Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit e051789ac6cc05f8a643ea81e887d3b969cf3a27)
|
|
Jeremy.
(This used to be commit e8155fade61e9dc308a82f442453803160c36806)
|
|
Jeremy.
(This used to be commit fb925a72a6323d96d8fae658c4271ca05e8256de)
|
|
(This used to be commit b6272a8f18c823be3056d9f03810be75e9129cce)
|
|
First of all, do a char-by-char walk through both buffers until we get
to a non-ascii character, or a difference between the strings. This
prefix can be directly compared without needing to call into iconv.
This should be much faster for strings that are either all ascii, or
differ near the start.
(This used to be commit f7f692b2db4dd513068d6d8fed2792186933ddda)
|
|
(This used to be commit 2c17cb1bd27658ac7a72cb9eccb4b048e9d0ec5f)
|
|
grows too much larger.
(This used to be commit 4bbddbfc6a97ebb11e299aa7bd07ebebeab42c65)
|
|
(This used to be commit 195582c4cb7906ab95e47f5a2aea4ae86a7ab023)
|
|
(This used to be commit 8d64419625dda242fdb7a5d956644b052b43a2ea)
|
|
(This used to be commit 5ac062580690eee9b4bd423dbb82631c0cdb8b30)
|
|
Add bin/t_stringoverflow test case. Not built by default.
(This used to be commit 7741bb8d18e7ba16522c00513174f2909d75535d)
|
|
trapped at runtime, which is great. So we have to try a little harder
to provoke an overflow -- which is still caught nicely in developer
mode.
(This used to be commit cea126f62ad411f5efbebc7c5d39297fd8ef9efb)
|
|
requests, without needing --client-perms=yes.
(This used to be commit 412a8780c35ee9449c9682e3ef73afb2c4933285)
|
|
(This used to be commit 8da383bb3e63d25ceb0204c775580f2f1b3336ec)
|
|
clobbering the region, just in case clobbering causes us to crash
immediately. (That might happen if we just shot ourselves in the
stack and strcpy was not inlined.)
Also, in DEVELOPER mode and when Valgrind is available, mark the
clobbered region as uninitialized. This is an even stronger
protection than clobbering with 0xf1.
(This used to be commit 5653a42ae695f4b8f4c14d3184ca76523d38b51b)
|
|
(This used to be commit e1baab1ee04b27447445351d0d88b0c02a5fa85d)
|
|
when auth_smbd functionality merged to HEAD.
(This used to be commit 2b6d13672dc1e4a46fc2600e729c22d0ee7e534b)
|
|
before this can be fully implemented. )-:
(This used to be commit a040a8471f884cb295100f841594d86ddf754bb6)
|
|
(This used to be commit a7f9c3657ff052e382e290059f50f1d9812b8221)
|
|
Volker
(This used to be commit e8975d6e7bdcceb78a83a3446cf1430e1e3f1a72)
|
|
Andrew Bartlett
(This used to be commit 21add5f97d0d112094e34a02e6319991a1d2af4d)
|
|
Andrew Bartlett
(This used to be commit 32eb2cdca62a784d96207507e273bbbf77b0c6c3)
|
|
Andrew Bartlett
(This used to be commit fc1408d5d1a8b64dfd20268ab6f4a5f2a007614b)
|
|
(This used to be commit 02f81719c7c179b61663bdf789c01ab62286fea2)
|
|
Andrew Bartlett
(This used to be commit 0e8dd52f6973ac5219e2c2dd53824de71f512083)
|
|
support it.
(This used to be commit ac3df9a8051bd105e8e4192d36b3024fdf9f9506)
|
|
(This used to be commit b20a357ac534b513383ad20046a99bb7f39bba25)
|
|
Andrew Bartlett
(This used to be commit a12e8524997e329a4f4cd766d6371e384698795a)
|
|
(This used to be commit 39124b9a62e1ba0f8089c36b27d6c79352a27973)
|
|
Andrew Bartlett
(This used to be commit 3fd07bd25eefdb2a7a6891fa1169ab2425607249)
|
|
Andrew Bartlett
(This used to be commit a0208a4f74f9c61eb1e346d9cb62dbe00ef4c24a)
|
|
in the function prototype, and change callers to respect this.
Andrew Bartlett
(This used to be commit 9f3d3c380120f16d76d68f346799282d61eec892)
|
|
(This used to be commit 5371720971bc60a4cfba0460614306f322aa10b8)
|
|
- Consequential changes from that
- mark our fstring/pstring assumptions in function prototypes
Andrew Bartlett
(This used to be commit fe2bc64bc439b27387b8f326b0f4f3bfcc3d04a1)
|
|
Andrew Bartlett
(This used to be commit 4e96585b60512905776c2c6692c76d45241f089d)
|
|
going on.
In particular, add doxygen documentation.
Andrew Bartlett
(This used to be commit 7ff77ab46c63eca3b6edf18f39024eadb83a1a90)
|
|
Make a new macro to help in this situation, and add memcpy() parinoia
Andrew Bartlett
(This used to be commit 4d00626b6e003952df6715fa80615ec028facdf4)
|
|
have some of the labels 'duplicated' (ie, the defines double-up).
Also, to an ads_connect() to try and find our KDC. (So we don't segfualt
*every* time)
Andrew Bartlett
(This used to be commit 56dce7ddad118051c93c62507234efca3920bc9b)
|
|
and we were missing the 'char' type.
Andrew Bartlett
(This used to be commit 193e80fafbda9e3af58fec1e629ec607f29b4099)
|
|
that we don't need this flag - heimdal's internal password change routines
don't set it.
Andrew Bartlett
(This used to be commit 069825bd78f2bf125e8a4e72933da924d393f5a5)
|
|
(This used to be commit 97daece056516e52e56bf5a749676e7c53e087e3)
|
|
(This used to be commit a55acfd7a296c5ae9b043dc03393a29d87e43a40)
|
|
Andrew Bartlett
(This used to be commit 94424c5d72246b2e58f3a21aa0de6949d7eb2da1)
|
|
Andrew Bartlett
(This used to be commit 618bda3a28f65417e3c31a70229f6da70cf223fc)
|
|
- signed/unsigned
- quieten warning about assignment as truth value
- whitespace
Andrew Bartlett
(This used to be commit a13ce0df4b4a776fa635a1fb804dd00d195f58d0)
|
|
Andrew Bartlett
(This used to be commit 67a0319d268dfc0e2154d3ab0f8bf866e3cbb6db)
|
|
Fix an inconpatible poitner type that caused the IA64 not to build
Andrew Bartlett
(This used to be commit 37436b0aae108fceace3049d3868510e1ba592ac)
|
|
(This used to be commit f6bcfa59447700e0ccfc069d0228019a9bdca9d2)
|
|
This patch enables the compile-time checking of strings assable by means of
sizeof(). (Original code had the configure check reversed).
This is extended to all safe_strcpy() users, push_string and pull_string,
as well as the cli and srv derivitives. There is an attempt to cap strings
at the end of the cli buffer, and clobber_region() of the speified length
(when not -1 :-).
Becouse of the way they are declared, the 'overmalloc a string' users of
safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips
some of the checks).
This whole ball of mud worked fine, until I pulled out my 'fix' for our
statcache. When jeremy fixes that, we should be able to get back to testing
this stuff.
This patch also includes a 'marker' of the last caller to clobber_region (ie,
the function that called pstrcpy() that called clobber_region) to assist in
debugging problems that may have smashed the stack. This is printed at
smb_panic() time. (Original idea and patch by metze).
It also removes some unsused functions, and #if 0's some others that are
unused but probably should be used in the near future.
For now, this patch gives us some confidence on one class of trivial parsing
error in our code.
Andrew Bartlett
(This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4)
|
|
(This used to be commit 9af30c9aae3623c4db1edca39a91973f0279acb4)
|