summaryrefslogtreecommitdiff
path: root/source3/web/cgi.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-1/+1
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter1-3/+3
macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-5/+5
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r8219: Merge the new open code from HEAD to 3.0. Haven't yet run the tortureJeremy Allison1-0/+4
tests on this as it's very late NY time (just wanted to get this work into the tree). I'll test this over the weekend.... Jerry - in looking at the difference between the two trees there seem to be some printing/ntprinting.c and registry changes we might want to examine to try keep in sync. Jeremy. (This used to be commit c7fe18761e2c753afbffd3a78abff46472a9b8eb)
2007-10-10r4577: Fix from William Jojo <jojowil@hvcc.edu> for AIX 5.3 compile.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 80e7c6c312eb0bdb93fe381e7ce3a24a21dd9cf0)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-10/+10
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid ofTim Potter1-1/+1
'..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2007-10-10r2771: Second (and last) part of Swat-i18n-Patch from Björn JackeGünther Deschner1-6/+6
<bjacke@sernet.de> "Do not use display charset for swat output. In HTML we do not care about the "locale charmap" because HTML code is UTF-8 only now. Additionally take care that we convert files from statuspage from unix charset to UTF-8. Thus we have correct HTML output under all circumstances. We now also convert the share names correctly from unix encoding to web encoding and vice vera. " Guenther (This used to be commit 6d9f77c2bb95db4939b8ef375e22b188168b70ab)
2007-10-10r1833: patch from James Peach to get swat to look for index.html by default ↵Gerald Carter1-4/+24
when given a trailing directory/ (This used to be commit 980740da784ce00ad1b388872297b82d4d368044)
2004-03-11Restore the contract on all convert_stringXX() interfaces. Add a ↵Jeremy Allison1-4/+4
"allow_bad_conv" boolean parameter that allows broken iconv conversions to work. Gets rid of the nasty errno checks in mangle_hash2 and check_path_syntax and allows correct return code checking. Jeremy. (This used to be commit 7b96765c23637613f079d37566d95d5edd511f05)
2004-02-08Make more functions static, and remove duplication in the use of functionsAndrew Bartlett1-1/+1
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c (These should perhaps be pulled back out to smbpasswd.c, but that can occour later). Andrew Bartlett (This used to be commit fcdc5efb1e245c8fa95cd031f67ec56093b9056e)
2003-12-25Fix bug 916 - do not perform a + -> space substitution for squid URL encodedAndrew Bartlett1-0/+18
strings, only form input in SWAT. Andrew Bartlett (This used to be commit 8d54f5fe0c5689660f37788916b37014754ce23e)
2003-11-22include WWW-Authenticate field in 401 response for bad auth attempt; bug 629Gerald Carter1-1/+2
(This used to be commit 879d0f15ea260d61c56c5b841065ecb2f5ec26ca)
2003-11-07Simple rename of get_socket_addr to get_peer_addr and get_socket_name toVolker Lendecke1-2/+2
get_peer_name. This is to get closer to the getsockname/getpeername system functions. Next step will be the %i macro for the local IP address. I still want to play %L-games in times of port 445. Volker (This used to be commit d7162122eaf5d897e5de51604e431bfbaa20e905)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-11/+11
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit d7e35dfb9283d560d0ed2ab231f36ed92767dace)
2003-10-21call initgroups before becomming the user; patch from Fabio CecchiGerald Carter1-0/+3
(This used to be commit 5a8dbccd66911642fabb6b8b38fff4477b76c3a1)
2003-02-28Fix HTTP error codes (patch by Vance Lankhaar)Jelmer Vernooij1-3/+3
(This used to be commit e660b0b8d034c6cb9771601c64b952380d136ca1)
2003-02-18base64_decode() with heimdal libs, so I've renamed it base64_decode_inplace().Jim McDonough1-1/+1
(This used to be commit d510ff85fb0dafddf3dea9412a09eeee6e70f0cb)
2003-02-01Merge from HEAD - convert username/password to unix before checking them inAndrew Bartlett1-4/+11
SWAT. (This used to be commit 8485c51bc47f45a6263bda83a0bc3ba15abcd250)
2003-01-28Merge from HEAD:Andrew Bartlett1-31/+0
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor. - also consequential changes to the NTLMSSP and SPNEGO parsing functions - and the client code that uses the same functions - Add ntlm_auth, a NTLMSSP authentication interface for use by applications like Squid and Apache. - also consquential changes to use common code for base64 encode/decode. - Winbind changes to support ntlm_auth (I don't want this program to need to read smb.conf, instead getting all it's details over the pipe). - nmbd changes for fstrcat() instead of fstrcpy(). Andrew Bartlett (This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
2003-01-15*lots of small merges form HEADGerald Carter1-41/+4
*sync up configure.in *don't build torture tools in make all *make sure to remove torture tools as part of make clean (This used to be commit 0fb724b3216eeeb97e61ff12755ca3a31bcad6ef)
2003-01-03Merge from HEAD - make Samba compile with -Wwrite-strings without additionalAndrew Bartlett1-9/+9
warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2002-10-26Try to catch up on the code I've put into HEAD that should be in 3.0:Andrew Bartlett1-1/+1
- vorlan's hosts allow with DNS names patch - use x_fileno() in debug.c, not the struct directly. - check for server timeout on password change (was reporting success) - better error/status loggin in both the pam_winbind client and winbindd_pam server code. - (pdb_ldap) don't set the ldap version twice - we do it on every bind anyway. (This used to be commit 9fa1863d8e7788eda83911ca2610754486b33069)
2002-10-09Use memmove when copies can overlap. Spotted by SUGIOKA Toshinobu ↵Jeremy Allison1-1/+1
<sugioka@itonet.co.jp>. Jeremy. (This used to be commit 0ab08186f419a09e15f1ab7db621d429b1a3f994)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-1/+1
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-01-21getpwnam -> getpwnam_allocAndrew Bartlett1-1/+2
(This used to be commit f8208458b3ac05743932d96e4d0a919adc0d9e55)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-1/+3
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2001-11-19Fix const warning. Doxyfy comment.Martin Pool1-5/+8
(This used to be commit 91e07a7fdc47b2baf42fc06e77d1e1d883111668)
2001-10-14the next step in the intl changeover. This should get us compiling agian,Andrew Tridgell1-22/+17
and also completes the switch to lang_tdb.c. SWAT should now work with a po file in the lib/ directory also removed useless SYSLOG defines in many files (This used to be commit 5296b20ad85d7519c870768455cb4d8df048c55a)
2001-09-25Fixup passdb stuff to add new nisplus and ldap backends.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 611bf806d569b70edabbc04a2f5408142370a550)
2001-09-24Added SWAT i18n feature:Motonobu Takahashi1-1/+19
TO enable configure with --with-i18n-swat to support this gettext is integrated and a new directories name "po" and "intl" are created. now these languages are supported: en - English (default) ja - Japanese po - Polish tr - Turkish To add your language, to create ${your_language}.po by translating source/po/en.po into your language is needed. some of html and image files of various language version are not included yet, though message catalogue files are installed. you need to copy files manually under ${swatdir}/lang/$ln/{help,images,included,using_samba} And also added a option to intall manual pages: of various lang version To enable configure with --with-manlangs but manual pages themself are not included yet. (This used to be commit 486b79a6fc4ba20a751aab544bd0f7ccff2b3d19)
2001-09-24fixed a silly off by 1 bugAndrew Tridgell1-2/+2
(This used to be commit e558ab6ac8930e3393291fe12289ad43175b8a1d)
2001-09-24fixed bug in POST var handlingAndrew Tridgell1-4/+2
(This used to be commit 73f10d3ef6de2dbcb23f93ef93eb9e7053ebf26b)
2001-09-24convert all POST variables from display to unix charsetAndrew Tridgell1-22/+28
(This used to be commit cd6478ad9890949d0ef34a7078ec5518debe4a3c)
2001-09-20Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire!Andrew Bartlett1-8/+5
Add the ability for swat to run in non-root-mode (ie non-root from inetd). - we still need some of the am_root() calls fixed however. (This used to be commit 2c2317c56ee13abdbdbc866363c3b52dab826e3c)
2001-09-19Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c byAndrew Bartlett1-47/+24
simply not doing Get_Pwnam() calls in pass_check.c We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter what it returns. We also no longer run the password cracker for these logins. The truly parinod will note the slight difference in call paths, in that we only call crypt for valid password structs (if not --with-pam). The truly parinoid don't run SWAT either, so I don't think this is an issue. Andrew Bartlett (This used to be commit 9020d884935243f28c19cedc88f076f0709e12cb)
2001-09-17move to SAFE_FREE()Simo Sorce1-1/+1
(This used to be commit 67db8f03c5c9e81e11b5f3276b50ee23e09a2659)
2001-09-10replaced stdio in many parts of samba with a XFILE. XFILE is a cut-downAndrew Tridgell1-3/+3
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor limit that we hit with nasty consequences on some systems I would eventually prefer us to have a configure test to see if we need to replace stdio, but for now this code needs to be tested widely so I'm enabling it by default. (This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
2001-08-12it was half committed last time,Simo Sorce1-2/+2
thanks to Hasch@t-online.de (Juergen Hasch) for spotting that. (This used to be commit a2a4d4e6286c2127b6f8e32fc97b96dabd7cdb40)
2001-08-08Change all realloc() statements to Realloc() (ecxept for tdb.c)Simo Sorce1-13/+13
changed some code to exploit the fact that Realloc(NULL, size) == malloc(size) fixed some possible mem leaks, or seg faults. thanks to andreas moroder (mallocs not checked in client/client.c, client/smbumount.c) (This used to be commit 7f33c01688b825ab2fa9bbb2730bff4f2fa352be)
2001-07-08This removes unused paramaters from various authtication functions, and shouldAndrew Bartlett1-2/+2
not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett (This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-12/+12
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-05-17- added ability for swat to run under CGI. This needsAndrew Tridgell1-1/+33
to be setup very carefully for it not to be a security hole - reran configure (This used to be commit cf4e439a1e0f3fadbe08c474e5b201827866d7f5)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-2/+1
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2000-11-06Fix to the "known/unknown user" difference patch from "Ron Alexander" ↵Jeremy Allison1-0/+1
<rcalex@home.com>. Jeremy. (This used to be commit 7a698c1f23ea8740755c544f631789848a360e42)
2000-11-01Remove CGI logging code. Make username/password lookups takeJeremy Allison1-29/+28
the same time. Jeremy. (This used to be commit 9698f746858f0f2b37ec6494fca990e958d97cb7)
2000-09-01Fix for swat to return correct MIME type for text files. From "RonTim Potter1-0/+2
Alexander" <rcalex@home.com> (This used to be commit 061e5e50523913a26bc86bd816c4e26a37a832c7)
2000-04-11finally got sick of the "extern int Client" code and the stupidAndrew Tridgell1-3/+3
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
2000-04-11two minor bugfixes for SCO UnixWare. The first is to catch SIGPIPE so that ↵Andrew Tridgell1-0/+1
putmsg() inside their send() doesn't kill swat and the scond is to open /dev/null to replace stdin after we close that (This used to be commit d35bbe56bc9e3e5896b2ebdf33ff6468a0432e1f)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-17/+4
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)