8 files changed, 86 insertions, 53 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index cc442422e8..5a168380a7 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -391,10 +391,13 @@ bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src,
 		      size_t *converted_size);
 bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
 		       size_t *converted_size);
-size_t push_string_fn(const char *function, unsigned int line,
-		      const void *base_ptr, uint16 flags2,
-		      void *dest, const char *src,
-		      size_t dest_len, int flags);
+size_t push_string_check_fn(const char *function, unsigned int line,
+			    void *dest, const char *src,
+			    size_t dest_len, int flags);
+size_t push_string_base(const char *function, unsigned int line,
+			const char *base, uint16 flags2, 
+			void *dest, const char *src,
+			size_t dest_len, int flags);
 size_t pull_string_fn(const char *function,
 			unsigned int line,
 			const void *base_ptr,
diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h
index a7230964c9..43e43416d8 100644
--- a/source3/include/safe_string.h
+++ b/source3/include/safe_string.h
@@ -130,13 +130,9 @@ size_t __unsafe_string_function_usage_here_char__(void);
 	safe_strcat_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
 			dest,src,maxlength)
 
-#define push_string(base_ptr, dest, src, dest_len, flags) \
-	push_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
-			base_ptr, 0, dest, src, dest_len, flags)
-
-#define pull_string(base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \
-	pull_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
-			base_ptr, smb_flags2, dest, src, dest_len, src_len, flags)
+#define push_string_check(dest, src, dest_len, flags) \
+	push_string_check_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
+			dest, src, dest_len, flags)
 
 #define pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \
 	pull_string_talloc_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
@@ -182,15 +178,10 @@ size_t __unsafe_string_function_usage_here_char__(void);
     ? __unsafe_string_function_usage_here__() \
     : safe_strcat_fn(fn_name, fn_line, (d), (s), (max_len)))
 
-#define push_string_fn2(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags) \
-    (CHECK_STRING_SIZE(dest, dest_len) \
-    ? __unsafe_string_function_usage_here_size_t__() \
-    : push_string_fn(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags))
-
-#define pull_string_fn2(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \
+#define push_string_check_fn2(fn_name, fn_line, dest, src, dest_len, flags) \
     (CHECK_STRING_SIZE(dest, dest_len) \
     ? __unsafe_string_function_usage_here_size_t__() \
-    : pull_string_fn(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags))
+    : push_string_check_fn(fn_name, fn_line, dest, src, dest_len, flags))
 
 #define pull_string_talloc_fn2(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \
     pull_string_talloc_fn(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags)
@@ -214,8 +205,7 @@ size_t __unsafe_string_function_usage_here_char__(void);
 
 #define safe_strcpy_fn2 safe_strcpy_fn
 #define safe_strcat_fn2 safe_strcat_fn
-#define push_string_fn2 push_string_fn
-#define pull_string_fn2 pull_string_fn
+#define push_string_check_fn2 push_string_check_fn
 #define pull_string_talloc_fn2 pull_string_talloc_fn
 #define clistr_push_fn2 clistr_push_fn
 #define clistr_pull_fn2 clistr_pull_fn
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 03b32c13d4..0c0d654e99 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -1766,6 +1766,44 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
 /**
  Copy a string from a char* src to a unicode or ascii
  dos codepage destination choosing unicode or ascii based on the 
+ flags supplied
+ Return the number of bytes occupied by the string in the destination.
+ flags can have:
+  STR_TERMINATE means include the null termination.
+  STR_UPPER     means uppercase in the destination.
+  STR_ASCII     use ascii even with unicode packet.
+  STR_NOALIGN   means don't do alignment.
+ dest_len is the maximum length allowed in the destination. If dest_len
+ is -1 then no maxiumum is used.
+**/
+
+size_t push_string_check_fn(const char *function, unsigned int line,
+			    void *dest, const char *src,
+			    size_t dest_len, int flags)
+{
+#ifdef DEVELOPER
+	/* We really need to zero fill here, not clobber
+	 * region, as we want to ensure that valgrind thinks
+	 * all of the outgoing buffer has been written to
+	 * so a send() or write() won't trap an error.
+	 * JRA.
+	 */
+#if 0
+	clobber_region(function, line, dest, dest_len);
+#else
+	memset(dest, '\0', dest_len);
+#endif
+#endif
+
+	if (!(flags & STR_ASCII) && (flags & STR_UNICODE)) {
+		return push_ucs2(NULL, dest, src, dest_len, flags);
+	}
+	return push_ascii(dest, src, dest_len, flags);
+}
+
+/**
+ Copy a string from a char* src to a unicode or ascii
+ dos codepage destination choosing unicode or ascii based on the 
  flags in the SMB buffer starting at base_ptr.
  Return the number of bytes occupied by the string in the destination.
  flags can have:
@@ -1777,10 +1815,10 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
  is -1 then no maxiumum is used.
 **/
 
-size_t push_string_fn(const char *function, unsigned int line,
-		      const void *base_ptr, uint16 flags2,
-		      void *dest, const char *src,
-		      size_t dest_len, int flags)
+size_t push_string_base(const char *function, unsigned int line,
+			const char *base, uint16 flags2, 
+			void *dest, const char *src,
+			size_t dest_len, int flags)
 {
 #ifdef DEVELOPER
 	/* We really need to zero fill here, not clobber
@@ -1799,7 +1837,7 @@ size_t push_string_fn(const char *function, unsigned int line,
 	if (!(flags & STR_ASCII) && \
 	    ((flags & STR_UNICODE || \
 	      (flags2 & FLAGS2_UNICODE_STRINGS)))) {
-		return push_ucs2(base_ptr, dest, src, dest_len, flags);
+		return push_ucs2(base, dest, src, dest_len, flags);
 	}
 	return push_ascii(dest, src, dest_len, flags);
 }
diff --git a/source3/libsmb/clistr.c b/source3/libsmb/clistr.c
index 8685781404..1f296ebd09 100644
--- a/source3/libsmb/clistr.c
+++ b/source3/libsmb/clistr.c
@@ -32,21 +32,23 @@ size_t clistr_push_fn(const char *function,
 	if (dest_len == -1) {
 		if (((ptrdiff_t)dest < (ptrdiff_t)cli->outbuf) || (buf_used > cli->bufsize)) {
 			DEBUG(0, ("Pushing string of 'unlimited' length into non-SMB buffer!\n"));
-			return push_string_fn(function, line,
-					      cli->outbuf,
-					      SVAL(cli->outbuf, smb_flg2),
-					      dest, src, -1, flags);
+			return push_string_base(function, line,
+						cli->outbuf,
+						SVAL(cli->outbuf, smb_flg2),
+						dest, src, -1, flags);
 		}
-		return push_string_fn(function, line, cli->outbuf,
-				      SVAL(cli->outbuf, smb_flg2),
-				      dest, src, cli->bufsize - buf_used,
-				      flags);
+		return push_string_base(function, line, 
+					cli->outbuf,
+					SVAL(cli->outbuf, smb_flg2),
+					dest, src, cli->bufsize - buf_used,
+					flags);
 	}
 
 	/* 'normal' push into size-specified buffer */
-	return push_string_fn(function, line, cli->outbuf,
-			      SVAL(cli->outbuf, smb_flg2),
-			      dest, src, dest_len, flags);
+	return push_string_base(function, line, 
+				cli->outbuf,
+				SVAL(cli->outbuf, smb_flg2),
+				dest, src, dest_len, flags);
 }
 
 size_t clistr_pull_fn(const char *function,
diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c
index 70377cba7d..98c50596be 100644
--- a/source3/libsmb/ntlmssp_parse.c
+++ b/source3/libsmb/ntlmssp_parse.c
@@ -106,8 +106,8 @@ bool msrpc_gen(DATA_BLOB *blob,
 			SSVAL(blob->data, head_ofs, n*2); head_ofs += 2;
 			SSVAL(blob->data, head_ofs, n*2); head_ofs += 2;
 			SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4;
-			push_string(NULL, blob->data+data_ofs,
-					s, n*2, STR_UNICODE|STR_NOALIGN);
+			push_string_check(blob->data+data_ofs,
+					  s, n*2, STR_UNICODE|STR_NOALIGN);
 			data_ofs += n*2;
 			break;
 		case 'A':
@@ -116,8 +116,8 @@ bool msrpc_gen(DATA_BLOB *blob,
 			SSVAL(blob->data, head_ofs, n); head_ofs += 2;
 			SSVAL(blob->data, head_ofs, n); head_ofs += 2;
 			SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4;
-			push_string(NULL, blob->data+data_ofs,
-					s, n, STR_ASCII|STR_NOALIGN);
+			push_string_check(blob->data+data_ofs,
+				    s, n, STR_ASCII|STR_NOALIGN);
 			data_ofs += n;
 			break;
 		case 'a':
@@ -127,7 +127,7 @@ bool msrpc_gen(DATA_BLOB *blob,
 			n = str_charnum(s);
 			SSVAL(blob->data, data_ofs, n*2); data_ofs += 2;
 			if (0 < n) {
-				push_string(NULL, blob->data+data_ofs, s, n*2,
+				push_string_check(blob->data+data_ofs, s, n*2,
 					    STR_UNICODE|STR_NOALIGN);
 			}
 			data_ofs += n*2;
@@ -156,8 +156,8 @@ bool msrpc_gen(DATA_BLOB *blob,
 		case 'C':
 			s = va_arg(ap, char *);
 			n = str_charnum(s) + 1;
-			head_ofs += push_string(NULL, blob->data+head_ofs, s, n,
-						STR_ASCII|STR_TERMINATE);
+			head_ofs += push_string_check(blob->data+head_ofs, s, n,
+						      STR_ASCII|STR_TERMINATE);
 			break;
 		}
 	}
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index ee162b1b2d..a76be3cc1a 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -499,9 +499,9 @@ bool encode_pw_buffer(uint8 buffer[516], const char *password, int string_flags)
 	/* the incoming buffer can be any alignment. */
 	string_flags |= STR_NOALIGN;
 
-	new_pw_len = push_string(NULL, new_pw,
-				 password, 
-				 sizeof(new_pw), string_flags);
+	new_pw_len = push_string_check(new_pw,
+				       password, 
+				       sizeof(new_pw), string_flags);
 	
 	memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
 
diff --git a/source3/nmbd/nmbd_sendannounce.c b/source3/nmbd/nmbd_sendannounce.c
index d5a7ba58fd..8eb1da7d38 100644
--- a/source3/nmbd/nmbd_sendannounce.c
+++ b/source3/nmbd/nmbd_sendannounce.c
@@ -74,7 +74,7 @@ to subnet %s\n", work->work_group, subrec->subnet_name));
 
 	SCVAL(p,0,work->token); /* (local) Unique workgroup token id. */
 	p++;
-	p +=  push_string(NULL, p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
+	p +=  push_string_check(p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
   
 	send_mailslot(False, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf),
 		global_myname(), 0x0, work->work_group,0x1e, subrec->bcast_ip, 
@@ -105,7 +105,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type,
 
 	safe_strcpy(upper_server_name, server_name, sizeof(upper_server_name)-1);
 	strupper_m(upper_server_name);
-	push_string(NULL, p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE);
+	push_string_check(p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE);
 
 	SCVAL(p,21,lp_major_announce_version()); /* Major version. */
 	SCVAL(p,22,lp_minor_announce_version()); /* Minor version. */
@@ -115,7 +115,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type,
 	SSVAL(p,27,BROWSER_ELECTION_VERSION);
 	SSVAL(p,29,BROWSER_CONSTANT); /* Browse signature. */
 
-	p += 31 + push_string(NULL, p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE);
+	p += 31 + push_string_check(p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE);
 
 	send_mailslot(False,BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
 			from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
@@ -143,8 +143,8 @@ static void send_lm_announcement(struct subnet_record *subrec, int announce_type
 	SSVAL(p,8,announce_interval);            /* In seconds - according to spec. */
 
 	p += 10;
-	p += push_string(NULL, p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
-	p += push_string(NULL, p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE);
+	p += push_string_check(p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
+	p += push_string_check(p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE);
 
 	send_mailslot(False,LANMAN_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
 		from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
diff --git a/source3/smbd/srvstr.c b/source3/smbd/srvstr.c
index 62b0fe1617..d3f341138c 100644
--- a/source3/smbd/srvstr.c
+++ b/source3/smbd/srvstr.c
@@ -32,8 +32,8 @@ size_t srvstr_push_fn(const char *function, unsigned int line,
 	}
 
 	/* 'normal' push into size-specified buffer */
-	return push_string_fn(function, line, base_ptr, smb_flags2, dest, src,
-			      dest_len, flags);
+	return push_string_base(function, line, base_ptr, smb_flags2, dest, src,
+				dest_len, flags);
 }
 
 /*******************************************************************