summaryrefslogtreecommitdiff
path: root/source3/lib/slprintf.c
AgeCommit message (Collapse)AuthorFilesLines
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison1-1/+1
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-12a new slprintf() function. This one is totally portable but a bit of aAndrew Tridgell1-27/+41
kludge. It is a safe kludge with our current code but I would like to revisit it at some point in the future. The problem with the one I committed yesterday is it used non-portable functions. (it also had a bug in it, but that's another matter) This one works by just using vsprintf() into a 8k buffer and a memcpy from there. No memory protection tricks or other non-portable stuff. This is safe because all calls to slprintf() in samba use strings which have been through a pstrcpy and thus are less than 1024 bytes. No call uses more than 2 of these strings. See what I mean by kludge? Note that the 8k is way overkill but I like overkill :) Someday (after autoconf) we will replace this with something better, but meanwhile this is simple, secure and portable. (This used to be commit 4cfcc398c35c6726f14f485ae8e9ebcef180392f)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-0/+8
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-0/+88
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)