summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/msdfs.c62
-rw-r--r--source3/smbd/service.c4
-rw-r--r--source3/smbd/vfs.c12
3 files changed, 41 insertions, 37 deletions
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index cca1e0a428..98a41e4ec3 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -196,16 +196,26 @@ static NTSTATUS parse_dfs_path(const char *pathname,
Note this CHANGES CWD !!!! JRA.
*********************************************************/
-static NTSTATUS create_conn_struct(connection_struct *conn,
+static NTSTATUS create_conn_struct(TALLOC_CTX *ctx,
+ connection_struct *conn,
int snum,
const char *path)
{
- pstring connpath;
+ char *connpath;
ZERO_STRUCTP(conn);
- pstrcpy(connpath, path);
- pstring_sub(connpath , "%S", lp_servicename(snum));
+ connpath = talloc_strdup(ctx, path);
+ if (!connpath) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ connpath = talloc_string_sub(ctx,
+ connpath,
+ "%S",
+ lp_servicename(snum));
+ if (!connpath) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* needed for smbd_vfs_init() */
@@ -844,7 +854,7 @@ NTSTATUS get_referred_path(TALLOC_CTX *ctx,
return NT_STATUS_OK;
}
- status = create_conn_struct(conn, snum, lp_pathname(snum));
+ status = create_conn_struct(ctx, conn, snum, lp_pathname(snum));
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(pdp);
return status;
@@ -888,7 +898,7 @@ static int setup_ver2_dfs_referral(const char *pathname,
{
char* pdata = *ppdata;
- unsigned char uni_requestedpath[sizeof(pstring)];
+ smb_ucs2_t *uni_requestedpath = NULL;
int uni_reqpathoffset1,uni_reqpathoffset2;
int uni_curroffset;
int requestedpathlen=0;
@@ -898,12 +908,15 @@ static int setup_ver2_dfs_referral(const char *pathname,
DEBUG(10,("Setting up version2 referral\nRequested path:\n"));
- requestedpathlen = rpcstr_push(uni_requestedpath,
- pathname, sizeof(pstring),
- STR_TERMINATE);
+ requestedpathlen = rpcstr_push_talloc(talloc_tos(),
+ &uni_requestedpath, pathname);
+ if (uni_requestedpath == NULL || requestedpathlen == 0) {
+ return -1;
+ }
if (DEBUGLVL(10)) {
- dump_data(0, uni_requestedpath,requestedpathlen);
+ dump_data(0, (unsigned char *)uni_requestedpath,
+ requestedpathlen);
}
DEBUG(10,("ref count = %u\n",junction->referral_count));
@@ -976,8 +989,10 @@ static int setup_ver2_dfs_referral(const char *pathname,
SSVAL(pdata,offset+16,uni_reqpathoffset1-offset);
SSVAL(pdata,offset+18,uni_reqpathoffset2-offset);
/* copy referred path into current offset */
- unilen = rpcstr_push(pdata+uni_curroffset, ref->alternate_path,
- sizeof(pstring), STR_UNICODE);
+ unilen = rpcstr_push(pdata+uni_curroffset,
+ ref->alternate_path,
+ reply_size - uni_curroffset,
+ STR_UNICODE);
SSVAL(pdata,offset+20,uni_curroffset-offset);
@@ -997,7 +1012,7 @@ static int setup_ver3_dfs_referral(const char *pathname,
{
char *pdata = *ppdata;
- unsigned char uni_reqpath[sizeof(pstring)];
+ smb_ucs2_t *uni_reqpath = NULL;
int uni_reqpathoffset1, uni_reqpathoffset2;
int uni_curroffset;
int reply_size = 0;
@@ -1007,11 +1022,14 @@ static int setup_ver3_dfs_referral(const char *pathname,
DEBUG(10,("setting up version3 referral\n"));
- reqpathlen = rpcstr_push(uni_reqpath, pathname,
- sizeof(pstring), STR_TERMINATE);
+ reqpathlen = rpcstr_push_talloc(talloc_tos(), &uni_reqpath, pathname);
+ if (uni_reqpath == NULL || reqpathlen == 0) {
+ return -1;
+ }
if (DEBUGLVL(10)) {
- dump_data(0, uni_reqpath,reqpathlen);
+ dump_data(0, (unsigned char *)uni_reqpath,
+ reqpathlen);
}
uni_reqpathoffset1 = REFERRAL_HEADER_SIZE +
@@ -1069,8 +1087,8 @@ static int setup_ver3_dfs_referral(const char *pathname,
SSVAL(pdata,offset+14,uni_reqpathoffset2-offset);
/* copy referred path into current offset */
unilen = rpcstr_push(pdata+uni_curroffset,ref->alternate_path,
- sizeof(pstring),
- STR_UNICODE | STR_TERMINATE);
+ reply_size - uni_curroffset,
+ STR_UNICODE | STR_TERMINATE);
SSVAL(pdata,offset+16,uni_curroffset-offset);
/* copy 0x10 bytes of 00's in the ServiceSite GUID */
memset(pdata+offset+18,'\0',16);
@@ -1270,7 +1288,8 @@ static bool junction_to_local_path(const struct junction_map *jucn,
if(snum < 0) {
return False;
}
- if (!NT_STATUS_IS_OK(create_conn_struct(conn_out, snum,
+ if (!NT_STATUS_IS_OK(create_conn_struct(talloc_tos(),
+ conn_out, snum,
lp_pathname(snum)))) {
return False;
}
@@ -1402,7 +1421,8 @@ static int count_dfs_links(TALLOC_CTX *ctx, int snum)
* Fake up a connection struct for the VFS layer.
*/
- if (!NT_STATUS_IS_OK(create_conn_struct(&conn, snum, connect_path))) {
+ if (!NT_STATUS_IS_OK(create_conn_struct(talloc_tos(),
+ &conn, snum, connect_path))) {
return 0;
}
@@ -1467,7 +1487,7 @@ static int form_junctions(TALLOC_CTX *ctx,
* Fake up a connection struct for the VFS layer.
*/
- if (!NT_STATUS_IS_OK(create_conn_struct(&conn, snum, connect_path))) {
+ if (!NT_STATUS_IS_OK(create_conn_struct(ctx, &conn, snum, connect_path))) {
return 0;
}
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index c3972391f3..e98ce0f8c2 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -33,11 +33,7 @@ static bool canonicalize_connect_path(connection_struct *conn)
SAFE_FREE(resolved_name);
return ret;
#else
-#ifdef PATH_MAX
char resolved_name_buf[PATH_MAX+1];
-#else
- pstring resolved_name_buf;
-#endif
char *resolved_name = SMB_VFS_REALPATH(conn,conn->connectpath,resolved_name_buf);
if (!resolved_name) {
return false;
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index 78939881d3..628d2eec4b 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -774,11 +774,7 @@ static void array_promote(char *array,int elsize,int element)
char *vfs_GetWd(TALLOC_CTX *ctx, connection_struct *conn)
{
-#ifdef PATH_MAX
char s[PATH_MAX+1];
-#else
- pstring s;
-#endif
static bool getwd_cache_init = False;
SMB_STRUCT_STAT st, st2;
int i;
@@ -893,11 +889,7 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname)
#ifdef REALPATH_TAKES_NULL
bool free_resolved_name = True;
#else
-#ifdef PATH_MAX
char resolved_name_buf[PATH_MAX+1];
-#else
- pstring resolved_name_buf;
-#endif
bool free_resolved_name = False;
#endif
char *resolved_name = NULL;
@@ -969,11 +961,7 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname)
return NT_STATUS_NO_MEMORY;
}
#else
-#ifdef PATH_MAX
safe_strcpy(resolved_name_buf, tmp_fname, PATH_MAX);
-#else
- pstrcpy(resolved_name_buf, tmp_fname);
-#endif
resolved_name = resolved_name_buf;
#endif
TALLOC_FREE(tmp_ctx);