From 68be9a820059ee96dd26c527efd7c14e679d3f2c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 15 Nov 2007 14:19:52 -0800 Subject: More pstring removal. This one was tricky. I had to add one horror (pstring_clean_name()) which will have to remain until I've removed all pstrings from the client code. Jeremy. (This used to be commit 1ea3ac80146b83c2522b69e7747c823366a2b47d) --- source3/client/client.c | 16 +-- source3/client/clitar.c | 2 +- source3/client/smbctool.c | 11 +- source3/include/debug.h | 1 - source3/lib/afs.c | 18 ++- source3/lib/debug.c | 105 ++++++++++------ source3/lib/fault.c | 29 +++-- source3/lib/popt_common.c | 26 ++-- source3/lib/readline.c | 13 +- source3/lib/smbldap_util.c | 93 +++++++++----- source3/lib/sysquotas.c | 44 ++++--- source3/lib/util.c | 204 ++++++++++++++++-------------- source3/lib/util_file.c | 4 +- source3/lib/util_unistr.c | 52 ++++++-- source3/libsmb/clidfs.c | 8 +- source3/nmbd/nmbd.c | 2 + source3/param/loadparm.c | 2 +- source3/printing/nt_printing.c | 246 ++++++++++++++++++++++++++++--------- source3/rpc_server/srv_srvsvc_nt.c | 21 ++-- source3/rpc_server/srv_winreg_nt.c | 27 ++-- source3/smbd/server.c | 5 +- source3/utils/smbcacls.c | 3 +- source3/web/swat.c | 3 + source3/winbindd/winbindd.c | 4 +- 24 files changed, 623 insertions(+), 316 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index 94dc52d9d5..1c54b2d3f7 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -283,7 +283,7 @@ static int do_cd(char *newdir) } } - clean_name(cur_dir); + pstring_clean_name(cur_dir); pstrcpy( dname, cur_dir ); if ( !cli_resolve_path( "", cli, dname, &targetcli, targetpath ) ) { @@ -313,7 +313,7 @@ static int do_cd(char *newdir) } } else { pstrcat( targetpath, CLI_DIRSEP_STR ); - clean_name( targetpath ); + pstring_clean_name( targetpath ); if ( !cli_chkpath(targetcli, targetpath) ) { d_printf("cd %s: %s\n", dname, cli_errstr(targetcli)); @@ -953,7 +953,7 @@ static int cmd_get(void) return 1; } pstrcpy(lname,p); - clean_name(rname); + pstring_clean_name(rname); next_token_nr(NULL,lname,NULL,sizeof(lname)); @@ -1054,7 +1054,7 @@ static int cmd_more(void) unlink(lname); return 1; } - clean_name(rname); + pstring_clean_name(rname); rc = do_get(rname, lname, False); @@ -1393,7 +1393,7 @@ static int cmd_put(void) else pstrcat(rname,lname); - clean_name(rname); + pstring_clean_name(rname); { SMB_STRUCT_STAT st; @@ -2949,7 +2949,7 @@ static int cmd_reget(void) return 1; } pstrcpy(local_name, p); - clean_name(remote_name); + pstring_clean_name(remote_name); next_token_nr(NULL, local_name, NULL, sizeof(local_name)); @@ -2987,7 +2987,7 @@ static int cmd_reput(void) else pstrcat(remote_name, local_name); - clean_name(remote_name); + pstring_clean_name(remote_name); return do_put(remote_name, local_name, True); } @@ -3960,6 +3960,7 @@ static int do_message_op(void) POPT_COMMON_CREDENTIALS POPT_TABLEEND }; + TALLOC_CTX *frame = talloc_stackframe(); load_case_tables(); @@ -4205,5 +4206,6 @@ static int do_message_op(void) } talloc_destroy( ctx); + talloc_destroy(frame); return rc; } diff --git a/source3/client/clitar.c b/source3/client/clitar.c index 0c820177b0..4ce92c674d 100644 --- a/source3/client/clitar.c +++ b/source3/client/clitar.c @@ -651,7 +651,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) fnum = cli_open(cli, rname, O_RDONLY, DENY_NONE); - clean_name(rname); + pstring_clean_name(rname); if (fnum == -1) { DEBUG(0,("%s opening remote file %s (%s)\n", diff --git a/source3/client/smbctool.c b/source3/client/smbctool.c index e7ac80222c..b563a33f66 100644 --- a/source3/client/smbctool.c +++ b/source3/client/smbctool.c @@ -367,7 +367,7 @@ static int do_cd(char *newdir) all_string_sub(cur_dir, "/./", "/", 0); /* Format the directory in a libmsmbclient friendly way */ - clean_name(cur_dir); + pstring_clean_name(cur_dir); all_string_sub(cur_dir, "/./", "/", 0); pstrcpy(targetpath, "smb:"); pstrcat(targetpath, service); @@ -1129,7 +1129,7 @@ static int cmd_more(void) unlink(lname); return 1; } - clean_name(rname); + pstring_clean_name(rname); rc = do_get(rname, lname, False); @@ -2677,7 +2677,7 @@ static int cmd_reget(void) return 1; } pstrcpy(local_name, p); - clean_name(remote_name); + pstring_clean_name(remote_name); next_token_nr(NULL, local_name, NULL, sizeof(local_name)); @@ -2715,7 +2715,7 @@ static int cmd_reput(void) else pstrcat(remote_name, local_name); - clean_name(remote_name); + pstring_clean_name(remote_name); return do_put(remote_name, local_name, True); } @@ -3549,7 +3549,7 @@ static int do_message_op(void) POPT_COMMON_CREDENTIALS POPT_TABLEEND }; - + TALLOC_CTX *frame = talloc_stackframe(); #ifdef KANJI pstrcpy(term_code, KANJI); @@ -3766,5 +3766,6 @@ static int do_message_op(void) return 1; } + TALLOC_FREE(frame); return rc; } diff --git a/source3/include/debug.h b/source3/include/debug.h index 51850925e8..46e5620cc7 100644 --- a/source3/include/debug.h +++ b/source3/include/debug.h @@ -49,7 +49,6 @@ bool dbghdr( int level, int cls, const char *file, const char *func, int line ); #endif extern XFILE *dbf; -extern pstring debugf; /* If we have these macros, we can add additional info to the header. */ diff --git a/source3/lib/afs.c b/source3/lib/afs.c index 35f213fd08..dadd83d513 100644 --- a/source3/lib/afs.c +++ b/source3/lib/afs.c @@ -213,10 +213,10 @@ bool afs_login(connection_struct *conn) extern userdom_struct current_user_info; extern struct current_user current_user; DATA_BLOB ticket; - pstring afs_username; - char *cell; + char *afs_username = NULL; + char *cell = NULL; bool result; - char *ticket_str; + char *ticket_str = NULL; const DOM_SID *user_sid; struct ClearToken ct; @@ -229,7 +229,13 @@ bool afs_login(connection_struct *conn) afs_username, sizeof(afs_username)); user_sid = ¤t_user.nt_user_token->user_sids[0]; - pstring_sub(afs_username, "%s", sid_string_static(user_sid)); + afs_username = talloc_string_sub(talloc_tos(), + lp_afs_username_map(), + "%s", + sid_string_static(user_sid)); + if (!afs_username) { + return false; + } /* The pts command always generates completely lower-case user * names. */ @@ -240,13 +246,13 @@ bool afs_login(connection_struct *conn) if (cell == NULL) { DEBUG(1, ("AFS username doesn't contain a @, " "could not find cell\n")); - return False; + return false; } *cell = '\0'; cell += 1; - DEBUG(10, ("Trying to log into AFS for user %s@%s\n", + DEBUG(10, ("Trying to log into AFS for user %s@%s\n", afs_username, cell)); if (!afs_createtoken(afs_username, cell, &ticket, &ct)) diff --git a/source3/lib/debug.c b/source3/lib/debug.c index 72285277ec..49ec40ae84 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -29,7 +29,8 @@ * for a terminating null byte. */ -#define FORMAT_BUFR_MAX ( sizeof( format_bufr ) - 1 ) +#define FORMAT_BUFR_SIZE 1024 +#define FORMAT_BUFR_MAX (FORMAT_BUFR_SIZE - 1) /* -------------------------------------------------------------------------- ** * This module implements Samba's debugging utility. @@ -78,16 +79,16 @@ */ XFILE *dbf = NULL; -pstring debugf = ""; +static char *debugf = NULL; bool debug_warn_unknown_class = True; bool debug_auto_add_unknown_class = True; bool AllowDebugChange = True; -/* - used to check if the user specified a - logfile on the command line +/* + used to check if the user specified a + logfile on the command line */ -bool override_logfile; +bool override_logfile; /* @@ -137,7 +138,7 @@ static int debug_count = 0; #ifdef WITH_SYSLOG static int syslog_level = 0; #endif -static pstring format_bufr = { '\0' }; +static char *format_bufr = NULL; static size_t format_pos = 0; static bool log_overflow = False; @@ -536,6 +537,10 @@ void debug_init(void) for(p = default_classname_table; *p; p++) { debug_add_class(*p); } + format_bufr = SMB_MALLOC(FORMAT_BUFR_SIZE); + if (!format_bufr) { + smb_panic("debug_init: unable to create buffer"); + } } void debug_register_msgs(struct messaging_context *msg_ctx) @@ -583,6 +588,16 @@ void setup_logging(const char *pname, bool interactive) #endif } +/*************************************************************************** + Set the logfile name. +**************************************************************************/ + +void debug_set_logfile(const char *name) +{ + SAFE_FREE(debugf); + debugf = SMB_STRDUP(name); +} + /************************************************************************** reopen the log files note that we now do this unconditionally @@ -593,7 +608,7 @@ void setup_logging(const char *pname, bool interactive) bool reopen_logs( void ) { - pstring fname; + char *fname = NULL; mode_t oldumask; XFILE *new_dbf = NULL; XFILE *old_dbf = NULL; @@ -603,19 +618,27 @@ bool reopen_logs( void ) return True; oldumask = umask( 022 ); - - pstrcpy(fname, debugf ); - debugf[0] = '\0'; + + fname = debugf; + if (!fname) { + return false; + } + debugf = NULL; if (lp_loaded()) { char *logfname; logfname = lp_logfile(); - if (*logfname) - pstrcpy(fname, logfname); + if (*logfname) { + SAFE_FREE(fname); + fname = SMB_STRDUP(logfname); + if (!fname) { + return false; + } + } } - pstrcpy( debugf, fname ); + debugf = fname; new_dbf = x_fopen( debugf, O_WRONLY|O_APPEND|O_CREAT, 0644); if (!new_dbf) { @@ -702,15 +725,18 @@ void check_log_size( void ) if( sys_fstat( x_fileno( dbf ), &st ) == 0 && st.st_size > maxlog ) { (void)reopen_logs(); if( dbf && get_file_size( debugf ) > maxlog ) { - pstring name; + char *name = NULL; + + if (asprintf(&name, "%s.old", debugf ) < 0) { + return; + } + (void)rename(debugf, name); - slprintf( name, sizeof(name)-1, "%s.old", debugf ); - (void)rename( debugf, name ); - if (!reopen_logs()) { /* We failed to reopen a log - continue using the old name. */ (void)rename(name, debugf); } + SAFE_FREE(name); } } @@ -747,7 +773,7 @@ void check_log_size( void ) int Debug1( const char *format_str, ... ) { - va_list ap; + va_list ap; int old_errno = errno; debug_count++; @@ -762,8 +788,8 @@ void check_log_size( void ) } /* prevent recursion by checking if reopen_logs() has temporaily - set the debugf string to "" */ - if( debugf[0] == '\0') + set the debugf string to NULL */ + if( debugf == NULL) return( 0 ); #ifdef WITH_SYSLOG @@ -789,29 +815,31 @@ void check_log_size( void ) /* map debug levels to syslog() priorities * note that not all DEBUG(0, ...) calls are * necessarily errors */ - static int priority_map[] = { + static int priority_map[] = { LOG_ERR, /* 0 */ LOG_WARNING, /* 1 */ LOG_NOTICE, /* 2 */ LOG_INFO, /* 3 */ }; int priority; - pstring msgbuf; + char *msgbuf = NULL; if( syslog_level >= ( sizeof(priority_map) / sizeof(priority_map[0]) ) || syslog_level < 0) priority = LOG_DEBUG; else priority = priority_map[syslog_level]; - va_start( ap, format_str ); - vslprintf( msgbuf, sizeof(msgbuf)-1, format_str, ap ); - va_end( ap ); + va_start(ap, format_str); + vasprintf(&msgbuf, format_str, ap); + va_end(ap); - msgbuf[255] = '\0'; - syslog( priority, "%s", msgbuf ); + if (msgbuf) { + syslog(priority, "%s", msgbuf); + } + SAFE_FREE(msgbuf); } #endif - + check_log_size(); #ifdef WITH_SYSLOG @@ -1018,13 +1046,18 @@ bool dbghdr(int level, int cls, const char *file, const char *func, int line) bool dbgtext( const char *format_str, ... ) { va_list ap; - pstring msgbuf; - - va_start( ap, format_str ); - vslprintf( msgbuf, sizeof(msgbuf)-1, format_str, ap ); - va_end( ap ); + char *msgbuf = NULL; + bool ret = true; - format_debug_text( msgbuf ); + va_start(ap, format_str); + vasprintf(&msgbuf, format_str, ap); + va_end(ap); - return( True ); + if (msgbuf) { + format_debug_text(msgbuf); + } else { + ret = false; + } + SAFE_FREE(msgbuf); + return ret; } diff --git a/source3/lib/fault.c b/source3/lib/fault.c index 6ab1a07900..52c4ae63e5 100644 --- a/source3/lib/fault.c +++ b/source3/lib/fault.c @@ -24,7 +24,7 @@ #endif static void (*cont_fn)(void *); -static pstring corepath; +static char *corepath; /******************************************************************* report a fault @@ -93,11 +93,13 @@ make all the preparations to safely dump a core file void dump_core_setup(const char *progname) { - pstring logbase; - char * end; + char *logbase = NULL; + char *end = NULL; if (lp_logfile() && *lp_logfile()) { - snprintf(logbase, sizeof(logbase), "%s", lp_logfile()); + if (asprintf(&logbase, "%s", lp_logfile()) < 0) { + return; + } if ((end = strrchr_m(logbase, '/'))) { *end = '\0'; } @@ -106,21 +108,32 @@ void dump_core_setup(const char *progname) * line by the -l option but the "log file" option is not set * in smb.conf. */ - snprintf(logbase, sizeof(logbase), "%s", dyn_LOGFILEBASE); + if (asprintf(&logbase, "%s", dyn_LOGFILEBASE) < 0) { + return; + } } SMB_ASSERT(progname != NULL); - snprintf(corepath, sizeof(corepath), "%s/cores", logbase); + if (asprintf(&corepath, "%s/cores", logbase) < 0) { + SAFE_FREE(logbase); + return; + } mkdir(corepath,0700); - snprintf(corepath, sizeof(corepath), "%s/cores/%s", - logbase, progname); + SAFE_FREE(corepath); + if (asprintf(&corepath, "%s/cores/%s", + logbase, progname) < 0) { + SAFE_FREE(logbase); + return; + } mkdir(corepath,0700); sys_chown(corepath,getuid(),getgid()); chmod(corepath,0700); + SAFE_FREE(corepath); + #ifdef HAVE_GETRLIMIT #ifdef RLIMIT_CORE { diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 7cc066d667..dbb66b0ba5 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -41,19 +41,22 @@ struct user_auth_info cmdline_auth_info; static void set_logfile(poptContext con, const char * arg) { - pstring logfile; + char *logfile = NULL; const char *pname; - + /* Find out basename of current program */ pname = strrchr_m(poptGetInvocationName(con),'/'); if (!pname) pname = poptGetInvocationName(con); - else + else pname++; - pstr_sprintf(logfile, "%s/log.%s", arg, pname); + if (asprintf(&logfile, "%s/log.%s", arg, pname) < 0) { + return; + } lp_set_logfile(logfile); + SAFE_FREE(logfile); } static bool PrintSambaVersionString; @@ -285,22 +288,24 @@ const struct poptOption popt_common_dynconfig[] = { * get a password from a a file or file descriptor * exit on failure * ****************************************************************************/ + static void get_password_file(struct user_auth_info *a) { int fd = -1; char *p; bool close_it = False; - pstring spec; + char *spec = NULL; char pass[128]; if ((p = getenv("PASSWD_FD")) != NULL) { - pstrcpy(spec, "descriptor "); - pstrcat(spec, p); + if (asprintf(&spec, "descriptor %s", p) < 0) { + return; + } sscanf(p, "%d", &fd); - close_it = False; + close_it = false; } else if ((p = getenv("PASSWD_FILE")) != NULL) { fd = sys_open(p, O_RDONLY, 0); - pstrcpy(spec, p); + spec = SMB_STRDUP(p); if (fd < 0) { fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n", spec, strerror(errno)); @@ -325,15 +330,18 @@ static void get_password_file(struct user_auth_info *a) } else { fprintf(stderr, "Error reading password from file %s: %s\n", spec, "empty password\n"); + SAFE_FREE(spec); exit(1); } default: fprintf(stderr, "Error reading password from file %s: %s\n", spec, strerror(errno)); + SAFE_FREE(spec); exit(1); } } + SAFE_FREE(spec); pstrcpy(a->password, pass); if (close_it) close(fd); diff --git a/source3/lib/readline.c b/source3/lib/readline.c index 9d1597abb1..6fed929be0 100644 --- a/source3/lib/readline.c +++ b/source3/lib/readline.c @@ -53,7 +53,7 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) char **(completion_fn)(const char *text, int start, int end)) { fd_set fds; - static pstring line; + static char *line; struct timeval timeout; int fd = x_fileno(x_stdin); char *ret; @@ -64,15 +64,22 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) x_fflush(x_stdout); } + if (line == NULL) { + line = SMB_MALLOC(BUFSIZ); + if (!line) { + return NULL; + } + } + while (1) { timeout.tv_sec = 5; timeout.tv_usec = 0; FD_ZERO(&fds); FD_SET(fd,&fds); - + if (sys_select_intr(fd+1,&fds,NULL,NULL,&timeout) == 1) { - ret = x_fgets(line, sizeof(line), x_stdin); + ret = x_fgets(line, BUFSIZ, x_stdin); return ret; } if (callback) diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c index 8ea9d42a29..42861ae111 100644 --- a/source3/lib/smbldap_util.c +++ b/source3/lib/smbldap_util.c @@ -36,7 +36,7 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state int i, rc; uint32 policy_default; const char *policy_attr = NULL; - pstring dn; + char *dn = NULL; LDAPMod **mods = NULL; char *escape_domain_name; @@ -48,15 +48,17 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state return NT_STATUS_NO_MEMORY; } - pstr_sprintf(dn, "%s=%s,%s", + if (asprintf(&dn, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - escape_domain_name, lp_ldap_suffix()); + escape_domain_name, lp_ldap_suffix()) < 0) { + SAFE_FREE(escape_domain_name); + return NT_STATUS_NO_MEMORY; + } SAFE_FREE(escape_domain_name); for (i=1; decode_account_policy_name(i) != NULL; i++) { - - pstring val; + char *val = NULL; policy_attr = get_account_policy_attr(i); if (!policy_attr) { @@ -66,17 +68,23 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state if (!account_policy_get_default(i, &policy_default)) { DEBUG(0,("add_new_domain_account_policies: failed to get default account policy\n")); + SAFE_FREE(dn); return ntstatus; } DEBUG(10,("add_new_domain_account_policies: adding \"%s\" with value: %d\n", policy_attr, policy_default)); - pstr_sprintf(val, "%d", policy_default); + if (asprintf(&val, "%d", policy_default) < 0) { + SAFE_FREE(dn); + return NT_STATUS_NO_MEMORY; + } smbldap_set_mod( &mods, LDAP_MOD_REPLACE, policy_attr, val); rc = smbldap_modify(ldap_state, dn, mods); + SAFE_FREE(val); + if (rc!=LDAP_SUCCESS) { char *ld_error = NULL; ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error); @@ -84,11 +92,13 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state dn, ldap_err2string(rc), ld_error ? ld_error : "unknown")); SAFE_FREE(ld_error); + SAFE_FREE(dn); ldap_mods_free(mods, True); return ntstatus; } } + SAFE_FREE(dn); ldap_mods_free(mods, True); return NT_STATUS_OK; @@ -101,12 +111,13 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state TODO: Add other attributes, and allow modification. *********************************************************************/ -static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, - const char *domain_name) +static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, + const char *domain_name) { fstring sid_string; fstring algorithmic_rid_base_string; - pstring filter, dn; + char *filter = NULL; + char *dn = NULL; LDAPMod **mods = NULL; int rc; LDAPMessage *result = NULL; @@ -121,29 +132,33 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, return NT_STATUS_NO_MEMORY; } - slprintf (filter, sizeof (filter) - 1, "(&(%s=%s)(objectclass=%s))", - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - escape_domain_name, LDAP_OBJ_DOMINFO); + if (asprintf(&filter, "(&(%s=%s)(objectclass=%s))", + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + escape_domain_name, LDAP_OBJ_DOMINFO) < 0) { + SAFE_FREE(escape_domain_name); + return NT_STATUS_NO_MEMORY; + } SAFE_FREE(escape_domain_name); - attr_list = get_attr_list( NULL, dominfo_attr_list ); + attr_list = get_attr_list(NULL, dominfo_attr_list ); rc = smbldap_search_suffix(ldap_state, filter, attr_list, &result); TALLOC_FREE( attr_list ); + SAFE_FREE(filter); if (rc != LDAP_SUCCESS) { return NT_STATUS_UNSUCCESSFUL; } num_result = ldap_count_entries(ldap_state->ldap_struct, result); - + if (num_result > 1) { DEBUG (0, ("add_new_domain_info: More than domain with that name exists: bailing " "out!\n")); ldap_msgfree(result); return NT_STATUS_UNSUCCESSFUL; } - + /* Check if we need to add an entry */ DEBUG(3,("add_new_domain_info: Adding new domain\n")); @@ -154,9 +169,12 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, return NT_STATUS_NO_MEMORY; } - pstr_sprintf(dn, "%s=%s,%s", + if (asprintf(&dn, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - escape_domain_name, lp_ldap_suffix()); + escape_domain_name, lp_ldap_suffix()) < 0) { + SAFE_FREE(escape_domain_name); + return NT_STATUS_NO_MEMORY; + } SAFE_FREE(escape_domain_name); @@ -168,7 +186,7 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, - LDAP_ATTR_DOMAIN), + LDAP_ATTR_DOMAIN), domain_name); /* If we don't have an entry, then ask secrets.tdb for what it thinks. @@ -185,21 +203,21 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, algorithmic_rid_base()); smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, - LDAP_ATTR_ALGORITHMIC_RID_BASE), + LDAP_ATTR_ALGORITHMIC_RID_BASE), algorithmic_rid_base_string); smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO); - + /* add the sambaNextUserRid attributes. */ - + { uint32 rid = BASE_RID; fstring rid_str; - + fstr_sprintf( rid_str, "%i", rid ); DEBUG(10,("add_new_domain_info: setting next available user rid [%s]\n", rid_str)); - smbldap_set_mod(&mods, LDAP_MOD_ADD, + smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, - LDAP_ATTR_NEXT_USERRID), + LDAP_ATTR_NEXT_USERRID), rid_str); } @@ -214,13 +232,14 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, dn, ldap_err2string(rc), ld_error?ld_error:"unknown")); SAFE_FREE(ld_error); - + SAFE_FREE(dn); ldap_mods_free(mods, True); return NT_STATUS_UNSUCCESSFUL; } DEBUG(2,("add_new_domain_info: added: domain = %s in the LDAP database\n", domain_name)); ldap_mods_free(mods, True); + SAFE_FREE(dn); return NT_STATUS_OK; } @@ -233,22 +252,25 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, bool try_add) { NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - pstring filter; + char *filter = NULL; int rc; const char **attr_list; int count; char *escape_domain_name; - + escape_domain_name = escape_ldap_string_alloc(domain_name); if (!escape_domain_name) { DEBUG(0, ("Out of memory!\n")); return NT_STATUS_NO_MEMORY; } - pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))", + if (asprintf(&filter, "(&(objectClass=%s)(%s=%s))", LDAP_OBJ_DOMINFO, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - escape_domain_name); + get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), + escape_domain_name) < 0) { + SAFE_FREE(escape_domain_name); + return NT_STATUS_NO_MEMORY; + } SAFE_FREE(escape_domain_name); @@ -264,14 +286,17 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, goto failed; } + SAFE_FREE(filter); + count = ldap_count_entries(ldap_state->ldap_struct, *result); - if (count == 1) + if (count == 1) { return NT_STATUS_OK; + } ldap_msgfree(*result); *result = NULL; - + if (count < 1) { DEBUG(3, ("smbldap_search_domain_info: Got no domain info entries for domain\n")); @@ -285,7 +310,7 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, domain_name, nt_errstr(status))); goto failed; } - + status = add_new_domain_account_policies(ldap_state, domain_name); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("smbldap_search_domain_info: Adding domain account policies for %s failed with %s\n", @@ -294,7 +319,7 @@ NTSTATUS smbldap_search_domain_info(struct smbldap_state *ldap_state, } return smbldap_search_domain_info(ldap_state, result, domain_name, False); - + } if (count > 1 ) { diff --git a/source3/lib/sysquotas.c b/source3/lib/sysquotas.c index 094422ac9b..4a2d88abdf 100644 --- a/source3/lib/sysquotas.c +++ b/source3/lib/sysquotas.c @@ -177,19 +177,19 @@ static struct { #ifdef HAVE_XFS_QUOTAS {"xfs", sys_get_xfs_quota, sys_set_xfs_quota}, #endif /* HAVE_XFS_QUOTAS */ - {NULL, NULL, NULL} + {NULL, NULL, NULL} }; static int command_get_quota(const char *path, enum SMB_QUOTA_TYPE qtype, unid_t id, SMB_DISK_QUOTA *dp) { const char *get_quota_command; char **lines = NULL; - + get_quota_command = lp_get_quota_command(); if (get_quota_command && *get_quota_command) { const char *p; char *p2; - pstring syscmd; + char *syscmd = NULL; int _id = -1; switch(qtype) { @@ -206,13 +206,16 @@ static int command_get_quota(const char *path, enum SMB_QUOTA_TYPE qtype, unid_t return -1; } - slprintf(syscmd, sizeof(syscmd)-1, - "%s \"%s\" %d %d", - get_quota_command, path, qtype, _id); + if (asprintf(&syscmd, "%s \"%s\" %d %d", + get_quota_command, path, qtype, _id) < 0) { + return -1; + } DEBUG (3, ("get_quota: Running command %s\n", syscmd)); lines = file_lines_pload(syscmd, NULL); + SAFE_FREE(syscmd); + if (lines) { char *line = lines[0]; @@ -325,7 +328,7 @@ static int command_get_quota(const char *path, enum SMB_QUOTA_TYPE qtype, unid_t errno = ENOSYS; return -1; - + invalid_param: file_lines_free(lines); @@ -336,11 +339,11 @@ invalid_param: static int command_set_quota(const char *path, enum SMB_QUOTA_TYPE qtype, unid_t id, SMB_DISK_QUOTA *dp) { const char *set_quota_command; - + set_quota_command = lp_set_quota_command(); if (set_quota_command && *set_quota_command) { - char **lines; - pstring syscmd; + char **lines = NULL; + char *syscmd = NULL; int _id = -1; switch(qtype) { @@ -357,37 +360,40 @@ static int command_set_quota(const char *path, enum SMB_QUOTA_TYPE qtype, unid_t } #ifdef LARGE_SMB_OFF_T - slprintf(syscmd, sizeof(syscmd)-1, + if (asprintf(&syscmd, "%s \"%s\" %d %d " "%u %llu %llu " - "%llu %llu %llu ", + "%llu %llu %llu ", set_quota_command, path, qtype, _id, dp->qflags, (long long unsigned)dp->softlimit,(long long unsigned)dp->hardlimit, (long long unsigned)dp->isoftlimit,(long long unsigned)dp->ihardlimit, - (long long unsigned)dp->bsize); + (long long unsigned)dp->bsize) < 0) { + return -1; + } #else /* LARGE_SMB_OFF_T */ - slprintf(syscmd, sizeof(syscmd)-1, + if (asprintf(&syscmd, "%s \"%s\" %d %d " "%u %lu %lu " - "%lu %lu %lu ", + "%lu %lu %lu ", set_quota_command, path, qtype, _id, dp->qflags, (long unsigned)dp->softlimit,(long unsigned)dp->hardlimit, (long unsigned)dp->isoftlimit,(long unsigned)dp->ihardlimit, - (long unsigned)dp->bsize); + (long unsigned)dp->bsize) < 0) { + return -1; + } #endif /* LARGE_SMB_OFF_T */ - - DEBUG (3, ("get_quota: Running command %s\n", syscmd)); lines = file_lines_pload(syscmd, NULL); + SAFE_FREE(syscmd); if (lines) { char *line = lines[0]; DEBUG (3, ("Read output from set_quota, \"%s\"\n", line)); file_lines_free(lines); - + return 0; } DEBUG (0, ("set_quota_command failed!\n")); diff --git a/source3/lib/util.c b/source3/lib/util.c index 4bb6f57d52..eeaa7ea69c 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -583,80 +583,128 @@ ssize_t message_push_blob(uint8 **outbuf, DATA_BLOB blob) Reduce a file name, removing .. elements. ********************************************************************/ -void dos_clean_name(char *s) +static char *dos_clean_name(TALLOC_CTX *ctx, const char *s) { - char *p=NULL; + char *p = NULL; + char *str = NULL; DEBUG(3,("dos_clean_name [%s]\n",s)); /* remove any double slashes */ - all_string_sub(s, "\\\\", "\\", 0); + str = talloc_all_string_sub(ctx, s, "\\\\", "\\"); + if (!str) { + return NULL; + } /* Remove leading .\\ characters */ - if(strncmp(s, ".\\", 2) == 0) { - trim_string(s, ".\\", NULL); - if(*s == 0) - pstrcpy(s,".\\"); + if(strncmp(str, ".\\", 2) == 0) { + trim_string(str, ".\\", NULL); + if(*str == 0) { + str = talloc_strdup(ctx, ".\\"); + if (!str) { + return NULL; + } + } } - while ((p = strstr_m(s,"\\..\\")) != NULL) { - pstring s1; + while ((p = strstr_m(str,"\\..\\")) != NULL) { + char *s1; *p = 0; - pstrcpy(s1,p+3); + s1 = p+3; - if ((p=strrchr_m(s,'\\')) != NULL) + if ((p=strrchr_m(str,'\\')) != NULL) { *p = 0; - else - *s = 0; - pstrcat(s,s1); - } + } else { + *str = 0; + } + str = talloc_asprintf(ctx, + "%s%s", + str, + s1); + if (!str) { + return NULL; + } + } - trim_string(s,NULL,"\\.."); - all_string_sub(s, "\\.\\", "\\", 0); + trim_string(str,NULL,"\\.."); + return talloc_all_string_sub(ctx, str, "\\.\\", "\\"); } /******************************************************************* - Reduce a file name, removing .. elements. + Reduce a file name, removing .. elements. ********************************************************************/ -void unix_clean_name(char *s) +char *unix_clean_name(TALLOC_CTX *ctx, const char *s) { - char *p=NULL; + char *p = NULL; + char *str = NULL; DEBUG(3,("unix_clean_name [%s]\n",s)); /* remove any double slashes */ - all_string_sub(s, "//","/", 0); + str = talloc_all_string_sub(ctx, s, "//","/"); + if (!str) { + return NULL; + } /* Remove leading ./ characters */ - if(strncmp(s, "./", 2) == 0) { - trim_string(s, "./", NULL); - if(*s == 0) - pstrcpy(s,"./"); + if(strncmp(str, "./", 2) == 0) { + trim_string(str, "./", NULL); + if(*str == 0) { + str = talloc_strdup(ctx, "./"); + if (!str) { + return NULL; + } + } } - while ((p = strstr_m(s,"/../")) != NULL) { - pstring s1; + while ((p = strstr_m(str,"/../")) != NULL) { + char *s1; *p = 0; - pstrcpy(s1,p+3); + s1 = p+3; - if ((p=strrchr_m(s,'/')) != NULL) + if ((p=strrchr_m(str,'/')) != NULL) { *p = 0; - else - *s = 0; - pstrcat(s,s1); - } + } else { + *str = 0; + } + str = talloc_asprintf(ctx, + "%s%s", + str, + s1); + if (!str) { + return NULL; + } + } - trim_string(s,NULL,"/.."); - all_string_sub(s, "/./", "/", 0); + trim_string(str,NULL,"/.."); + return talloc_all_string_sub(ctx, str, "/./", "/"); } -void clean_name(char *s) +char *clean_name(TALLOC_CTX *ctx, const char *s) { - dos_clean_name(s); - unix_clean_name(s); + char *str = dos_clean_name(ctx, s); + if (!str) { + return NULL; + } + return unix_clean_name(ctx, str); +} + +/******************************************************************* + Horrible temporary hack until pstring is dead. +********************************************************************/ + +char *pstring_clean_name(pstring s) +{ + char *str = clean_name(NULL,s); + if (!str) { + return NULL; + } + pstrcpy(s, str); + TALLOC_FREE(str); + return s; } /******************************************************************* @@ -911,9 +959,9 @@ void become_daemon(bool Fork, bool no_process_group) Put up a yes/no prompt. ****************************************************************************/ -bool yesno(char *p) +bool yesno(const char *p) { - pstring ans; + char ans[20]; printf("%s",p); if (!fgets(ans,sizeof(ans)-1,stdin)) @@ -1250,23 +1298,22 @@ int interpret_protocol(const char *str,int def) /****************************************************************** Remove any mount options such as -rsize=2048,wsize=2048 etc. Based on a fix from . + Returns a malloc'ed string. *******************************************************************/ -static void strip_mount_options( pstring *str) +static char *strip_mount_options(const char *str) { - if (**str == '-') { - char *p = *str; + if (*str == '-') { + char *p = str; while(*p && !isspace(*p)) p++; while(*p && isspace(*p)) p++; if(*p) { - pstring tmp_str; - - pstrcpy(tmp_str, p); - pstrcpy(*str, tmp_str); + return SMB_STRDUP(p); } } + return NULL; } /******************************************************************* @@ -1288,6 +1335,7 @@ char *automount_lookup(const char *user_name) nis_result *result; nis_object *object; entry_obj *entry; + char *tmpstr = NULL; if (strcmp(user_name, last_key)) { slprintf(buffer, sizeof(buffer)-1, "[key=%s],%s", user_name, nis_map); @@ -1313,7 +1361,11 @@ char *automount_lookup(const char *user_name) nis_freeresult(result); } - strip_mount_options(&last_value); + tmpstr = strip_mount_options(last_value); + if (tmpstr) { + pstrcpy(last_value, tmpstr); + SAFE_FREE(tmpstr); + } DEBUG(4, ("NIS+ Lookup: %s resulted in %s\n", user_name, last_value)); return last_value; @@ -1345,9 +1397,14 @@ char *automount_lookup(const char *user_name) } else { if ((nis_error = yp_match(nis_domain, nis_map, user_name, strlen(user_name), &nis_result, &nis_result_len)) == 0) { + char *tmpstr = NULL; fstrcpy(last_key, user_name); pstrcpy(last_value, nis_result); - strip_mount_options(&last_value); + tmpstr = strip_mount_options(last_value); + if (tmpstr) { + pstrcpy(last_value, tmpstr); + SAFE_FREE(tmpstr); + } } else if(nis_error == YPERR_KEY) { @@ -2103,8 +2160,13 @@ void dump_data_pw(const char *msg, const uchar * data, size_t len) char *tab_depth(int depth) { static pstring spaces; - memset(spaces, ' ', depth * 4); - spaces[depth * 4] = 0; + size_t len = depth * 4; + if (len > sizeof(pstring)-1) { + len = sizeof(pstring)-1; + } + + memset(spaces, ' ', len); + spaces[len] = 0; return spaces; } @@ -2815,46 +2877,6 @@ void *talloc_check_name_abort(const void *ptr, const char *name) return NULL; } - -#ifdef __INSURE__ - -/******************************************************************* -This routine is a trick to immediately catch errors when debugging -with insure. A xterm with a gdb is popped up when insure catches -a error. It is Linux specific. -********************************************************************/ - -int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6) -{ - static int (*fn)(); - int ret; - char pidstr[10]; - /* you can get /usr/bin/backtrace from - http://samba.org/ftp/unpacked/junkcode/backtrace */ - pstring cmd = "/usr/bin/backtrace %d"; - - slprintf(pidstr, sizeof(pidstr)-1, "%d", sys_getpid()); - pstring_sub(cmd, "%d", pidstr); - - if (!fn) { - static void *h; - h = dlopen("/usr/local/parasoft/insure++lite/lib.linux2/libinsure.so", RTLD_LAZY); - fn = dlsym(h, "_Insure_trap_error"); - - if (!h || h == _Insure_trap_error) { - h = dlopen("/usr/local/parasoft/lib.linux2/libinsure.so", RTLD_LAZY); - fn = dlsym(h, "_Insure_trap_error"); - } - } - - ret = fn(a1, a2, a3, a4, a5, a6); - - system(cmd); - - return ret; -} -#endif - uint32 map_share_mode_to_deny_mode(uint32 share_access, uint32 private_options) { switch (share_access & ~FILE_SHARE_DELETE) { diff --git a/source3/lib/util_file.c b/source3/lib/util_file.c index 673a15df38..b628b06cc6 100644 --- a/source3/lib/util_file.c +++ b/source3/lib/util_file.c @@ -105,9 +105,9 @@ static char *file_pload(char *syscmd, size_t *size) { int fd, n; char *p; - pstring buf; + char buf[1024]; size_t total; - + fd = sys_popen(syscmd); if (fd == -1) { return NULL; diff --git a/source3/lib/util_unistr.c b/source3/lib/util_unistr.c index c4569e102e..8fad1162ac 100644 --- a/source3/lib/util_unistr.c +++ b/source3/lib/util_unistr.c @@ -81,12 +81,15 @@ void load_case_tables(void) static int initialised; char *old_locale = NULL, *saved_locale = NULL; int i; + TALLOC_CTX *frame = NULL; if (initialised) { return; } initialised = 1; + frame = talloc_stackframe(); + upcase_table = (smb_ucs2_t *)map_file(data_path("upcase.dat"), 0x20000); upcase_table_use_unmap = ( upcase_table != NULL ); @@ -147,6 +150,7 @@ void load_case_tables(void) SAFE_FREE(saved_locale); } #endif + TALLOC_FREE(frame); } /* @@ -157,7 +161,7 @@ void load_case_tables(void) int check_dos_char(smb_ucs2_t c) { lazy_initialize_conv(); - + /* Find the right byte, and right bit within the byte; return * 1 or 0 */ return (doschar_table[(c & 0xffff) / 8] & (1 << (c & 7))) != 0; @@ -329,26 +333,54 @@ int rpcstr_pull_unistr2_fstring(char *dest, UNISTR2 *src) * copy because I don't really know how pull_ucs2 and friends calculate the * target size. If this turns out to be a major bottleneck someone with deeper * multi-byte knowledge needs to revisit this. + * I just did (JRA :-). No longer uses copy. * My (VL) use is dsr_getdcname, which returns 6 strings, the alternative would * have been to manually talloc_strdup them in rpc_client/cli_netlogon.c. */ -char *rpcstr_pull_unistr2_talloc(TALLOC_CTX *mem_ctx, const UNISTR2 *src) +char *rpcstr_pull_unistr2_talloc(TALLOC_CTX *ctx, const UNISTR2 *src) { - pstring tmp; - size_t result; - - result = pull_ucs2(NULL, tmp, src->buffer, sizeof(tmp), - src->uni_str_len * 2, 0); - if (result == (size_t)-1) { + char *dest = NULL; + size_t dest_len = convert_string_talloc(ctx, + CH_UTF16LE, + CH_UNIX, + src->buffer, + src->uni_str_len * 2, + (void **)&dest, + true); + if (dest_len == (size_t)-1) { return NULL; } - return talloc_strdup(mem_ctx, tmp); + /* Ensure we're returning a null terminated string. */ + if (dest_len) { + /* Did we already process the terminating zero ? */ + if (dest[dest_len-1] != 0) { + size_t size = talloc_get_size(dest); + /* Have we got space to append the '\0' ? */ + if (size <= dest_len) { + /* No, realloc. */ + dest = TALLOC_REALLOC_ARRAY(ctx, dest, char, + dest_len+1); + if (!dest) { + /* talloc fail. */ + dest_len = (size_t)-1; + return NULL; + } + } + /* Yay - space ! */ + dest[dest_len] = '\0'; + dest_len++; + } + } else if (dest) { + dest[0] = 0; + } + + return dest; } /* Converts a string from internal samba format to unicode - */ + */ int rpcstr_push(void *dest, const char *src, size_t dest_len, int flags) { diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 6393f654c0..037c0d6b26 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -208,8 +208,12 @@ static void cli_cm_set_mntpoint( struct cli_state *c, const char *mnt ) } if ( p ) { - pstrcpy( p->mount, mnt ); - clean_name(p->mount); + char *name = clean_name(NULL, p->mount); + if (!name) { + return; + } + pstrcpy( p->mount, name ); + TALLOC_FREE(name); } } diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c index 6fadefe682..beb178e59c 100644 --- a/source3/nmbd/nmbd.c +++ b/source3/nmbd/nmbd.c @@ -733,6 +733,7 @@ static bool open_sockets(bool isdaemon, int port) POPT_COMMON_SAMBA { NULL } }; + TALLOC_CTX *frame = talloc_stackframe(); /* Setup tos. */ load_case_tables(); @@ -927,6 +928,7 @@ static bool open_sockets(bool isdaemon, int port) /* We can only take signals in the select. */ BlockSignals( True, SIGTERM ); + TALLOC_FREE(frame); process(); if (dbf) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index bc5fe5e8f1..80eac747c6 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -6151,7 +6151,7 @@ const char *lp_printername(int snum) void lp_set_logfile(const char *name) { string_set(&Globals.szLogFile, name); - pstrcpy(debugf, name); + debug_set_logfile(name); } /******************************************************************* diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index e729c3b46d..1d218bac3d 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -659,18 +659,25 @@ bool nt_printing_init(struct messaging_context *msg_ctx) Function to allow filename parsing "the old way". ********************************************************************/ -static void driver_unix_convert(connection_struct *conn, - pstring name, +static char *driver_unix_convert(connection_struct *conn, + const char *old_name, SMB_STRUCT_STAT *pst) { + TALLOC_CTX *ctx = talloc_tos(); + char *name = talloc_strdup(ctx, old_name); char *new_name = NULL; + + if (!name) { + return NULL; + } unix_format(name); - unix_clean_name(name); - trim_string(name,"/","/"); - unix_convert(talloc_tos(),conn, name, False, &new_name, NULL, pst); - if (new_name) { - pstrcpy(name, new_name); + name = unix_clean_name(ctx, name); + if (!name) { + return NULL; } + trim_string(name,"/","/"); + unix_convert(ctx,conn, name, false, &new_name, NULL, pst); + return new_name; } /******************************************************************* @@ -1149,7 +1156,7 @@ static int get_file_version(files_struct *fsp, char *fname,uint32 *major, uint32 if (IVAL(buf,pos) == VS_MAGIC_VALUE) { *major = IVAL(buf,pos+VS_MAJOR_OFFSET); *minor = IVAL(buf,pos+VS_MINOR_OFFSET); - + DEBUG(6,("get_file_version: PE file [%s] Version = %08x:%08x (%d.%d.%d.%d)\n", fname, *major, *minor, (*major>>16)&0xffff, *major&0xffff, @@ -1268,8 +1275,8 @@ the modification date). Otherwise chose the numerically larger version number. static int file_version_is_newer(connection_struct *conn, fstring new_file, fstring old_file) { - bool use_version = True; - pstring filepath; + bool use_version = true; + char *filepath = NULL; uint32 new_major; uint32 new_minor; @@ -1291,9 +1298,10 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr old_create_time = (time_t)0; /* Get file version info (if available) for previous file (if it exists) */ - pstrcpy(filepath, old_file); - - driver_unix_convert(conn,filepath,&stat_buf); + filepath = driver_unix_convert(conn,old_file,&stat_buf); + if (!filepath) { + goto error_exit; + } status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, FILE_GENERIC_READ, @@ -1308,7 +1316,7 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr /* Old file not found, so by definition new file is in fact newer */ DEBUG(10,("file_version_is_newer: Can't open old file [%s], errno = %d\n", filepath, errno)); - return True; + return 1; } else { int ret = get_file_version(fsp, old_file, &old_major, &old_minor); @@ -1319,8 +1327,10 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr if (!ret) { DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n", old_file)); - use_version = False; - if (SMB_VFS_FSTAT(fsp, fsp->fh->fd, &st) == -1) goto error_exit; + use_version = false; + if (SMB_VFS_FSTAT(fsp, fsp->fh->fd, &st) == -1) { + goto error_exit; + } old_create_time = st.st_mtime; DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n", old_create_time)); } @@ -1328,8 +1338,10 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr close_file(fsp, NORMAL_CLOSE); /* Get file version info (if available) for new file */ - pstrcpy(filepath, new_file); - driver_unix_convert(conn,filepath,&stat_buf); + filepath = driver_unix_convert(conn,new_file,&stat_buf); + if (!filepath) { + goto error_exit; + } status = open_file_ntcreate(conn, NULL, filepath, &stat_buf, FILE_GENERIC_READ, @@ -1355,8 +1367,10 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr if (!ret) { DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n", new_file)); - use_version = False; - if (SMB_VFS_FSTAT(fsp, fsp->fh->fd, &st) == -1) goto error_exit; + use_version = false; + if (SMB_VFS_FSTAT(fsp, fsp->fh->fd, &st) == -1) { + goto error_exit; + } new_create_time = st.st_mtime; DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n", new_create_time)); } @@ -1367,24 +1381,24 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr /* Compare versions and choose the larger version number */ if (new_major > old_major || (new_major == old_major && new_minor > old_minor)) { - + DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file)); - return True; + return 1; } else { DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file)); - return False; + return 0; } } else { /* Compare modification time/dates and choose the newest time/date */ if (new_create_time > old_create_time) { DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file)); - return True; + return 1; } else { DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file)); - return False; + return 0; } } @@ -1402,7 +1416,7 @@ static uint32 get_correct_cversion(const char *architecture, fstring driverpath_ { int cversion; NTSTATUS nt_status; - pstring driverpath; + char *driverpath = NULL; DATA_BLOB null_pw; fstring res_type; files_struct *fsp = NULL; @@ -1455,11 +1469,22 @@ static uint32 get_correct_cversion(const char *architecture, fstring driverpath_ /* Open the driver file (Portable Executable format) and determine the * deriver the cversion. */ - slprintf(driverpath, sizeof(driverpath)-1, "%s/%s", architecture, driverpath_in); + driverpath = talloc_asprintf(talloc_tos(), + "%s/%s", + architecture, + driverpath_in); + if (!driverpath) { + *perr = WERR_NOMEM; + goto error_exit; + } - driver_unix_convert(conn,driverpath,&st); + driverpath = driver_unix_convert(conn,driverpath,&st); + if (!driverpath) { + *perr = WERR_NOMEM; + goto error_exit; + } - if ( !vfs_file_exist( conn, driverpath, &st ) ) { + if (!vfs_file_exist(conn, driverpath, &st)) { *perr = WERR_BADFILE; goto error_exit; } @@ -1734,22 +1759,18 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract NT_PRINTER_DRIVER_INFO_LEVEL_3 *driver; NT_PRINTER_DRIVER_INFO_LEVEL_3 converted_driver; const char *architecture; - pstring new_dir; - pstring old_name; - pstring new_name; + char *new_dir = NULL; + char *old_name = NULL; + char *new_name = NULL; DATA_BLOB null_pw; connection_struct *conn; NTSTATUS nt_status; - pstring inbuf; - pstring outbuf; fstring res_type; SMB_STRUCT_STAT st; - int ver = 0; int i; TALLOC_CTX *ctx = talloc_tos(); + int ver = 0; - memset(inbuf, '\0', sizeof(inbuf)); - memset(outbuf, '\0', sizeof(outbuf)); *perr = WERR_OK; if (level==3) @@ -1793,13 +1814,27 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract return WERR_ACCESS_DENIED; } + /* WE ARE NOW RUNNING AS USER conn->vuid !!!!! */ + /* * make the directories version and version\driver_name * under the architecture directory. */ DEBUG(5,("Creating first directory\n")); - slprintf(new_dir, sizeof(new_dir)-1, "%s/%d", architecture, driver->cversion); - driver_unix_convert(conn,new_dir,&st); + new_dir = talloc_asprintf(ctx, + "%s/%d", + architecture, + driver->cversion); + if (!new_dir) { + *perr = WERR_NOMEM; + goto err_exit; + } + new_dir = driver_unix_convert(conn,new_dir,&st); + if (!new_dir) { + *perr = WERR_NOMEM; + goto err_exit; + } + create_directory(conn, new_dir); /* For each driver file, archi\filexxx.yyy, if there is a duplicate file @@ -1822,10 +1857,29 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract DEBUG(5,("Moving files now !\n")); if (driver->driverpath && strlen(driver->driverpath)) { - slprintf(new_name, sizeof(new_name)-1, "%s/%s", architecture, driver->driverpath); - slprintf(old_name, sizeof(old_name)-1, "%s/%s", new_dir, driver->driverpath); + new_name = talloc_asprintf(ctx, + "%s/%s", + architecture, + driver->driverpath); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + old_name = talloc_asprintf(ctx, + "%s/%s", + new_dir, + driver->driverpath); + if (!old_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + if (ver != -1 && (ver=file_version_is_newer(conn, new_name, old_name)) > 0) { - driver_unix_convert(conn,new_name,&st); + new_name = driver_unix_convert(conn,new_name,&st); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE| OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) { DEBUG(0,("move_driver_to_download_area: Unable to rename [%s] to [%s]\n", @@ -1833,15 +1887,33 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract *perr = WERR_ACCESS_DENIED; ver = -1; } - } + } } if (driver->datafile && strlen(driver->datafile)) { if (!strequal(driver->datafile, driver->driverpath)) { - slprintf(new_name, sizeof(new_name)-1, "%s/%s", architecture, driver->datafile); - slprintf(old_name, sizeof(old_name)-1, "%s/%s", new_dir, driver->datafile); + new_name = talloc_asprintf(ctx, + "%s/%s", + architecture, + driver->datafile); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + old_name = talloc_asprintf(ctx, + "%s/%s", + new_dir, + driver->datafile); + if (!old_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if (ver != -1 && (ver=file_version_is_newer(conn, new_name, old_name)) > 0) { - driver_unix_convert(conn,new_name,&st); + new_name = driver_unix_convert(conn,new_name,&st); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE| OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) { DEBUG(0,("move_driver_to_download_area: Unable to rename [%s] to [%s]\n", @@ -1856,10 +1928,28 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract if (driver->configfile && strlen(driver->configfile)) { if (!strequal(driver->configfile, driver->driverpath) && !strequal(driver->configfile, driver->datafile)) { - slprintf(new_name, sizeof(new_name)-1, "%s/%s", architecture, driver->configfile); - slprintf(old_name, sizeof(old_name)-1, "%s/%s", new_dir, driver->configfile); + new_name = talloc_asprintf(ctx, + "%s/%s", + architecture, + driver->configfile); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + old_name = talloc_asprintf(ctx, + "%s/%s", + new_dir, + driver->configfile); + if (!old_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if (ver != -1 && (ver=file_version_is_newer(conn, new_name, old_name)) > 0) { - driver_unix_convert(conn,new_name,&st); + new_name = driver_unix_convert(conn,new_name,&st); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE| OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) { DEBUG(0,("move_driver_to_download_area: Unable to rename [%s] to [%s]\n", @@ -1875,10 +1965,28 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract if (!strequal(driver->helpfile, driver->driverpath) && !strequal(driver->helpfile, driver->datafile) && !strequal(driver->helpfile, driver->configfile)) { - slprintf(new_name, sizeof(new_name)-1, "%s/%s", architecture, driver->helpfile); - slprintf(old_name, sizeof(old_name)-1, "%s/%s", new_dir, driver->helpfile); + new_name = talloc_asprintf(ctx, + "%s/%s", + architecture, + driver->helpfile); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + old_name = talloc_asprintf(ctx, + "%s/%s", + new_dir, + driver->helpfile); + if (!old_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if (ver != -1 && (ver=file_version_is_newer(conn, new_name, old_name)) > 0) { - driver_unix_convert(conn,new_name,&st); + new_name = driver_unix_convert(conn,new_name,&st); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE| OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) { DEBUG(0,("move_driver_to_download_area: Unable to rename [%s] to [%s]\n", @@ -1903,10 +2011,28 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract } } - slprintf(new_name, sizeof(new_name)-1, "%s/%s", architecture, driver->dependentfiles[i]); - slprintf(old_name, sizeof(old_name)-1, "%s/%s", new_dir, driver->dependentfiles[i]); + new_name = talloc_asprintf(ctx, + "%s/%s", + architecture, + driver->dependentfiles[i]); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } + old_name = talloc_asprintf(ctx, + "%s/%s", + new_dir, + driver->dependentfiles[i]); + if (!old_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if (ver != -1 && (ver=file_version_is_newer(conn, new_name, old_name)) > 0) { - driver_unix_convert(conn,new_name,&st); + new_name = driver_unix_convert(conn,new_name,&st); + if (!new_name) { + *perr = WERR_NOMEM; + goto err_exit; + } if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE| OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) { @@ -1921,10 +2047,18 @@ WERROR move_driver_to_download_area(NT_PRINTER_DRIVER_INFO_LEVEL driver_abstract } } + err_exit: + close_cnum(conn, user->vuid); unbecome_user(); - return ver != -1 ? WERR_OK : WERR_UNKNOWN_PRINTER_DRIVER; + if (W_ERROR_EQUAL(*perr, WERR_OK)) { + return WERR_OK; + } + if (ver == -1) { + return WERR_UNKNOWN_PRINTER_DRIVER; + } + return (*perr); } /**************************************************************************** diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 5a3c451cde..51dffb8904 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1463,17 +1463,22 @@ WERROR _srv_net_share_get_info(pipes_struct *p, SRV_Q_NET_SHARE_GET_INFO *q_u, S Check a given DOS pathname is valid for a share. ********************************************************************/ -char *valid_share_pathname(char *dos_pathname) +char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname) { - char *ptr; + char *ptr = talloc_strdup(ctx, dos_pathname); + if (!ptr) { + return NULL; + } /* Convert any '\' paths to '/' */ - unix_format(dos_pathname); - unix_clean_name(dos_pathname); + unix_format(ptr); + ptr = unix_clean_name(talloc_tos(), ptr); + if (!ptr) { + return NULL; + } /* NT is braindead - it wants a C: prefix to a pathname ! So strip it. */ - ptr = dos_pathname; - if (strlen(dos_pathname) > 2 && ptr[1] == ':' && ptr[0] != '/') + if (strlen(ptr) > 2 && ptr[1] == ':' && ptr[0] != '/') ptr += 2; /* Only absolute paths allowed. */ @@ -1602,7 +1607,7 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S return WERR_ACCESS_DENIED; /* Check if the pathname is valid. */ - if (!(path = valid_share_pathname( pathname ))) + if (!(path = valid_share_pathname(p->mem_ctx, pathname ))) return WERR_OBJECT_PATH_INVALID; /* Ensure share name, pathname and comment don't contain '"' characters. */ @@ -1774,7 +1779,7 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S return WERR_ACCESS_DENIED; /* Check if the pathname is valid. */ - if (!(path = valid_share_pathname( pathname ))) + if (!(path = valid_share_pathname(p->mem_ctx, pathname ))) return WERR_OBJECT_PATH_INVALID; /* Ensure share name, pathname and comment don't contain '"' characters. */ diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index ce34211420..4b268dda19 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -580,17 +580,16 @@ WERROR _winreg_AbortSystemShutdown(pipes_struct *p, struct winreg_AbortSystemShu if ( can_shutdown ) become_root(); - + ret = smbrun( abort_shutdown_script, NULL ); - + if ( can_shutdown ) unbecome_root(); - + /********** END SeRemoteShutdownPrivilege BLOCK **********/ DEBUG(3,("_reg_abort_shutdown: Running the command `%s' gave %d\n", abort_shutdown_script, ret)); - return (ret == 0) ? WERR_OK : WERR_ACCESS_DENIED; } @@ -605,19 +604,19 @@ static int validate_reg_filename( pstring fname ) int snum; pstring share_path; pstring unix_fname; - + /* convert to a unix path, stripping the C:\ along the way */ - - if ( !(p = valid_share_pathname( fname ) )) + + if ( !(p = valid_share_pathname(NULL, fname))) return -1; /* has to exist within a valid file share */ - + for ( snum=0; snum