Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
(This used to be commit 4aaf8b6a8bc521e738840fe72708add251eaaccb)
|
|
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
|
|
kludge. It is a safe kludge with our current code but I would like to
revisit it at some point in the future.
The problem with the one I committed yesterday is it used non-portable
functions. (it also had a bug in it, but that's another matter)
This one works by just using vsprintf() into a 8k buffer and a memcpy
from there. No memory protection tricks or other non-portable
stuff. This is safe because all calls to slprintf() in samba use
strings which have been through a pstrcpy and thus are less than 1024
bytes. No call uses more than 2 of these strings. See what I mean by
kludge? Note that the 8k is way overkill but I like overkill :)
Someday (after autoconf) we will replace this with something better,
but meanwhile this is simple, secure and portable.
(This used to be commit 4cfcc398c35c6726f14f485ae8e9ebcef180392f)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|