From 5573a9ed661b5b07f52e90516edb3fbe210c9c87 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 14 Apr 2004 22:35:28 +0000
Subject: r225: Patch from Pat.Hayward@propero.net to make the session_users
 list dynamic. I restricted it to 128k max to prevent DOS attacks. Jeremy.
 (This used to be commit 70fb2a196d83c4bde11d27608da27f956f3f19b8)

---
 source3/smbd/password.c | 36 ++++++++++++++++++++++++++++--------
 source3/smbd/trans2.c   |  2 +-
 2 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index ef5d0a97ac..d15970cbef 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -21,7 +21,8 @@
 #include "includes.h"
 
 /* users from session setup */
-static pstring session_users="";
+static char *session_userlist = NULL;
+static int len_session_userlist = 0;
 
 /* this holds info on user ids that are already validated for this VC */
 static user_struct *validated_users;
@@ -295,14 +296,33 @@ void add_session_user(const char *user)
 
 	fstrcpy(suser,passwd->pw_name);
 
-	if (suser && *suser && !in_list(suser,session_users,False)) {
-		if (strlen(suser) + strlen(session_users) + 2 >= sizeof(pstring)) {
-			DEBUG(1,("Too many session users??\n"));
-		} else {
-			pstrcat(session_users," ");
-			pstrcat(session_users,suser);
+	if(!*suser)
+		return;
+
+	if( session_userlist && in_list(suser,session_userlist,False) )
+		return;
+
+	if( !session_userlist || (strlen(suser) + strlen(session_userlist) + 2 >= len_session_userlist) ) {
+		char *newlist;
+
+		if (len_session_userlist > 128 * PSTRING_LEN) {
+			DEBUG(3,("add_session_user: session userlist already too large.\n"));
+			return;
+		}
+		newlist = Realloc( session_userlist, len_session_userlist + PSTRING_LEN );
+		if( newlist == NULL ) {
+			DEBUG(1,("Unable to resize session_userlist\n"));
+			return;
 		}
+		if (!session_userlist) {
+			*newlist = '\0';
+		}
+		session_userlist = newlist;
+		len_session_userlist += PSTRING_LEN;
 	}
+
+	safe_strcat(session_userlist," ",len_session_userlist-1);
+	safe_strcat(session_userlist,suser,len_session_userlist-1);
 }
 
 /****************************************************************************
@@ -468,7 +488,7 @@ BOOL authorise_login(int snum, fstring user, DATA_BLOB password,
 	/* now check the list of session users */
 	if (!ok) {
 		char *auser;
-		char *user_list = strdup(session_users);
+		char *user_list = strdup(session_userlist);
 		if (!user_list)
 			return(False);
 		
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 16c2d83aa2..1d07e7851d 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -1239,7 +1239,7 @@ static BOOL get_lanman2_dir_entry(connection_struct *conn,
 			SOFF_T(p,0,get_allocation_size(NULL,&sbuf)); /* Number of bytes used on disk - 64 Bit */
 			p+= 8;
 
-			put_long_date(p,sbuf.st_ctime);       /* Creation Time 64 Bit */
+			put_long_date(p,sbuf.st_ctime);       /* Inode change Time 64 Bit */
 			put_long_date(p+8,sbuf.st_atime);     /* Last access time 64 Bit */
 			put_long_date(p+16,sbuf.st_mtime);    /* Last modification time 64 Bit */
 			p+= 24;
-- 
cgit