) { pwd_sub(expected); count++; - if (!expect(master, issue, expected)) - { + if (!expect(master, issue, expected)) { DEBUG(3, ("Response %d incorrect\n", count)); - return False; + TALLOC_FREE(frame); + return false; } - if (!next_token(&seq, issue, NULL, sizeof(issue))) - fstrcpy(issue, "."); - + if (!next_token_talloc(frame, &seq, &issue, NULL)) { + issue = talloc_strdup(frame, "."); + if (!issue) { + TALLOC_FREE(frame); + return false; + } + } pwd_sub(issue); } + if (!strequal(issue, ".")) { /* we have one final issue to send */ - fstrcpy(expected, "."); - if (!expect(master, issue, expected)) + expected = talloc_strdup(frame, "."); + if (!expected) { + TALLOC_FREE(frame); + return false; + } + if (!expect(master, issue, expected)) { + TALLOC_FREE(frame); return False; + } } - + TALLOC_FREE(frame); return (count > 0); } diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b194fc6231..feb5fa4b05 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1177,11 +1177,13 @@ static int get_server_info(uint32 servertype, struct srv_info_struct *s; const char *ptr = lines[i]; bool ok = True; + TALLOC_CTX *frame = NULL; + char *p; if (!*ptr) { continue; } - + if (count == alloced) { alloced += 10; *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); @@ -1193,26 +1195,43 @@ static int get_server_info(uint32 servertype, memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); } s = &(*servers)[count]; - - if (!next_token(&ptr,s->name, NULL, sizeof(s->name))) { + + frame = talloc_stackframe(); + s->name[0] = '\0'; + if (!next_token_talloc(frame,&ptr,&p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,stype, NULL, sizeof(stype))) { + fstrcpy(s->name, p); + + stype[0] = '\0'; + if (!next_token_talloc(frame,&ptr, &p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) { + fstrcpy(stype, p); + + s->comment[0] = '\0'; + if (!next_token_talloc(frame,&ptr, &p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,s->domain, NULL, sizeof(s->domain))) { + fstrcpy(s->comment, p); + + s->domain[0] = '\0'; + if (!next_token_talloc(frame,&ptr,&p, NULL)) { /* this allows us to cope with an old nmbd */ - fstrcpy(s->domain,lp_workgroup()); + fstrcpy(s->domain,lp_workgroup()); + } else { + fstrcpy(s->domain, p); } - - if (sscanf(stype,"%X",&s->type) != 1) { - DEBUG(4,("r:host file ")); - ok = False; + TALLOC_FREE(frame); + + if (sscanf(stype,"%X",&s->type) != 1) { + DEBUG(4,("r:host file ")); + ok = False; } - + /* Filter the servers/domains we return based on what was asked for. */ /* Check to see if we are being asked for a local list only. */ @@ -1222,11 +1241,11 @@ static int get_server_info(uint32 servertype, } /* doesn't match up: don't want it */ - if (!(servertype & s->type)) { - DEBUG(4,("r:serv type ")); - ok = False; + if (!(servertype & s->type)) { + DEBUG(4,("r:serv type ")); + ok = False; } - + if ((servertype & SV_TYPE_DOMAIN_ENUM) != (s->type & SV_TYPE_DOMAIN_ENUM)) { DEBUG(4,("s: dom mismatch ")); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 328993f6b0..6b1ab6ff17 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -352,9 +352,10 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ /* Now open a listen socket for each of the interfaces. */ for(i = 0; i < num_interfaces; i++) { + TALLOC_CTX *frame = NULL; const struct sockaddr_storage *ifss = iface_n_sockaddr_storage(i); - fstring tok; + char *tok; const char *ptr; if (ifss == NULL) { @@ -364,8 +365,9 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ continue; } - for (ptr=ports; next_token(&ptr, tok, " \t,", - sizeof(tok)); ) { + frame = talloc_stackframe(); + for (ptr=ports; + next_token_talloc(frame,&ptr, &tok, " \t,");) { unsigned port = atoi(tok); if (port == 0 || port > 0xffff) { continue; @@ -389,6 +391,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ DEBUG(0,("open_sockets_smbd: listen: " "%s\n", strerror(errno))); close(s); + TALLOC_FREE(frame); return False; } FD_SET(s,&listen_set); @@ -398,18 +401,21 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ if (num_sockets >= FD_SETSIZE) { DEBUG(0,("open_sockets_smbd: Too " "many sockets to bind to\n")); + TALLOC_FREE(frame); return False; } } + TALLOC_FREE(frame); } } else { /* Just bind to 0.0.0.0 - accept connections from anywhere. */ - fstring tok; + TALLOC_CTX *frame = talloc_stackframe(); + char *tok; const char *ptr; const char *sock_addr = lp_socket_address(); - fstring sock_tok; + char *sock_tok; const char *sock_ptr; if (strequal(sock_addr, "0.0.0.0") || @@ -421,10 +427,9 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ #endif } - for (sock_ptr=sock_addr; next_token(&sock_ptr, sock_tok, " \t,", - sizeof(sock_tok)); ) { - for (ptr=ports; next_token(&ptr, tok, " \t,", - sizeof(tok)); ) { + for (sock_ptr=sock_addr; + next_token_talloc(frame, &sock_ptr, &sock_tok, " \t,"); ) { + for (ptr=ports; next_token_talloc(frame, &ptr, &tok, " \t,"); ) { struct sockaddr_storage ss; unsigned port = atoi(tok); @@ -456,6 +461,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ "listen: %s\n", strerror(errno))); close(s); + TALLOC_FREE(frame); return False; } @@ -468,10 +474,12 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ if (num_sockets >= FD_SETSIZE) { DEBUG(0,("open_sockets_smbd: Too " "many sockets to bind to\n")); + TALLOC_FREE(frame); return False; } } } + TALLOC_FREE(frame); } SAFE_FREE(ports); diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index b41142a087..3f78d6ced8 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -4359,9 +4359,10 @@ static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens) struct winbindd_request request; struct winbindd_response response; const char *extra_data; - fstring name; + char *name; int i; struct user_token *result; + TALLOC_CTX *frame = NULL; if (lp_winbind_use_default_domain() && (opt_target_workgroup == NULL)) { @@ -4374,7 +4375,7 @@ static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens) ZERO_STRUCT(request); ZERO_STRUCT(response); - + if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -4387,7 +4388,8 @@ static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens) extra_data = (const char *)response.extra_data.data; *num_tokens = 0; - while(next_token(&extra_data, name, ",", sizeof(fstring))) { + frame = talloc_stackframe(); + while(next_token_talloc(frame, &extra_data, &name, ",")) { *num_tokens += 1; } @@ -4395,14 +4397,14 @@ static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens) if (result == NULL) { DEBUG(1, ("Could not malloc sid array\n")); + TALLOC_FREE(frame); return False; } extra_data = (const char *)response.extra_data.data; i=0; - while(next_token(&extra_data, name, ",", sizeof(fstring))) { - + while(next_token_talloc(frame, &extra_data, &name, ",")) { fstring domain, user; char *p; @@ -4425,7 +4427,7 @@ static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens) get_user_sids(domain, user, &(result[i].token)); i+=1; } - + TALLOC_FREE(frame); SAFE_FREE(response.extra_data.data); *user_tokens = result; diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c index d40b953707..bcfb37713c 100644 --- a/source3/utils/net_rpc_printer.c +++ b/source3/utils/net_rpc_printer.c @@ -514,17 +514,17 @@ static NTSTATUS net_copy_driverfile(TALLOC_CTX *mem_ctx, const char *p; char *src_name; char *dst_name; - fstring version; - fstring filename; - fstring tok; + char *version; + char *filename; + char *tok; /* scroll through the file until we have the part beyond archi_table.short_archi */ p = file; - while (next_token(&p, tok, "\\", sizeof(tok))) { + while (next_token_talloc(mem_ctx, &p, &tok, "\\")) { if (strequal(tok, short_archi)) { - next_token(&p, version, "\\", sizeof(version)); - next_token(&p, filename, "\\", sizeof(filename)); + next_token_talloc(mem_ctx, &p, &version, "\\"); + next_token_talloc(mem_ctx, &p, &filename, "\\"); } } diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index e03222b005..cd2c78f8f3 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -148,7 +148,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) { char *p; const char *cp; - fstring tok; + char *tok; unsigned int atype = 0; unsigned int aflags = 0; unsigned int amask = 0; @@ -156,8 +156,10 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) SEC_ACCESS mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); + TALLOC_CTX *frame = talloc_stackframe(); if (!str) { + TALLOC_FREE(frame); return False; } @@ -166,6 +168,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) if (!p) { printf("ACE '%s': missing ':'.\n", orig_str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } *p = '\0'; @@ -183,14 +186,16 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) printf("ACE '%s': failed to convert '%s' to SID\n", orig_str, str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } cp = p; - if (!next_token(&cp, tok, "/", sizeof(fstring))) { + if (!next_token_talloc(frame, &cp, &tok, "/")) { printf("ACE '%s': failed to find '/' character.\n", orig_str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } @@ -202,24 +207,27 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) printf("ACE '%s': missing 'ALLOWED' or 'DENIED' entry at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } /* Only numeric form accepted for flags at present */ /* no flags on share permissions */ - if (!(next_token(&cp, tok, "/", sizeof(fstring)) && + if (!(next_token_talloc(frame, &cp, &tok, "/") && sscanf(tok, "%i", &aflags) && aflags == 0)) { printf("ACE '%s': bad integer flags entry at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } - if (!next_token(&cp, tok, "/", sizeof(fstring))) { + if (!next_token_talloc(frame, &cp, &tok, "/")) { printf("ACE '%s': missing / at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } @@ -227,6 +235,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) if (sscanf(tok, "%i", &amask) != 1) { printf("ACE '%s': bad hex number at '%s'\n", orig_str, tok); + TALLOC_FREE(frame); SAFE_FREE(str); return False; } @@ -255,6 +264,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) if (!found) { printf("ACE '%s': bad permission value at '%s'\n", orig_str, p); + TALLOC_FREE(frame); SAFE_FREE(str); return False; } @@ -262,6 +272,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) } if (*p) { + TALLOC_FREE(frame); SAFE_FREE(str); return False; } @@ -270,6 +281,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) mask = amask; init_sec_ace(ace, &sid, atype, mask, aflags); SAFE_FREE(str); + TALLOC_FREE(frame); return True; } diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 1057d35db3..e5ba8e5d0b 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -272,7 +272,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, { char *p; const char *cp; - fstring tok; + char *tok; unsigned int atype = 0; unsigned int aflags = 0; unsigned int amask = 0; @@ -280,8 +280,10 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, SEC_ACCESS mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); + TALLOC_CTX *frame = talloc_stackframe(); if (!str) { + TALLOC_FREE(frame); return False; } @@ -290,6 +292,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, if (!p) { printf("ACE '%s': missing ':'.\n", orig_str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } *p = '\0'; @@ -307,14 +310,16 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, printf("ACE '%s': failed to convert '%s' to SID\n", orig_str, str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } cp = p; - if (!next_token(&cp, tok, "/", sizeof(fstring))) { + if (!next_token_talloc(frame, &cp, &tok, "/")) { printf("ACE '%s': failed to find '/' character.\n", orig_str); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } @@ -326,23 +331,26 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, printf("ACE '%s': missing 'ALLOWED' or 'DENIED' entry at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } /* Only numeric form accepted for flags at present */ - if (!(next_token(&cp, tok, "/", sizeof(fstring)) && + if (!(next_token_talloc(frame, &cp, &tok, "/") && sscanf(tok, "%i", &aflags))) { printf("ACE '%s': bad integer flags entry at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } - if (!next_token(&cp, tok, "/", sizeof(fstring))) { + if (!next_token_talloc(frame, &cp, &tok, "/")) { printf("ACE '%s': missing / at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } @@ -351,6 +359,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, printf("ACE '%s': bad hex number at '%s'\n", orig_str, tok); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } goto done; @@ -379,12 +388,14 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, printf("ACE '%s': bad permission value at '%s'\n", orig_str, p); SAFE_FREE(str); + TALLOC_FREE(frame); return False; } p++; } if (*p) { + TALLOC_FREE(frame); SAFE_FREE(str); return False; } @@ -392,6 +403,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, done: mask = amask; init_sec_ace(ace, &sid, atype, mask, aflags); + TALLOC_FREE(frame); SAFE_FREE(str); return True; } @@ -418,18 +430,17 @@ static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace) } /* parse a ascii version of a security descriptor */ -static SEC_DESC *sec_desc_parse(struct cli_state *cli, char *str) +static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str) { const char *p = str; - fstring tok; + char *tok; SEC_DESC *ret = NULL; size_t sd_size; DOM_SID *grp_sid=NULL, *owner_sid=NULL; SEC_ACL *dacl=NULL; int revision=1; - while (next_token(&p, tok, "\t,\r\n", sizeof(tok))) { - + while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) { if (strncmp(tok,"REVISION:", 9) == 0) { revision = strtol(tok+9, NULL, 16); continue; @@ -479,7 +490,7 @@ static SEC_DESC *sec_desc_parse(struct cli_state *cli, char *str) goto done; } - ret = make_sec_desc(talloc_tos(),revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, + ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid, NULL, dacl, &sd_size); done: @@ -677,7 +688,7 @@ static int cacl_set(struct cli_state *cli, char *filename, size_t sd_size; int result = EXIT_OK; - sd = sec_desc_parse(cli, the_acl); + sd = sec_desc_parse(talloc_tos(), cli, the_acl); if (!sd) return EXIT_PARSE_ERROR; if (test_args) return EXIT_OK; diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 4b052a8576..4eda0fcada 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -222,9 +222,9 @@ static NTSTATUS append_afs_token(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, +static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *info3, - const char *group_sid) + const char *group_sid) /** * Check whether a user belongs to a group or list of groups. * @@ -239,15 +239,16 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, { DOM_SID *require_membership_of_sid; size_t num_require_membership_of_sid; - fstring req_sid; + char *req_sid; const char *p; DOM_SID sid; size_t i; struct nt_user_token *token; + TALLOC_CTX *frame = NULL; NTSTATUS status; /* Parse the 'required group' SID */ - + if (!group_sid || !group_sid[0]) { /* NO sid supplied, all users may access */ return NT_STATUS_OK; @@ -263,10 +264,12 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, p = group_sid; - while (next_token(&p, req_sid, ",", sizeof(req_sid))) { + frame = talloc_stackframe(); + while (next_token_talloc(frame, &p, &req_sid, ",")) { if (!string_to_sid(&sid, req_sid)) { DEBUG(0, ("check_info3_in_group: could not parse %s " "as a SID!", req_sid)); + TALLOC_FREE(frame); return NT_STATUS_INVALID_PARAMETER; } @@ -274,10 +277,13 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, &require_membership_of_sid, &num_require_membership_of_sid)) { DEBUG(0, ("add_sid_to_array failed\n")); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } } + TALLOC_FREE(frame); + status = sid_array_from_info3(mem_ctx, info3, &token->user_sids, &token->num_sids, |