| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
kludge. It is a safe kludge with our current code but I would like to
revisit it at some point in the future.
The problem with the one I committed yesterday is it used non-portable
functions. (it also had a bug in it, but that's another matter)
This one works by just using vsprintf() into a 8k buffer and a memcpy
from there. No memory protection tricks or other non-portable
stuff. This is safe because all calls to slprintf() in samba use
strings which have been through a pstrcpy and thus are less than 1024
bytes. No call uses more than 2 of these strings. See what I mean by
kludge? Note that the 8k is way overkill but I like overkill :)
Someday (after autoconf) we will replace this with something better,
but meanwhile this is simple, secure and portable.
(This used to be commit 4cfcc398c35c6726f14f485ae8e9ebcef180392f)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
