diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 11 | ||||
-rw-r--r-- | source3/include/safe_string.h | 22 | ||||
-rw-r--r-- | source3/lib/charcnv.c | 48 | ||||
-rw-r--r-- | source3/libsmb/clistr.c | 24 | ||||
-rw-r--r-- | source3/libsmb/ntlmssp_parse.c | 14 | ||||
-rw-r--r-- | source3/libsmb/smbencrypt.c | 6 | ||||
-rw-r--r-- | source3/nmbd/nmbd_sendannounce.c | 10 | ||||
-rw-r--r-- | source3/smbd/srvstr.c | 4 |
8 files changed, 86 insertions, 53 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index cc442422e8..5a168380a7 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -391,10 +391,13 @@ bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src, size_t *converted_size); bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size); -size_t push_string_fn(const char *function, unsigned int line, - const void *base_ptr, uint16 flags2, - void *dest, const char *src, - size_t dest_len, int flags); +size_t push_string_check_fn(const char *function, unsigned int line, + void *dest, const char *src, + size_t dest_len, int flags); +size_t push_string_base(const char *function, unsigned int line, + const char *base, uint16 flags2, + void *dest, const char *src, + size_t dest_len, int flags); size_t pull_string_fn(const char *function, unsigned int line, const void *base_ptr, diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h index a7230964c9..43e43416d8 100644 --- a/source3/include/safe_string.h +++ b/source3/include/safe_string.h @@ -130,13 +130,9 @@ size_t __unsafe_string_function_usage_here_char__(void); safe_strcat_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ dest,src,maxlength) -#define push_string(base_ptr, dest, src, dest_len, flags) \ - push_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - base_ptr, 0, dest, src, dest_len, flags) - -#define pull_string(base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \ - pull_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ - base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) +#define push_string_check(dest, src, dest_len, flags) \ + push_string_check_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ + dest, src, dest_len, flags) #define pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ pull_string_talloc_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \ @@ -182,15 +178,10 @@ size_t __unsafe_string_function_usage_here_char__(void); ? __unsafe_string_function_usage_here__() \ : safe_strcat_fn(fn_name, fn_line, (d), (s), (max_len))) -#define push_string_fn2(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags) \ - (CHECK_STRING_SIZE(dest, dest_len) \ - ? __unsafe_string_function_usage_here_size_t__() \ - : push_string_fn(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags)) - -#define pull_string_fn2(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \ +#define push_string_check_fn2(fn_name, fn_line, dest, src, dest_len, flags) \ (CHECK_STRING_SIZE(dest, dest_len) \ ? __unsafe_string_function_usage_here_size_t__() \ - : pull_string_fn(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags)) + : push_string_check_fn(fn_name, fn_line, dest, src, dest_len, flags)) #define pull_string_talloc_fn2(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \ pull_string_talloc_fn(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) @@ -214,8 +205,7 @@ size_t __unsafe_string_function_usage_here_char__(void); #define safe_strcpy_fn2 safe_strcpy_fn #define safe_strcat_fn2 safe_strcat_fn -#define push_string_fn2 push_string_fn -#define pull_string_fn2 pull_string_fn +#define push_string_check_fn2 push_string_check_fn #define pull_string_talloc_fn2 pull_string_talloc_fn #define clistr_push_fn2 clistr_push_fn #define clistr_pull_fn2 clistr_pull_fn diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index 03b32c13d4..0c0d654e99 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -1766,6 +1766,44 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, /** Copy a string from a char* src to a unicode or ascii dos codepage destination choosing unicode or ascii based on the + flags supplied + Return the number of bytes occupied by the string in the destination. + flags can have: + STR_TERMINATE means include the null termination. + STR_UPPER means uppercase in the destination. + STR_ASCII use ascii even with unicode packet. + STR_NOALIGN means don't do alignment. + dest_len is the maximum length allowed in the destination. If dest_len + is -1 then no maxiumum is used. +**/ + +size_t push_string_check_fn(const char *function, unsigned int line, + void *dest, const char *src, + size_t dest_len, int flags) +{ +#ifdef DEVELOPER + /* We really need to zero fill here, not clobber + * region, as we want to ensure that valgrind thinks + * all of the outgoing buffer has been written to + * so a send() or write() won't trap an error. + * JRA. + */ +#if 0 + clobber_region(function, line, dest, dest_len); +#else + memset(dest, '\0', dest_len); +#endif +#endif + + if (!(flags & STR_ASCII) && (flags & STR_UNICODE)) { + return push_ucs2(NULL, dest, src, dest_len, flags); + } + return push_ascii(dest, src, dest_len, flags); +} + +/** + Copy a string from a char* src to a unicode or ascii + dos codepage destination choosing unicode or ascii based on the flags in the SMB buffer starting at base_ptr. Return the number of bytes occupied by the string in the destination. flags can have: @@ -1777,10 +1815,10 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, is -1 then no maxiumum is used. **/ -size_t push_string_fn(const char *function, unsigned int line, - const void *base_ptr, uint16 flags2, - void *dest, const char *src, - size_t dest_len, int flags) +size_t push_string_base(const char *function, unsigned int line, + const char *base, uint16 flags2, + void *dest, const char *src, + size_t dest_len, int flags) { #ifdef DEVELOPER /* We really need to zero fill here, not clobber @@ -1799,7 +1837,7 @@ size_t push_string_fn(const char *function, unsigned int line, if (!(flags & STR_ASCII) && \ ((flags & STR_UNICODE || \ (flags2 & FLAGS2_UNICODE_STRINGS)))) { - return push_ucs2(base_ptr, dest, src, dest_len, flags); + return push_ucs2(base, dest, src, dest_len, flags); } return push_ascii(dest, src, dest_len, flags); } diff --git a/source3/libsmb/clistr.c b/source3/libsmb/clistr.c index 8685781404..1f296ebd09 100644 --- a/source3/libsmb/clistr.c +++ b/source3/libsmb/clistr.c @@ -32,21 +32,23 @@ size_t clistr_push_fn(const char *function, if (dest_len == -1) { if (((ptrdiff_t)dest < (ptrdiff_t)cli->outbuf) || (buf_used > cli->bufsize)) { DEBUG(0, ("Pushing string of 'unlimited' length into non-SMB buffer!\n")); - return push_string_fn(function, line, - cli->outbuf, - SVAL(cli->outbuf, smb_flg2), - dest, src, -1, flags); + return push_string_base(function, line, + cli->outbuf, + SVAL(cli->outbuf, smb_flg2), + dest, src, -1, flags); } - return push_string_fn(function, line, cli->outbuf, - SVAL(cli->outbuf, smb_flg2), - dest, src, cli->bufsize - buf_used, - flags); + return push_string_base(function, line, + cli->outbuf, + SVAL(cli->outbuf, smb_flg2), + dest, src, cli->bufsize - buf_used, + flags); } /* 'normal' push into size-specified buffer */ - return push_string_fn(function, line, cli->outbuf, - SVAL(cli->outbuf, smb_flg2), - dest, src, dest_len, flags); + return push_string_base(function, line, + cli->outbuf, + SVAL(cli->outbuf, smb_flg2), + dest, src, dest_len, flags); } size_t clistr_pull_fn(const char *function, diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c index 70377cba7d..98c50596be 100644 --- a/source3/libsmb/ntlmssp_parse.c +++ b/source3/libsmb/ntlmssp_parse.c @@ -106,8 +106,8 @@ bool msrpc_gen(DATA_BLOB *blob, SSVAL(blob->data, head_ofs, n*2); head_ofs += 2; SSVAL(blob->data, head_ofs, n*2); head_ofs += 2; SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4; - push_string(NULL, blob->data+data_ofs, - s, n*2, STR_UNICODE|STR_NOALIGN); + push_string_check(blob->data+data_ofs, + s, n*2, STR_UNICODE|STR_NOALIGN); data_ofs += n*2; break; case 'A': @@ -116,8 +116,8 @@ bool msrpc_gen(DATA_BLOB *blob, SSVAL(blob->data, head_ofs, n); head_ofs += 2; SSVAL(blob->data, head_ofs, n); head_ofs += 2; SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4; - push_string(NULL, blob->data+data_ofs, - s, n, STR_ASCII|STR_NOALIGN); + push_string_check(blob->data+data_ofs, + s, n, STR_ASCII|STR_NOALIGN); data_ofs += n; break; case 'a': @@ -127,7 +127,7 @@ bool msrpc_gen(DATA_BLOB *blob, n = str_charnum(s); SSVAL(blob->data, data_ofs, n*2); data_ofs += 2; if (0 < n) { - push_string(NULL, blob->data+data_ofs, s, n*2, + push_string_check(blob->data+data_ofs, s, n*2, STR_UNICODE|STR_NOALIGN); } data_ofs += n*2; @@ -156,8 +156,8 @@ bool msrpc_gen(DATA_BLOB *blob, case 'C': s = va_arg(ap, char *); n = str_charnum(s) + 1; - head_ofs += push_string(NULL, blob->data+head_ofs, s, n, - STR_ASCII|STR_TERMINATE); + head_ofs += push_string_check(blob->data+head_ofs, s, n, + STR_ASCII|STR_TERMINATE); break; } } diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index ee162b1b2d..a76be3cc1a 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -499,9 +499,9 @@ bool encode_pw_buffer(uint8 buffer[516], const char *password, int string_flags) /* the incoming buffer can be any alignment. */ string_flags |= STR_NOALIGN; - new_pw_len = push_string(NULL, new_pw, - password, - sizeof(new_pw), string_flags); + new_pw_len = push_string_check(new_pw, + password, + sizeof(new_pw), string_flags); memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len); diff --git a/source3/nmbd/nmbd_sendannounce.c b/source3/nmbd/nmbd_sendannounce.c index d5a7ba58fd..8eb1da7d38 100644 --- a/source3/nmbd/nmbd_sendannounce.c +++ b/source3/nmbd/nmbd_sendannounce.c @@ -74,7 +74,7 @@ to subnet %s\n", work->work_group, subrec->subnet_name)); SCVAL(p,0,work->token); /* (local) Unique workgroup token id. */ p++; - p += push_string(NULL, p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE); + p += push_string_check(p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE); send_mailslot(False, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf), global_myname(), 0x0, work->work_group,0x1e, subrec->bcast_ip, @@ -105,7 +105,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type, safe_strcpy(upper_server_name, server_name, sizeof(upper_server_name)-1); strupper_m(upper_server_name); - push_string(NULL, p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE); + push_string_check(p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE); SCVAL(p,21,lp_major_announce_version()); /* Major version. */ SCVAL(p,22,lp_minor_announce_version()); /* Minor version. */ @@ -115,7 +115,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type, SSVAL(p,27,BROWSER_ELECTION_VERSION); SSVAL(p,29,BROWSER_CONSTANT); /* Browse signature. */ - p += 31 + push_string(NULL, p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE); + p += 31 + push_string_check(p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE); send_mailslot(False,BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf), from_name, 0x0, to_name, to_type, to_ip, subrec->myip, @@ -143,8 +143,8 @@ static void send_lm_announcement(struct subnet_record *subrec, int announce_type SSVAL(p,8,announce_interval); /* In seconds - according to spec. */ p += 10; - p += push_string(NULL, p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE); - p += push_string(NULL, p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE); + p += push_string_check(p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE); + p += push_string_check(p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE); send_mailslot(False,LANMAN_MAILSLOT, outbuf, PTR_DIFF(p,outbuf), from_name, 0x0, to_name, to_type, to_ip, subrec->myip, diff --git a/source3/smbd/srvstr.c b/source3/smbd/srvstr.c index 62b0fe1617..d3f341138c 100644 --- a/source3/smbd/srvstr.c +++ b/source3/smbd/srvstr.c @@ -32,8 +32,8 @@ size_t srvstr_push_fn(const char *function, unsigned int line, } /* 'normal' push into size-specified buffer */ - return push_string_fn(function, line, base_ptr, smb_flags2, dest, src, - dest_len, flags); + return push_string_base(function, line, base_ptr, smb_flags2, dest, src, + dest_len, flags); } /******************************************************************* |