diff options
49 files changed, 283 insertions, 89 deletions
diff --git a/libgpo/gpext/gpext.c b/libgpo/gpext/gpext.c index 8bda729d69..df84475754 100644 --- a/libgpo/gpext/gpext.c +++ b/libgpo/gpext/gpext.c @@ -440,7 +440,9 @@ static WERROR gp_extension_store_reg_entry(TALLOC_CTX *mem_ctx, subkeyname = GUID_string2(mem_ctx, &entry->guid); W_ERROR_HAVE_NO_MEMORY(subkeyname); - strupper_m(discard_const_p(char, subkeyname)); + if (!strupper_m(discard_const_p(char, subkeyname))) { + return WERR_INVALID_PARAM; + } werr = gp_store_reg_subkey(mem_ctx, subkeyname, diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index b757894a7c..d61a0ec7bf 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -97,7 +97,9 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_ fstrcpy(user, user_info->client.account_name); if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) { - strupper_m(user); + if (!strupper_m(user)) { + return NT_STATUS_INVALID_PARAMETER; + } return nt_status_string_to_code(user); } diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 5863d72f38..32ba97aaa4 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -61,7 +61,10 @@ size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags) if (!tmpbuf) { smb_panic("malloc fail"); } - strupper_m(tmpbuf); + if (!strupper_m(tmpbuf)) { + SAFE_FREE(tmpbuf); + return (size_t)-1; + } src = tmpbuf; } diff --git a/source3/lib/username.c b/source3/lib/username.c index 5192004365..7435a59ac7 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -128,7 +128,10 @@ static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx, } /* Try as uppercase, if username wasn't originally uppercase */ - strupper_m(user2); + if (!strupper_m(user2)) { + goto done; + } + if(strcmp(user, user2) != 0) { DEBUG(5,("Trying _Get_Pwnam(), username as uppercase is %s\n", user2)); diff --git a/source3/lib/util_names.c b/source3/lib/util_names.c index 0e128eab1c..cf54a0eece 100644 --- a/source3/lib/util_names.c +++ b/source3/lib/util_names.c @@ -63,8 +63,7 @@ static bool set_my_netbios_names(const char *name, int i) smb_my_netbios_names[i] = SMB_STRDUP(name); if (!smb_my_netbios_names[i]) return False; - strupper_m(smb_my_netbios_names[i]); - return True; + return strupper_m(smb_my_netbios_names[i]); } /*********************************************************************** diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index f97cd3cc25..b740de6659 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -58,7 +58,7 @@ bool strnequal(const char *s1,const char *s2,size_t n) void strnorm(char *s, int case_default) { if (case_default == CASE_UPPER) - strupper_m(s); + (void)strupper_m(s); /* FIXME - return a bool here. */ else strlower_m(s); } @@ -575,7 +575,6 @@ bool strupper_m(char *s) /* Catch mb conversion errors that may not terminate. */ if (errno) { s[len-1] = '\0'; - ret = false; } errno = errno_save; return ret; @@ -989,7 +988,11 @@ int asprintf_strupper_m(char **strp, const char *fmt, ...) if (ret == -1) return -1; - strupper_m(result); + if (!strupper_m(result)) { + SAFE_FREE(result); + return -1; + } + *strp = result; return ret; } @@ -1006,7 +1009,10 @@ char *talloc_asprintf_strupper_m(TALLOC_CTX *t, const char *fmt, ...) if (ret == NULL) { return NULL; } - strupper_m(ret); + if (!strupper_m(ret)) { + TALLOC_FREE(ret); + return NULL; + } return ret; } diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 7e95380011..80f99de482 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -861,7 +861,9 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, fname, realm, domain )); realm_upper = talloc_strdup(fname, realm); - strupper_m(realm_upper); + if (!strupper_m(realm_upper)) { + goto done; + } kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss, kdc_name); if (!kdc_ip_string) { diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 0e23a6add3..eb2603b672 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -564,7 +564,10 @@ int ads_keytab_create_default(ADS_STRUCT *ads) /* upper case the sAMAccountName to make it easier for apps to know what case to use in the keytab file */ - strupper_m(sam_account_name); + if (!strupper_m(sam_account_name)) { + ret = -1; + goto done; + } ret = ads_keytab_add_entry(ads, sam_account_name); if (ret != 0) { diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 640a020a8b..fa88244598 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -298,7 +298,11 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc) ads->config.flags = cldap_reply.server_type; ads->config.ldap_server_name = SMB_STRDUP(cldap_reply.pdc_dns_name); ads->config.realm = SMB_STRDUP(cldap_reply.dns_domain); - strupper_m(ads->config.realm); + if (!strupper_m(ads->config.realm)) { + ret = false; + goto out; + } + ads->config.bind_path = ads_build_dn(ads->config.realm); if (*cldap_reply.server_site) { ads->config.server_site_name = @@ -1945,7 +1949,11 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n ads_msgfree(ads, res); return ADS_ERROR(LDAP_NO_MEMORY); } - strupper_m(psp1); + if (!strupper_m(psp1)) { + ret = ADS_ERROR(LDAP_NO_MEMORY); + goto out; + } + strlower_m(&psp1[strlen(spn)]); servicePrincipalName[0] = psp1; @@ -1959,7 +1967,11 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n ret = ADS_ERROR(LDAP_NO_MEMORY); goto out; } - strupper_m(psp2); + if (!strupper_m(psp2)) { + ret = ADS_ERROR(LDAP_NO_MEMORY); + goto out; + } + strlower_m(&psp2[strlen(spn)]); servicePrincipalName[1] = psp2; diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index ee3a693f71..a04ac9dd69 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -653,7 +653,12 @@ static ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, } strlower_m(server); - strupper_m(server_realm); + if (!strupper_m(server_realm)) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } + if (asprintf(&princ, "ldap/%s@%s", server, server_realm) == -1) { SAFE_FREE(server); SAFE_FREE(server_realm); @@ -679,7 +684,11 @@ static ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, } strlower_m(server); - strupper_m(server_realm); + if (!strupper_m(server_realm)) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } if (asprintf(&princ, "ldap/%s@%s", server, server_realm) == -1) { SAFE_FREE(server); SAFE_FREE(server_realm); diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 399c13a86a..5806f7bc75 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -136,7 +136,10 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name, *cp++ = '\0'; SAFE_FREE(my_ads->auth.realm); my_ads->auth.realm = smb_xstrdup(cp); - strupper_m(my_ads->auth.realm); + if (!strupper_m(my_ads->auth.realm)) { + ads_destroy(&my_ads); + return ADS_ERROR_LDAP(LDAP_NO_MEMORY); + } } } @@ -381,7 +384,9 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, if (!spn) { return ADS_ERROR_LDAP(LDAP_NO_MEMORY); } - strupper_m(spn); + if (!strupper_m(spn)) { + return ADS_ERROR_LDAP(LDAP_NO_MEMORY); + } spn_array[0] = spn; if (!name_to_fqdn(my_fqdn, r->in.machine_name) diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index cd914bf852..b74faa6fd9 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -2048,7 +2048,9 @@ NTSTATUS cli_session_setup(struct cli_state *cli, (p=strchr_m(user2,*lp_winbind_separator()))) { *p = 0; user = p+1; - strupper_m(user2); + if (!strupper_m(user2)) { + return NT_STATUS_INVALID_PARAMETER; + } workgroup = user2; } diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index 6685fbd1d8..7c185ef5ad 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -117,13 +117,17 @@ bool cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation) SSVAL(p,0,1); p += 2; strlcpy(p,user,sizeof(param)-PTR_DIFF(p,param)); - strupper_m(p); + if (!strupper_m(p)) { + return false; + } p += 21; p++; p += 15; p++; strlcpy(p, workstation,sizeof(param)-PTR_DIFF(p,param)); - strupper_m(p); + if (!strupper_m(p)) { + return false; + } p += 16; SSVAL(p, 0, CLI_BUFFER_SIZE); p += 2; diff --git a/source3/libsmb/clirap2.c b/source3/libsmb/clirap2.c index 1333f468f4..05d8fb2a29 100644 --- a/source3/libsmb/clirap2.c +++ b/source3/libsmb/clirap2.c @@ -1876,12 +1876,16 @@ bool cli_NetWkstaUserLogoff(struct cli_state *cli, const char *user, const char PUTDWORD(p, 0); /* Null pointer */ PUTDWORD(p, 0); /* Null pointer */ strlcpy(upperbuf, user, sizeof(upperbuf)); - strupper_m(upperbuf); + if (!strupper_m(upperbuf)) { + return false; + } tmp = upperbuf; PUTSTRINGF(p, tmp, RAP_USERNAME_LEN); p++; /* strange format, but ok */ strlcpy(upperbuf, workstation, sizeof(upperbuf)); - strupper_m(upperbuf); + if (!strupper_m(upperbuf)) { + return false; + } tmp = upperbuf; PUTSTRINGF(p, tmp, RAP_MACHNAME_LEN); PUTWORD(p, CLI_BUFFER_SIZE); diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c index f4c2fc1929..df5eeb8d89 100644 --- a/source3/libsmb/namequery_dc.c +++ b/source3/libsmb/namequery_dc.c @@ -137,7 +137,10 @@ static bool ads_dc_name(const char *domain, SAFE_FREE(sitename); fstrcpy(srv_name, ads->config.ldap_server_name); - strupper_m(srv_name); + if (!strupper_m(srv_name)) { + ads_destroy(&ads); + return false; + } #ifdef HAVE_ADS *dc_ss = ads->ldap.ss; #else diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c index 767ff81476..a6816db5b9 100644 --- a/source3/libsmb/nmblib.c +++ b/source3/libsmb/nmblib.c @@ -933,7 +933,7 @@ void make_nmb_name( struct nmb_name *n, const char *name, int type) fstring unix_name; memset( (char *)n, '\0', sizeof(struct nmb_name) ); fstrcpy(unix_name, name); - strupper_m(unix_name); + (void)strupper_m(unix_name); push_ascii(n->name, unix_name, sizeof(n->name), STR_TERMINATE); n->name_type = (unsigned int)type & 0xFF; push_ascii(n->scope, lp_netbios_scope(), 64, STR_TERMINATE); @@ -1277,7 +1277,9 @@ char *name_mangle(TALLOC_CTX *mem_ctx, const char *In, char name_type) nstring buf_dos; pull_ascii_fstring(buf_unix, In); - strupper_m(buf_unix); + if (!strupper_m(buf_unix)) { + return NULL; + } push_ascii_nstring(buf_dos, buf_unix); put_name(buf, buf_dos, ' ', name_type); diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c index f984f75e9f..a3ce8c1cc5 100644 --- a/source3/modules/vfs_streams_depot.c +++ b/source3/modules/vfs_streams_depot.c @@ -345,7 +345,10 @@ static NTSTATUS stream_smb_fname(vfs_handle_struct *handle, } } else { /* Normalize the stream type to upercase. */ - strupper_m(strrchr_m(stream_fname, ':') + 1); + if (!strupper_m(strrchr_m(stream_fname, ':') + 1)) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } } DEBUG(10, ("stream filename = %s\n", stream_fname)); diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 291531e59a..dd1135d77c 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -119,7 +119,9 @@ static NTSTATUS streams_xattr_get_name(TALLOC_CTX *ctx, } } else { /* Normalize the stream type to upercase. */ - strupper_m(strrchr_m(*xattr_name, ':') + 1); + if (!strupper_m(strrchr_m(*xattr_name, ':') + 1)) { + return NT_STATUS_INVALID_PARAMETER; + } } DEBUG(10, ("xattr_name: %s, stream_name: %s\n", *xattr_name, diff --git a/source3/nmbd/nmbd_browserdb.c b/source3/nmbd/nmbd_browserdb.c index b7c99005bb..bd027239ec 100644 --- a/source3/nmbd/nmbd_browserdb.c +++ b/source3/nmbd/nmbd_browserdb.c @@ -109,8 +109,14 @@ struct browse_cache_record *create_browser_in_lmb_cache( const char *work_name, unstrcpy( browc->lmb_name, browser_name); unstrcpy( browc->work_group, work_name); - strupper_m( browc->lmb_name ); - strupper_m( browc->work_group ); + if (!strupper_m( browc->lmb_name )) { + SAFE_FREE(browc); + return NULL; + } + if (!strupper_m( browc->work_group )) { + SAFE_FREE(browc); + return NULL; + } browc->ip = ip; diff --git a/source3/nmbd/nmbd_browsesync.c b/source3/nmbd/nmbd_browsesync.c index e009cf9a61..b56baedf27 100644 --- a/source3/nmbd/nmbd_browsesync.c +++ b/source3/nmbd/nmbd_browsesync.c @@ -120,7 +120,10 @@ static void announce_local_master_browser_to_domain_master_browser( struct work_ p++; unstrcpy(myname, lp_netbios_name()); - strupper_m(myname); + if (!strupper_m(myname)) { + DEBUG(2,("strupper_m %s failed\n", myname)); + return; + } myname[15]='\0'; /* The call below does CH_UNIX -> CH_DOS conversion. JRA */ push_ascii(p, myname, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE); diff --git a/source3/nmbd/nmbd_elections.c b/source3/nmbd/nmbd_elections.c index ac0d873512..1947e37e3a 100644 --- a/source3/nmbd/nmbd_elections.c +++ b/source3/nmbd/nmbd_elections.c @@ -51,7 +51,10 @@ static void send_election_dgram(struct subnet_record *subrec, const char *workgr SIVAL(p,5,timeup*1000); /* ms - Despite what the spec says. */ p += 13; unstrcpy(srv_name, server_name); - strupper_m(srv_name); + if (!strupper_m(srv_name)) { + DEBUG(2,("strupper_m failed for %s\n", srv_name)); + return; + } /* The following call does UNIX -> DOS charset conversion. */ push_ascii(p, srv_name, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE); p = skip_string(outbuf,sizeof(outbuf),p); diff --git a/source3/nmbd/nmbd_incomingdgrams.c b/source3/nmbd/nmbd_incomingdgrams.c index 582848c1fc..153a86db55 100644 --- a/source3/nmbd/nmbd_incomingdgrams.c +++ b/source3/nmbd/nmbd_incomingdgrams.c @@ -572,7 +572,10 @@ static void send_backup_list_response(struct subnet_record *subrec, /* We always return at least one name - our own. */ count = 1; unstrcpy(myname, lp_netbios_name()); - strupper_m(myname); + if (!strupper_m(myname)) { + DEBUG(4,("strupper_m %s failed\n", myname)); + return; + } myname[15]='\0'; push_ascii(p, myname, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE); diff --git a/source3/nmbd/nmbd_incomingrequests.c b/source3/nmbd/nmbd_incomingrequests.c index b2545f102f..562c388ee2 100644 --- a/source3/nmbd/nmbd_incomingrequests.c +++ b/source3/nmbd/nmbd_incomingrequests.c @@ -347,7 +347,10 @@ subnet %s - name not found.\n", nmb_namestr(&nmb->question.question_name), unstring name; pull_ascii_nstring(name, sizeof(name), namerec->name.name); - strupper_m(name); + if (!strupper_m(name)) { + DEBUG(2,("strupper_m %s failed\n", name)); + return; + } if (!strequal(name,"*") && !strequal(name,"__SAMBA__") && (name_type < 0x1b || name_type >= 0x20 || diff --git a/source3/nmbd/nmbd_namelistdb.c b/source3/nmbd/nmbd_namelistdb.c index 61c1d784f7..c06bddafbd 100644 --- a/source3/nmbd/nmbd_namelistdb.c +++ b/source3/nmbd/nmbd_namelistdb.c @@ -44,7 +44,7 @@ void set_samba_nb_type(void) Convert a NetBIOS name to upper case. ***************************************************************************/ -static void upcase_name( struct nmb_name *target, const struct nmb_name *source ) +static bool upcase_name( struct nmb_name *target, const struct nmb_name *source ) { int i; unstring targ; @@ -55,11 +55,15 @@ static void upcase_name( struct nmb_name *target, const struct nmb_name *source } pull_ascii_nstring(targ, sizeof(targ), target->name); - strupper_m( targ ); + if (!strupper_m( targ )) { + return false; + } push_ascii_nstring( target->name, targ); pull_ascii(scope, target->scope, 64, -1, STR_TERMINATE); - strupper_m( scope ); + if (!strupper_m( scope )) { + return false; + } push_ascii(target->scope, scope, 64, STR_TERMINATE); /* fudge... We're using a byte-by-byte compare, so we must be sure that @@ -72,6 +76,7 @@ static void upcase_name( struct nmb_name *target, const struct nmb_name *source for( i = strlen( target->scope ); i < sizeof( target->scope ); i++ ) { target->scope[i] = '\0'; } + return true; } /************************************************************************** @@ -104,7 +109,9 @@ struct name_record *find_name_on_subnet(struct subnet_record *subrec, struct nmb_name uc_name; struct name_record *name_ret; - upcase_name( &uc_name, nmbname ); + if (!upcase_name( &uc_name, nmbname )) { + return NULL; + } if (subrec == wins_server_subnet) { return find_name_on_wins_subnet(&uc_name, self_only); @@ -216,7 +223,11 @@ bool add_name_to_subnet( struct subnet_record *subrec, namerec->subnet = subrec; make_nmb_name(&namerec->name, name, type); - upcase_name(&namerec->name, NULL ); + if (!upcase_name(&namerec->name, NULL )) { + SAFE_FREE(namerec->data.ip); + SAFE_FREE(namerec); + return False; + } /* Enter the name as active. */ namerec->data.nb_flags = nb_flags | NB_ACTIVE; diff --git a/source3/nmbd/nmbd_sendannounce.c b/source3/nmbd/nmbd_sendannounce.c index 97bab9d25a..86012b834b 100644 --- a/source3/nmbd/nmbd_sendannounce.c +++ b/source3/nmbd/nmbd_sendannounce.c @@ -106,7 +106,10 @@ static void send_announcement(struct subnet_record *subrec, int announce_type, SIVAL(p,1,announce_interval*1000); /* Milliseconds - despite the spec. */ strlcpy(upper_server_name, server_name ? server_name : "", sizeof(upper_server_name)); - strupper_m(upper_server_name); + if (!strupper_m(upper_server_name)) { + DEBUG(2,("strupper_m %s failed\n", upper_server_name)); + return; + } push_string_check(p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE); SCVAL(p,21,SAMBA_MAJOR_NBT_ANNOUNCE_VERSION); /* Major version. */ @@ -568,7 +571,10 @@ for workgroup %s on subnet %s.\n", lp_workgroup(), FIRST_SUBNET->subnet_name )); p++; unstrcpy(myname, lp_netbios_name()); - strupper_m(myname); + if (!strupper_m(myname)) { + DEBUG(2,("strupper_m %s failed\n", myname)); + return; + } myname[15]='\0'; push_ascii(p, myname, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE); diff --git a/source3/nmbd/nmbd_serverlistdb.c b/source3/nmbd/nmbd_serverlistdb.c index ac16b5a98c..05ca6e9367 100644 --- a/source3/nmbd/nmbd_serverlistdb.c +++ b/source3/nmbd/nmbd_serverlistdb.c @@ -119,7 +119,11 @@ workgroup %s. This is a bug.\n", name, work->work_group)); fstrcpy(servrec->serv.name,name); fstrcpy(servrec->serv.comment,comment); - strupper_m(servrec->serv.name); + if (!strupper_m(servrec->serv.name)) { + DEBUG(2,("strupper_m %s failed\n", servrec->serv.name)); + SAFE_FREE(servrec); + return NULL; + } servrec->serv.type = servertype; update_server_ttl(servrec, ttl); diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c index 87b9990a63..d56d0f8aed 100644 --- a/source3/nmbd/nmbd_winsserver.c +++ b/source3/nmbd/nmbd_winsserver.c @@ -217,7 +217,7 @@ static TDB_DATA name_to_key(const struct nmb_name *nmbname) memset(keydata, '\0', sizeof(keydata)); pull_ascii_nstring(keydata, sizeof(unstring), nmbname->name); - strupper_m(keydata); + (void)strupper_m(keydata); keydata[sizeof(unstring)] = nmbname->name_type; key.dptr = (uint8 *)keydata; key.dsize = sizeof(keydata); diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 8e14cec3e8..a2d793feb3 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -339,7 +339,10 @@ bool lookup_name(TALLOC_CTX *mem_ctx, TALLOC_FREE(tmp_ctx); return false; } - strupper_m(tmp_dom); + if (!strupper_m(tmp_dom)) { + TALLOC_FREE(tmp_ctx); + return false; + } *ret_domain = tmp_dom; } diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 30f5f822ff..a4b5709b28 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -148,7 +148,9 @@ bool secrets_store_domain_guid(const char *domain, struct GUID *guid) #endif slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain); - strupper_m(key); + if (!strupper_m(key)) { + return false; + } return secrets_store(key, guid, sizeof(struct GUID)); } @@ -160,7 +162,9 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid) struct GUID new_guid; slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain); - strupper_m(key); + if (!strupper_m(key)) { + return false; + } dyn_guid = (struct GUID *)secrets_fetch(key, &size); if (!dyn_guid) { diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c index 75ad507e2b..3e561eb389 100644 --- a/source3/registry/reg_backend_db.c +++ b/source3/registry/reg_backend_db.c @@ -561,7 +561,9 @@ static bool upgrade_v2_to_v3_check_subkeylist(struct db_context *db, }; bool success = false; char *path = talloc_asprintf(talloc_tos(), "%s\\%s", key, subkey); - strupper_m(path); + if (!strupper_m(path)) { + goto done; + } if (!dbwrap_exists(db, string_term_tdb_data(path))) { NTSTATUS status; diff --git a/source3/registry/reg_util_internal.c b/source3/registry/reg_util_internal.c index b15015b988..e256c75cb2 100644 --- a/source3/registry/reg_util_internal.c +++ b/source3/registry/reg_util_internal.c @@ -113,7 +113,10 @@ char *normalize_reg_path(TALLOC_CTX *ctx, const char *keyname ) p = strrchr(nkeyname, '\\'); } - strupper_m(nkeyname); + if (!strupper_m(nkeyname)) { + TALLOC_FREE(nkeyname); + return NULL; + } return nkeyname; } diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1b5de57ad4..b22619ff35 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4004,7 +4004,9 @@ static bool api_NetWkstaGetInfo(struct smbd_server_connection *sconn, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ strlcpy(p2,get_local_machine_name(),PTR_DIFF(endp,p2)); - strupper_m(p2); + if (!strupper_m(p2)) { + return false; + } p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -4021,7 +4023,9 @@ static bool api_NetWkstaGetInfo(struct smbd_server_connection *sconn, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ strlcpy(p2,lp_workgroup(),PTR_DIFF(endp,p2)); - strupper_m(p2); + if (!strupper_m(p2)) { + return false; + } p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -4691,7 +4695,9 @@ static bool api_WWkstaUserLogon(struct smbd_server_connection *sconn, fstring mypath; fstrcpy(mypath,"\\\\"); fstrcat(mypath,get_local_machine_name()); - strupper_m(mypath); + if (!strupper_m(mypath)) { + return false; + } PACKS(&desc,"z",mypath); /* computer */ } @@ -5082,7 +5088,7 @@ static void fill_printdest_info(struct spoolss_PrinterInfo2 *info2, int uLevel, strncpy(buf, info2->printername, sizeof(buf)-1); buf[sizeof(buf)-1] = 0; - strupper_m(buf); + (void)strupper_m(buf); if (uLevel <= 1) { PACKS(desc,"B9",buf); /* szName */ diff --git a/source3/smbd/mangle_hash.c b/source3/smbd/mangle_hash.c index 056879c876..8a44ea2d6a 100644 --- a/source3/smbd/mangle_hash.c +++ b/source3/smbd/mangle_hash.c @@ -630,7 +630,10 @@ static bool to_8_3(char magic_char, const char *in, char out[13], int default_ca } else csum = str_checksum(s); - strupper_m( s ); + if (!strupper_m( s )) { + SAFE_FREE(s); + return false; + } if( p ) { if( p == s ) diff --git a/source3/smbd/mangle_hash2.c b/source3/smbd/mangle_hash2.c index 09cd44d5af..655c72745a 100644 --- a/source3/smbd/mangle_hash2.c +++ b/source3/smbd/mangle_hash2.c @@ -291,7 +291,7 @@ static unsigned int mangle_hash(const char *key, unsigned int length) length = MIN(length,sizeof(fstring)-1); strncpy(str, key, length); str[length] = 0; - strupper_m(str); + (void)strupper_m(str); /* the length of a multi-byte string can change after a strupper_m */ length = strlen(str); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 4fc1aa3e2d..ce9cff90e2 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -257,7 +257,10 @@ static NTSTATUS share_sanity_checks(const struct tsocket_address *remote_address } } - strupper_m(dev); + if (!strupper_m(dev)) { + DEBUG(2,("strupper_m %s failed\n", dev)); + return NT_STATUS_INVALID_PARAMETER; + } if (lp_print_ok(snum)) { if (!strequal(dev, "LPT1:")) { diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 69e583ad55..525484719b 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -8273,7 +8273,7 @@ static NTSTATUS split_ntfs_stream_name(TALLOC_CTX *mem_ctx, const char *fname, /* * upper-case the type field */ - strupper_m(strchr_m(stream, ':')+1); + (void)strupper_m(strchr_m(stream, ':')+1); } done: diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index a4f1588e51..b1eac52df2 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -287,7 +287,10 @@ retry: *cp++ = '\0'; SAFE_FREE(ads->auth.realm); ads->auth.realm = smb_xstrdup(cp); - strupper_m(ads->auth.realm); + if (!strupper_m(ads->auth.realm)) { + ads_destroy(&ads); + return ADS_ERROR(LDAP_NO_MEMORY); + } } status = ads_connect(ads); @@ -1371,7 +1374,10 @@ static void _net_ads_join_dns_updates(TALLOC_CTX *ctx, struct libnet_JoinCtx *r) goto done; } - strupper_m(ads_dns->auth.realm); + if (!strupper_m(ads_dns->auth.realm)) { + d_fprintf(stderr, _("strupper_m %s failed\n"), ads_dns->auth.realm); + goto done; + } ret = ads_kinit_password(ads_dns); if (ret != 0) { diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c index f067071de1..ebc14e528d 100644 --- a/source3/utils/net_idmap.c +++ b/source3/utils/net_idmap.c @@ -492,7 +492,11 @@ static bool idmap_store_secret(const char *backend, if (r < 0) return false; - strupper_m(tmp); /* make sure the key is case insensitive */ + /* make sure the key is case insensitive */ + if (!strupper_m(tmp)) { + free(tmp); + return false; + } ret = secrets_store_generic(tmp, identity, secret); free(tmp); diff --git a/source3/utils/net_registry_check.c b/source3/utils/net_registry_check.c index 872aa5a371..45a01f20f5 100644 --- a/source3/utils/net_registry_check.c +++ b/source3/utils/net_registry_check.c @@ -419,7 +419,10 @@ static bool read_info(struct check_ctx *ctx, const char *key, TDB_DATA val) static bool is_all_upper(const char *str) { bool ret; char *tmp = talloc_strdup(talloc_tos(), str); - strupper_m(tmp); + if (!strupper_m(tmp)) { + talloc_free(tmp); + return false; + } ret = (strcmp(tmp, str) == 0); talloc_free(tmp); return ret; @@ -698,7 +701,10 @@ static bool normalize_path_internal(char* path, char sep) { } *optr = '\0'; - strupper_m(path); + if (!strupper_m(path)) { + talloc_free(discard_const(orig)); + return false; + } changed = (strcmp(orig, path) != 0); talloc_free(discard_const(orig)); return changed; diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 46c3c91779..ae5db99dd3 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -4750,7 +4750,11 @@ static bool get_user_tokens(struct net_context *c, int *num_tokens, } else { *p++ = '\0'; fstrcpy(domain, users[i]); - strupper_m(domain); + if (!strupper_m(domain)) { + DEBUG(1, ("strupper_m %s failed\n", domain)); + wbcFreeMemory(users); + return false; + } fstrcpy(user, p); } @@ -5794,7 +5798,10 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, return NT_STATUS_NO_MEMORY; } - strupper_m(acct_name); + if (!strupper_m(acct_name)) { + SAFE_FREE(acct_name); + return NT_STATUS_INVALID_PARAMETER; + } init_lsa_String(&lsa_acct_name, acct_name); @@ -5978,7 +5985,10 @@ static NTSTATUS rpc_trustdom_del_internals(struct net_context *c, if (acct_name == NULL) return NT_STATUS_NO_MEMORY; - strupper_m(acct_name); + if (!strupper_m(acct_name)) { + TALLOC_FREE(acct_name); + return NT_STATUS_INVALID_PARAMETER; + } /* Get samr policy handle */ status = dcerpc_samr_Connect2(b, mem_ctx, @@ -6224,13 +6234,20 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, } domain_name = smb_xstrdup(argv[0]); - strupper_m(domain_name); + if (!strupper_m(domain_name)) { + SAFE_FREE(domain_name); + return -1; + } /* account name used at first is our domain's name with '$' */ if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) { return -1; } - strupper_m(acct_name); + if (!strupper_m(acct_name)) { + SAFE_FREE(domain_name); + SAFE_FREE(acct_name); + return -1; + } /* * opt_workgroup will be used by connection functions further, @@ -6402,7 +6419,10 @@ static int rpc_trustdom_revoke(struct net_context *c, int argc, /* generate upper cased domain name */ domain_name = smb_xstrdup(argv[0]); - strupper_m(domain_name); + if (!strupper_m(domain_name)) { + SAFE_FREE(domain_name); + return -1; + } /* delete password of the trust */ if (!pdb_del_trusteddom_pw(domain_name)) { @@ -6971,7 +6991,11 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv) str[ascii_dom_name_len - 1] = '\0'; /* set opt_* variables to remote domain */ - strupper_m(str); + if (!strupper_m(str)) { + cli_shutdown(cli); + talloc_destroy(mem_ctx); + return -1; + } c->opt_workgroup = talloc_strdup(mem_ctx, str); c->opt_target_workgroup = c->opt_workgroup; diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 2e3e240a3f..50383fee6b 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -509,7 +509,10 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) /* Now store the secret in the secrets database */ - strupper_m(discard_const_p(char, domain)); + if (!strupper_m(discard_const_p(char, domain))) { + DEBUG(0, ("strupper_m %s failed\n", domain)); + goto done; + } if (!secrets_store_domain_sid(domain, domain_sid)) { DEBUG(0, ("error storing domain sid for %s\n", domain)); diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 103a1f6d16..7cf40b905d 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -365,9 +365,7 @@ static bool parse_ntlm_auth_domain_user(const char *domuser, fstring domain, fstrcpy(user, p+1); fstrcpy(domain, domuser); domain[PTR_DIFF(p, domuser)] = 0; - strupper_m(domain); - - return True; + return strupper_m(domain); } static bool get_require_membership_sid(void) { diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 54c5d62c97..c91c0f3d16 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -1204,7 +1204,7 @@ static void my_make_nmb_name( struct nmb_name *n, const char *name, int type) fstring unix_name; memset( (char *)n, '\0', sizeof(struct nmb_name) ); fstrcpy(unix_name, name); - strupper_m(unix_name); + (void)strupper_m(unix_name); push_ascii(n->name, unix_name, sizeof(n->name), STR_TERMINATE); n->name_type = (unsigned int)type & 0xFF; push_ascii(n->scope, lp_netbios_scope(), 64, STR_TERMINATE); diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c index aeeb2e87d0..e72a0ab184 100644 --- a/source3/winbindd/idmap_ldap.c +++ b/source3/winbindd/idmap_ldap.c @@ -50,7 +50,12 @@ static char *idmap_fetch_secret(const char *backend, if (r < 0) return NULL; - strupper_m(tmp); /* make sure the key is case insensitive */ + /* make sure the key is case insensitive */ + if (!strupper_m(tmp)) { + SAFE_FREE(tmp); + return NULL; + } + ret = secrets_fetch_generic(tmp, identity); SAFE_FREE(tmp); diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 854e12c53b..4efd829cb9 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -99,7 +99,10 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) return NULL; } ads->auth.realm = SMB_STRDUP( ads->server.realm ); - strupper_m( ads->auth.realm ); + if (!strupper_m( ads->auth.realm )) { + ads_destroy( &ads ); + return NULL; + } } else { struct winbindd_domain *our_domain = domain; @@ -114,7 +117,10 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) if ( our_domain->alt_name[0] != '\0' ) { ads->auth.realm = SMB_STRDUP( our_domain->alt_name ); - strupper_m( ads->auth.realm ); + if (!strupper_m( ads->auth.realm )) { + ads_destroy( &ads ); + return NULL; + } } else ads->auth.realm = SMB_STRDUP( lp_realm() ); diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index 66de29e061..cfa843424a 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -946,7 +946,7 @@ static void wcache_save_name_to_sid(struct winbindd_domain *domain, centry_put_uint32(centry, type); centry_put_sid(centry, sid); fstrcpy(uname, name); - strupper_m(uname); + (void)strupper_m(uname); centry_end(centry, "NS/%s/%s", domain_name, uname); DEBUG(10,("wcache_save_name_to_sid: %s\\%s -> %s (%s)\n", domain_name, uname, sid_string_dbg(sid), nt_errstr(status))); @@ -1064,7 +1064,7 @@ static void wcache_save_username_alias(struct winbindd_domain *domain, centry_put_string( centry, alias ); fstrcpy(uname, name); - strupper_m(uname); + (void)strupper_m(uname); centry_end(centry, "NSS/NA/%s", uname); DEBUG(10,("wcache_save_username_alias: %s -> %s\n", name, alias )); @@ -1085,7 +1085,7 @@ static void wcache_save_alias_username(struct winbindd_domain *domain, centry_put_string( centry, name ); fstrcpy(uname, alias); - strupper_m(uname); + (void)strupper_m(uname); centry_end(centry, "NSS/AN/%s", uname); DEBUG(10,("wcache_save_alias_username: %s -> %s\n", alias, name )); @@ -1113,7 +1113,10 @@ NTSTATUS resolve_username_to_alias( TALLOC_CTX *mem_ctx, if ( (upper_name = SMB_STRDUP(name)) == NULL ) return NT_STATUS_NO_MEMORY; - strupper_m(upper_name); + if (!strupper_m(upper_name)) { + SAFE_FREE(name); + return NT_STATUS_INVALID_PARAMETER; + } centry = wcache_fetch(cache, domain, "NSS/NA/%s", upper_name); @@ -1188,7 +1191,10 @@ NTSTATUS resolve_alias_to_username( TALLOC_CTX *mem_ctx, if ( (upper_name = SMB_STRDUP(alias)) == NULL ) return NT_STATUS_NO_MEMORY; - strupper_m(upper_name); + if (!strupper_m(upper_name)) { + SAFE_FREE(alias); + return NT_STATUS_INVALID_PARAMETER; + } centry = wcache_fetch(cache, domain, "NSS/AN/%s", upper_name); @@ -1859,7 +1865,9 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, /* Only save the reverse mapping if this was not a UPN */ if (!strchr(name, '@')) { - strupper_m(discard_const_p(char, domain_name)); + if (!strupper_m(discard_const_p(char, domain_name))) { + return NT_STATUS_INVALID_PARAMETER; + } strlower_m(discard_const_p(char, name)); wcache_save_sid_to_name(domain, status, sid, domain_name, name, *type); } diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 5a602422ae..c08530e819 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -767,7 +767,10 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain, return NT_STATUS_NO_MEMORY; } - strupper_m(*machine_krb5_principal); + if (!strupper_m(*machine_krb5_principal)) { + SAFE_FREE(machine_krb5_principal); + return NT_STATUS_INVALID_PARAMETER; + } } return NT_STATUS_OK; diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index a64cc5692c..48bb79bdcd 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -582,7 +582,9 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx, parse_domain_user(user, name_domain, name_user); realm = domain->alt_name; - strupper_m(realm); + if (!strupper_m(realm)) { + return NT_STATUS_INVALID_PARAMETER; + } principal_s = talloc_asprintf(mem_ctx, "%s@%s", name_user, realm); if (principal_s == NULL) { @@ -938,7 +940,9 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain, } realm = domain->alt_name; - strupper_m(realm); + if (!strupper_m(realm)) { + return NT_STATUS_INVALID_PARAMETER; + } principal_s = talloc_asprintf(state->mem_ctx, "%s@%s", name_user, realm); if (principal_s == NULL) { diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 52ce1e3056..656735633b 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -877,9 +877,7 @@ bool parse_domain_user(const char *domuser, fstring domain, fstring user) domain[PTR_DIFF(p, domuser)] = 0; } - strupper_m(domain); - - return True; + return strupper_m(domain); } bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, |