summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h11
-rw-r--r--source3/include/safe_string.h22
-rw-r--r--source3/lib/charcnv.c48
-rw-r--r--source3/libsmb/clistr.c24
-rw-r--r--source3/libsmb/ntlmssp_parse.c14
-rw-r--r--source3/libsmb/smbencrypt.c6
-rw-r--r--source3/nmbd/nmbd_sendannounce.c10
-rw-r--r--source3/smbd/srvstr.c4
8 files changed, 86 insertions, 53 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index cc442422e8..5a168380a7 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -391,10 +391,13 @@ bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src,
size_t *converted_size);
bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
size_t *converted_size);
-size_t push_string_fn(const char *function, unsigned int line,
- const void *base_ptr, uint16 flags2,
- void *dest, const char *src,
- size_t dest_len, int flags);
+size_t push_string_check_fn(const char *function, unsigned int line,
+ void *dest, const char *src,
+ size_t dest_len, int flags);
+size_t push_string_base(const char *function, unsigned int line,
+ const char *base, uint16 flags2,
+ void *dest, const char *src,
+ size_t dest_len, int flags);
size_t pull_string_fn(const char *function,
unsigned int line,
const void *base_ptr,
diff --git a/source3/include/safe_string.h b/source3/include/safe_string.h
index a7230964c9..43e43416d8 100644
--- a/source3/include/safe_string.h
+++ b/source3/include/safe_string.h
@@ -130,13 +130,9 @@ size_t __unsafe_string_function_usage_here_char__(void);
safe_strcat_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
dest,src,maxlength)
-#define push_string(base_ptr, dest, src, dest_len, flags) \
- push_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
- base_ptr, 0, dest, src, dest_len, flags)
-
-#define pull_string(base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \
- pull_string_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
- base_ptr, smb_flags2, dest, src, dest_len, src_len, flags)
+#define push_string_check(dest, src, dest_len, flags) \
+ push_string_check_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
+ dest, src, dest_len, flags)
#define pull_string_talloc(ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \
pull_string_talloc_fn2(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, \
@@ -182,15 +178,10 @@ size_t __unsafe_string_function_usage_here_char__(void);
? __unsafe_string_function_usage_here__() \
: safe_strcat_fn(fn_name, fn_line, (d), (s), (max_len)))
-#define push_string_fn2(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags) \
- (CHECK_STRING_SIZE(dest, dest_len) \
- ? __unsafe_string_function_usage_here_size_t__() \
- : push_string_fn(fn_name, fn_line, base_ptr, flags2, dest, src, dest_len, flags))
-
-#define pull_string_fn2(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags) \
+#define push_string_check_fn2(fn_name, fn_line, dest, src, dest_len, flags) \
(CHECK_STRING_SIZE(dest, dest_len) \
? __unsafe_string_function_usage_here_size_t__() \
- : pull_string_fn(fn_name, fn_line, base_ptr, smb_flags2, dest, src, dest_len, src_len, flags))
+ : push_string_check_fn(fn_name, fn_line, dest, src, dest_len, flags))
#define pull_string_talloc_fn2(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags) \
pull_string_talloc_fn(fn_name, fn_line, ctx, base_ptr, smb_flags2, dest, src, src_len, flags)
@@ -214,8 +205,7 @@ size_t __unsafe_string_function_usage_here_char__(void);
#define safe_strcpy_fn2 safe_strcpy_fn
#define safe_strcat_fn2 safe_strcat_fn
-#define push_string_fn2 push_string_fn
-#define pull_string_fn2 pull_string_fn
+#define push_string_check_fn2 push_string_check_fn
#define pull_string_talloc_fn2 pull_string_talloc_fn
#define clistr_push_fn2 clistr_push_fn
#define clistr_pull_fn2 clistr_pull_fn
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 03b32c13d4..0c0d654e99 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -1766,6 +1766,44 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
/**
Copy a string from a char* src to a unicode or ascii
dos codepage destination choosing unicode or ascii based on the
+ flags supplied
+ Return the number of bytes occupied by the string in the destination.
+ flags can have:
+ STR_TERMINATE means include the null termination.
+ STR_UPPER means uppercase in the destination.
+ STR_ASCII use ascii even with unicode packet.
+ STR_NOALIGN means don't do alignment.
+ dest_len is the maximum length allowed in the destination. If dest_len
+ is -1 then no maxiumum is used.
+**/
+
+size_t push_string_check_fn(const char *function, unsigned int line,
+ void *dest, const char *src,
+ size_t dest_len, int flags)
+{
+#ifdef DEVELOPER
+ /* We really need to zero fill here, not clobber
+ * region, as we want to ensure that valgrind thinks
+ * all of the outgoing buffer has been written to
+ * so a send() or write() won't trap an error.
+ * JRA.
+ */
+#if 0
+ clobber_region(function, line, dest, dest_len);
+#else
+ memset(dest, '\0', dest_len);
+#endif
+#endif
+
+ if (!(flags & STR_ASCII) && (flags & STR_UNICODE)) {
+ return push_ucs2(NULL, dest, src, dest_len, flags);
+ }
+ return push_ascii(dest, src, dest_len, flags);
+}
+
+/**
+ Copy a string from a char* src to a unicode or ascii
+ dos codepage destination choosing unicode or ascii based on the
flags in the SMB buffer starting at base_ptr.
Return the number of bytes occupied by the string in the destination.
flags can have:
@@ -1777,10 +1815,10 @@ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
is -1 then no maxiumum is used.
**/
-size_t push_string_fn(const char *function, unsigned int line,
- const void *base_ptr, uint16 flags2,
- void *dest, const char *src,
- size_t dest_len, int flags)
+size_t push_string_base(const char *function, unsigned int line,
+ const char *base, uint16 flags2,
+ void *dest, const char *src,
+ size_t dest_len, int flags)
{
#ifdef DEVELOPER
/* We really need to zero fill here, not clobber
@@ -1799,7 +1837,7 @@ size_t push_string_fn(const char *function, unsigned int line,
if (!(flags & STR_ASCII) && \
((flags & STR_UNICODE || \
(flags2 & FLAGS2_UNICODE_STRINGS)))) {
- return push_ucs2(base_ptr, dest, src, dest_len, flags);
+ return push_ucs2(base, dest, src, dest_len, flags);
}
return push_ascii(dest, src, dest_len, flags);
}
diff --git a/source3/libsmb/clistr.c b/source3/libsmb/clistr.c
index 8685781404..1f296ebd09 100644
--- a/source3/libsmb/clistr.c
+++ b/source3/libsmb/clistr.c
@@ -32,21 +32,23 @@ size_t clistr_push_fn(const char *function,
if (dest_len == -1) {
if (((ptrdiff_t)dest < (ptrdiff_t)cli->outbuf) || (buf_used > cli->bufsize)) {
DEBUG(0, ("Pushing string of 'unlimited' length into non-SMB buffer!\n"));
- return push_string_fn(function, line,
- cli->outbuf,
- SVAL(cli->outbuf, smb_flg2),
- dest, src, -1, flags);
+ return push_string_base(function, line,
+ cli->outbuf,
+ SVAL(cli->outbuf, smb_flg2),
+ dest, src, -1, flags);
}
- return push_string_fn(function, line, cli->outbuf,
- SVAL(cli->outbuf, smb_flg2),
- dest, src, cli->bufsize - buf_used,
- flags);
+ return push_string_base(function, line,
+ cli->outbuf,
+ SVAL(cli->outbuf, smb_flg2),
+ dest, src, cli->bufsize - buf_used,
+ flags);
}
/* 'normal' push into size-specified buffer */
- return push_string_fn(function, line, cli->outbuf,
- SVAL(cli->outbuf, smb_flg2),
- dest, src, dest_len, flags);
+ return push_string_base(function, line,
+ cli->outbuf,
+ SVAL(cli->outbuf, smb_flg2),
+ dest, src, dest_len, flags);
}
size_t clistr_pull_fn(const char *function,
diff --git a/source3/libsmb/ntlmssp_parse.c b/source3/libsmb/ntlmssp_parse.c
index 70377cba7d..98c50596be 100644
--- a/source3/libsmb/ntlmssp_parse.c
+++ b/source3/libsmb/ntlmssp_parse.c
@@ -106,8 +106,8 @@ bool msrpc_gen(DATA_BLOB *blob,
SSVAL(blob->data, head_ofs, n*2); head_ofs += 2;
SSVAL(blob->data, head_ofs, n*2); head_ofs += 2;
SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4;
- push_string(NULL, blob->data+data_ofs,
- s, n*2, STR_UNICODE|STR_NOALIGN);
+ push_string_check(blob->data+data_ofs,
+ s, n*2, STR_UNICODE|STR_NOALIGN);
data_ofs += n*2;
break;
case 'A':
@@ -116,8 +116,8 @@ bool msrpc_gen(DATA_BLOB *blob,
SSVAL(blob->data, head_ofs, n); head_ofs += 2;
SSVAL(blob->data, head_ofs, n); head_ofs += 2;
SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4;
- push_string(NULL, blob->data+data_ofs,
- s, n, STR_ASCII|STR_NOALIGN);
+ push_string_check(blob->data+data_ofs,
+ s, n, STR_ASCII|STR_NOALIGN);
data_ofs += n;
break;
case 'a':
@@ -127,7 +127,7 @@ bool msrpc_gen(DATA_BLOB *blob,
n = str_charnum(s);
SSVAL(blob->data, data_ofs, n*2); data_ofs += 2;
if (0 < n) {
- push_string(NULL, blob->data+data_ofs, s, n*2,
+ push_string_check(blob->data+data_ofs, s, n*2,
STR_UNICODE|STR_NOALIGN);
}
data_ofs += n*2;
@@ -156,8 +156,8 @@ bool msrpc_gen(DATA_BLOB *blob,
case 'C':
s = va_arg(ap, char *);
n = str_charnum(s) + 1;
- head_ofs += push_string(NULL, blob->data+head_ofs, s, n,
- STR_ASCII|STR_TERMINATE);
+ head_ofs += push_string_check(blob->data+head_ofs, s, n,
+ STR_ASCII|STR_TERMINATE);
break;
}
}
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index ee162b1b2d..a76be3cc1a 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -499,9 +499,9 @@ bool encode_pw_buffer(uint8 buffer[516], const char *password, int string_flags)
/* the incoming buffer can be any alignment. */
string_flags |= STR_NOALIGN;
- new_pw_len = push_string(NULL, new_pw,
- password,
- sizeof(new_pw), string_flags);
+ new_pw_len = push_string_check(new_pw,
+ password,
+ sizeof(new_pw), string_flags);
memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
diff --git a/source3/nmbd/nmbd_sendannounce.c b/source3/nmbd/nmbd_sendannounce.c
index d5a7ba58fd..8eb1da7d38 100644
--- a/source3/nmbd/nmbd_sendannounce.c
+++ b/source3/nmbd/nmbd_sendannounce.c
@@ -74,7 +74,7 @@ to subnet %s\n", work->work_group, subrec->subnet_name));
SCVAL(p,0,work->token); /* (local) Unique workgroup token id. */
p++;
- p += push_string(NULL, p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
+ p += push_string_check(p+1, global_myname(), 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
send_mailslot(False, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf),
global_myname(), 0x0, work->work_group,0x1e, subrec->bcast_ip,
@@ -105,7 +105,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type,
safe_strcpy(upper_server_name, server_name, sizeof(upper_server_name)-1);
strupper_m(upper_server_name);
- push_string(NULL, p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE);
+ push_string_check(p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE);
SCVAL(p,21,lp_major_announce_version()); /* Major version. */
SCVAL(p,22,lp_minor_announce_version()); /* Minor version. */
@@ -115,7 +115,7 @@ static void send_announcement(struct subnet_record *subrec, int announce_type,
SSVAL(p,27,BROWSER_ELECTION_VERSION);
SSVAL(p,29,BROWSER_CONSTANT); /* Browse signature. */
- p += 31 + push_string(NULL, p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE);
+ p += 31 + push_string_check(p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE);
send_mailslot(False,BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
@@ -143,8 +143,8 @@ static void send_lm_announcement(struct subnet_record *subrec, int announce_type
SSVAL(p,8,announce_interval); /* In seconds - according to spec. */
p += 10;
- p += push_string(NULL, p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
- p += push_string(NULL, p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE);
+ p += push_string_check(p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
+ p += push_string_check(p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE);
send_mailslot(False,LANMAN_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
diff --git a/source3/smbd/srvstr.c b/source3/smbd/srvstr.c
index 62b0fe1617..d3f341138c 100644
--- a/source3/smbd/srvstr.c
+++ b/source3/smbd/srvstr.c
@@ -32,8 +32,8 @@ size_t srvstr_push_fn(const char *function, unsigned int line,
}
/* 'normal' push into size-specified buffer */
- return push_string_fn(function, line, base_ptr, smb_flags2, dest, src,
- dest_len, flags);
+ return push_string_base(function, line, base_ptr, smb_flags2, dest, src,
+ dest_len, flags);
}
/*******************************************************************