From b70f23c2b581c5d455362ab37f4846de9a910055 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 8 Aug 2012 17:01:00 -0700 Subject: Correctly check for errors in strlower_m() returns. --- source3/auth/auth_builtin.c | 4 +++- source3/auth/auth_util.c | 4 +++- source3/auth/pampass.c | 4 ++-- source3/auth/pass_check.c | 8 ++++++-- source3/auth/user_util.c | 4 +++- source3/client/client.c | 9 +++++++-- source3/client/clitar.c | 2 +- source3/lib/afs.c | 4 +++- source3/lib/substitute.c | 15 ++++++++++++--- source3/lib/username.c | 11 +++++++++-- source3/lib/util.c | 10 ++++++++-- source3/lib/util_str.c | 9 +++++---- source3/libads/ads_struct.c | 6 +++++- source3/libads/kerberos.c | 2 +- source3/libads/ldap.c | 15 ++++++++++++--- source3/libads/sasl.c | 14 ++++++++++++-- source3/libnet/libnet_join.c | 18 ++++++++++++++---- source3/librpc/crypto/gse_krb5.c | 5 ++++- source3/modules/vfs_afsacl.c | 4 +++- source3/param/loadparm.c | 5 ++++- source3/param/service.c | 4 +++- source3/passdb/pdb_interface.c | 8 ++++++-- source3/passdb/pdb_ipa.c | 4 +++- source3/passdb/pdb_ldap.c | 9 +++++++-- source3/passdb/pdb_tdb.c | 28 +++++++++++++++++++++------- source3/printing/lpq_parse.c | 4 +++- source3/printing/nt_printing_tdb.c | 4 ++-- source3/rpc_server/dfs/srv_dfs_nt.c | 4 +++- source3/rpc_server/dssetup/srv_dssetup_nt.c | 4 +++- source3/smbd/negprot.c | 2 +- source3/smbd/service.c | 6 +++++- source3/smbd/smb2_tcon.c | 5 ++++- source3/torture/masktest.c | 4 ++-- source3/utils/net_ads.c | 10 ++++++++-- source3/utils/net_rpc_join.c | 5 ++++- source3/utils/net_usershare.c | 8 ++++++-- source3/utils/pdbedit.c | 11 +++++++++-- source3/utils/smbpasswd.c | 6 +++++- source3/winbindd/wb_fill_pwent.c | 5 ++++- source3/winbindd/winbindd_cache.c | 2 +- source3/winbindd/winbindd_pam.c | 4 +++- source3/winbindd/winbindd_util.c | 7 +++++-- 42 files changed, 225 insertions(+), 72 deletions(-) diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index d61a0ec7bf..dce58bf8bf 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -103,7 +103,9 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_ return nt_status_string_to_code(user); } - strlower_m(user); + if (!strlower_m(user)) { + return NT_STATUS_INVALID_PARAMETER; + } error_num = strtoul(user, NULL, 16); DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num)); diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 28d934add3..a08d0945a5 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1252,7 +1252,9 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const char *domain, if (!lower_username) { return NT_STATUS_NO_MEMORY; } - strlower_m( lower_username ); + if (!strlower_m( lower_username )) { + return NT_STATUS_INVALID_PARAMETER; + } orig_dom_user = talloc_asprintf(mem_ctx, "%s%c%s", diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c index 87fa8ca9fa..427c22a8ab 100644 --- a/source3/auth/pampass.c +++ b/source3/auth/pampass.c @@ -249,7 +249,7 @@ static struct chat_struct *make_pw_chat(const char *p) special_char_sub(prompt); fstrcpy(t->prompt, prompt); - strlower_m(t->prompt); + (void)strlower_m(t->prompt); trim_char(t->prompt, ' ', ' '); if (!next_token_talloc(frame, &p, &reply, NULL)) { @@ -262,7 +262,7 @@ static struct chat_struct *make_pw_chat(const char *p) special_char_sub(reply); fstrcpy(t->reply, reply); - strlower_m(t->reply); + (void)strlower_m(t->reply); trim_char(t->reply, ' ', ' '); } diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c index ca99261678..f2d1fc241b 100644 --- a/source3/auth/pass_check.c +++ b/source3/auth/pass_check.c @@ -867,7 +867,9 @@ NTSTATUS pass_check(const struct passwd *pass, /* try all lowercase if it's currently all uppercase */ if (strhasupper(pass2)) { - strlower_m(pass2); + if (!strlower_m(pass2)) { + return NT_STATUS_INVALID_PARAMETER; + } nt_status = password_check(pass2, (const void *)rhost); if (NT_STATUS_IS_OK(nt_status)) { return (nt_status); @@ -880,7 +882,9 @@ NTSTATUS pass_check(const struct passwd *pass, } /* last chance - all combinations of up to level chars upper! */ - strlower_m(pass2); + if (!strlower_m(pass2)) { + return NT_STATUS_INVALID_PARAMETER; + } nt_status = string_combinations(pass2, password_check, level, (const void *)rhost); diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c index 8938aeb003..4842192051 100644 --- a/source3/auth/user_util.c +++ b/source3/auth/user_util.c @@ -164,7 +164,9 @@ bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) if (!lowercase_user) { return false; } - strlower_m(lowercase_user); + if (!strlower_m(lowercase_user)) { + return false; + } if (strcmp(user,lowercase_user) == 0) { /* user name was already lower case! */ diff --git a/source3/client/client.c b/source3/client/client.c index 28fc30aeb4..2c949ac476 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1086,7 +1086,10 @@ static int do_get(const char *rname, const char *lname_in, bool reget) } if (lowercase) { - strlower_m(lname); + if (!strlower_m(lname)) { + d_printf("strlower_m %s failed\n", lname); + return 1; + } } status = cli_resolve_path(ctx, "", auth_info, cli, rname, &targetcli, @@ -1296,7 +1299,9 @@ static NTSTATUS do_mget(struct cli_state *cli_state, struct file_info *finfo, string_replace(finfo->name,'\\','/'); if (lowercase) { - strlower_m(finfo->name); + if (!strlower_m(finfo->name)) { + return NT_STATUS_INVALID_PARAMETER; + } } if (!directory_exist(finfo->name) && diff --git a/source3/client/clitar.c b/source3/client/clitar.c index c0b6e4e7f1..cae512b5e9 100644 --- a/source3/client/clitar.c +++ b/source3/client/clitar.c @@ -173,7 +173,7 @@ static void writetarheader(int f, const char *aname, uint64_t size, time_t mtime fixtarname(hb.dbuf.name, aname, (l+2 >= NAMSIZ) ? NAMSIZ : l + 2); if (lowercase) - strlower_m(hb.dbuf.name); + (void)strlower_m(hb.dbuf.name); /* write out a "standard" tar format header */ diff --git a/source3/lib/afs.c b/source3/lib/afs.c index 849e9ce55d..4b6e6ecaf3 100644 --- a/source3/lib/afs.c +++ b/source3/lib/afs.c @@ -259,7 +259,9 @@ bool afs_login(connection_struct *conn) /* The pts command always generates completely lower-case user * names. */ - strlower_m(afs_username); + if (!strlower_m(afs_username)) { + return false; + } cell = strchr(afs_username, '@'); diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c index 44582860a1..a254bcaa7d 100644 --- a/source3/lib/substitute.c +++ b/source3/lib/substitute.c @@ -66,7 +66,10 @@ bool set_local_machine_name(const char *local_name, bool perm) /* alpha_strcpy includes the space for the terminating nul. */ alpha_strcpy(local_machine,tmp_local_machine, SAFE_NETBIOS_CHARS,len+1); - strlower_m(local_machine); + if (!strlower_m(local_machine)) { + TALLOC_FREE(tmp_local_machine); + return false; + } TALLOC_FREE(tmp_local_machine); already_perm = perm; @@ -118,7 +121,10 @@ bool set_remote_machine_name(const char *remote_name, bool perm) /* alpha_strcpy includes the space for the terminating nul. */ alpha_strcpy(remote_machine,tmp_remote_machine, SAFE_NETBIOS_CHARS,len+1); - strlower_m(remote_machine); + if (!strlower_m(remote_machine)) { + TALLOC_FREE(tmp_remote_machine); + return false; + } TALLOC_FREE(tmp_remote_machine); already_perm = perm; @@ -153,7 +159,10 @@ void sub_set_smb_name(const char *name) return; } trim_char(tmp, ' ', ' '); - strlower_m(tmp); + if (!strlower_m(tmp)) { + TALLOC_FREE(tmp); + return; + } len = strlen(tmp); diff --git a/source3/lib/username.c b/source3/lib/username.c index 7435a59ac7..665fbb4253 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -112,7 +112,11 @@ static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx, /* Try in all lower case first as this is the most common case on UNIX systems */ - strlower_m(user2); + if (!strlower_m(user2)) { + DEBUG(5,("strlower_m %s failed\n", user2)); + goto done; + } + DEBUG(5,("Trying _Get_Pwnam(), username as lowercase is %s\n",user2)); ret = getpwnam_alloc_cached(mem_ctx, user2); if(ret) @@ -141,7 +145,10 @@ static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx, } /* Try all combinations up to usernamelevel */ - strlower_m(user2); + if (!strlower_m(user2)) { + DEBUG(5,("strlower_m %s failed\n", user2)); + goto done; + } DEBUG(5,("Checking combinations of %d uppercase letters in %s\n", lp_usernamelevel(), user2)); ret = uname_string_combinations(user2, mem_ctx, getpwnam_alloc_cached, diff --git a/source3/lib/util.c b/source3/lib/util.c index 9c380c5a02..b8513f6b9f 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -1892,8 +1892,14 @@ bool unix_wild_match(const char *pattern, const char *string) TALLOC_FREE(ctx); return false; } - strlower_m(p2); - strlower_m(s2); + if (!strlower_m(p2)) { + TALLOC_FREE(ctx); + return false; + } + if (!strlower_m(s2)) { + TALLOC_FREE(ctx); + return false; + } /* Remove any *? and ** from the pattern as they are meaningless */ for(p = p2; *p; p++) { diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index 8962b23da0..c302851335 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -60,8 +60,7 @@ bool strnorm(char *s, int case_default) if (case_default == CASE_UPPER) return strupper_m(s); else - strlower_m(s); - return true; /* FIXME - return strlower_m value later. */ + return strlower_m(s); } /** @@ -491,7 +490,6 @@ bool strlower_m(char *s) /* Catch mb conversion errors that may not terminate. */ if (errno) { s[len-1] = '\0'; - ret = false; } errno = errno_save; return ret; @@ -1033,7 +1031,10 @@ char *talloc_asprintf_strlower_m(TALLOC_CTX *t, const char *fmt, ...) if (ret == NULL) { return NULL; } - strlower_m(ret); + if (!strlower_m(ret)) { + TALLOC_FREE(ret); + return NULL; + } return ret; } diff --git a/source3/libads/ads_struct.c b/source3/libads/ads_struct.c index 285057ba53..45d00a39a3 100644 --- a/source3/libads/ads_struct.c +++ b/source3/libads/ads_struct.c @@ -108,7 +108,11 @@ char *ads_build_domain(const char *dn) return NULL; } - strlower_m( dnsdomain ); + if (!strlower_m( dnsdomain )) { + SAFE_FREE(dnsdomain); + return NULL; + } + all_string_sub( dnsdomain, "dc=", "", 0); all_string_sub( dnsdomain, ",", ".", 0 ); diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 80f99de482..1093d12c2c 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -356,7 +356,7 @@ char* kerberos_standard_des_salt( void ) fstring salt; fstr_sprintf( salt, "host/%s.%s@", lp_netbios_name(), lp_realm() ); - strlower_m( salt ); + (void)strlower_m( salt ); fstrcat( salt, lp_realm() ); return SMB_STRDUP( salt ); diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index fa88244598..946c1a36a7 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1954,7 +1954,10 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n goto out; } - strlower_m(&psp1[strlen(spn)]); + if (!strlower_m(&psp1[strlen(spn)])) { + ret = ADS_ERROR(LDAP_NO_MEMORY); + goto out; + } servicePrincipalName[0] = psp1; DEBUG(5,("ads_add_service_principal_name: INFO: Adding %s to host %s\n", @@ -1972,7 +1975,10 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n goto out; } - strlower_m(&psp2[strlen(spn)]); + if (!strlower_m(&psp2[strlen(spn)])) { + ret = ADS_ERROR(LDAP_NO_MEMORY); + goto out; + } servicePrincipalName[1] = psp2; DEBUG(5,("ads_add_service_principal_name: INFO: Adding %s to host %s\n", @@ -3468,7 +3474,10 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname) /* hostname must be lowercase */ host = SMB_STRDUP(hostname); - strlower_m(host); + if (!strlower_m(host)) { + SAFE_FREE(host); + return ADS_ERROR_SYSTEM(EINVAL); + } status = ads_find_machine_acct(ads, &res, host); if (!ADS_ERR_OK(status)) { diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index a04ac9dd69..438db05df8 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -652,7 +652,12 @@ static ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, return ADS_ERROR(LDAP_NO_MEMORY); } - strlower_m(server); + if (!strlower_m(server)) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } + if (!strupper_m(server_realm)) { SAFE_FREE(server); SAFE_FREE(server_realm); @@ -683,7 +688,12 @@ static ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads, return ADS_ERROR(LDAP_NO_MEMORY); } - strlower_m(server); + if (!strlower_m(server)) { + SAFE_FREE(server); + SAFE_FREE(server_realm); + return ADS_ERROR(LDAP_NO_MEMORY); + } + if (!strupper_m(server_realm)) { SAFE_FREE(server); SAFE_FREE(server_realm); diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 5806f7bc75..d6aa7937ee 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -395,7 +395,9 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, r->out.dns_domain_name); } - strlower_m(my_fqdn); + if (!strlower_m(my_fqdn)) { + return ADS_ERROR_LDAP(LDAP_NO_MEMORY); + } if (!strequal(my_fqdn, r->in.machine_name)) { spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); @@ -817,7 +819,9 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx, /* according to WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED */ fstrcpy(trust_passwd, r->in.admin_password); - strlower_m(trust_passwd); + if (!strlower_m(trust_passwd)) { + return NT_STATUS_INVALID_PARAMETER; + } /* * Machine names can be 15 characters, but the max length on @@ -934,7 +938,10 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, /* Create domain user */ acct_name = talloc_asprintf(mem_ctx, "%s$", r->in.machine_name); - strlower_m(acct_name); + if (!strlower_m(acct_name)) { + status = NT_STATUS_INVALID_PARAMETER; + goto done; + } init_lsa_String(&lsa_acct_name, acct_name); @@ -1367,7 +1374,10 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, /* Create domain user */ acct_name = talloc_asprintf(mem_ctx, "%s$", r->in.machine_name); - strlower_m(acct_name); + if (!strlower_m(acct_name)) { + status = NT_STATUS_INVALID_PARAMETER; + goto done; + } init_lsa_String(&lsa_acct_name, acct_name); diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c index dbcc520048..43f545ad4c 100644 --- a/source3/librpc/crypto/gse_krb5.c +++ b/source3/librpc/crypto/gse_krb5.c @@ -96,7 +96,10 @@ static krb5_error_code get_host_principal(krb5_context krbctx, return -1; } - strlower_m(host_princ_s); + if (!strlower_m(host_princ_s)) { + SAFE_FREE(host_princ_s); + return -1; + } ret = smb_krb5_parse_name(krbctx, host_princ_s, host_princ); if (ret) { DEBUG(1, (__location__ ": smb_krb5_parse_name(%s) " diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index ab7ef30e6b..770f6a33f0 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -804,7 +804,9 @@ static bool nt_to_afs_acl(const char *filename, if (tmp == NULL) { return false; } - strlower_m(tmp); + if (!strlower_m(tmp)) { + return false; + } name = tmp; } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index d4ee8a22f2..5dcb92628c 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -1653,7 +1653,10 @@ char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src) result = talloc_strdup(ctx, src); SMB_ASSERT(result != NULL); - strlower_m(result); + if (!strlower_m(result)) { + TALLOC_FREE(result); + return NULL; + } return result; } diff --git a/source3/param/service.c b/source3/param/service.c index 5f0910fe0a..85047a8e08 100644 --- a/source3/param/service.c +++ b/source3/param/service.c @@ -191,7 +191,9 @@ int find_service(TALLOC_CTX *ctx, const char *service_in, char **p_service_out) /* Is it a usershare service ? */ if (iService < 0 && *lp_usershare_path(talloc_tos())) { /* Ensure the name is canonicalized. */ - strlower_m(*p_service_out); + if (!strlower_m(*p_service_out)) { + goto fail; + } iService = load_usershare_service(*p_service_out); } diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 7a73fbfacf..cdbb378e94 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -472,7 +472,9 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods, /* lowercase the username before creating the Unix account for compatibility with previous Samba releases */ fstrcpy( name2, name ); - strlower_m( name2 ); + if (!strlower_m( name2 )) { + return NT_STATUS_INVALID_PARAMETER; + } add_script = talloc_all_string_sub(tmp_ctx, add_script, "%u", @@ -598,7 +600,9 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods, external scripts */ fstrcpy( username, pdb_get_username(sam_acct) ); - strlower_m( username ); + if (!strlower_m( username )) { + return status; + } smb_delete_user( username ); diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c index bbd3339f2f..c0eb48d448 100644 --- a/source3/passdb/pdb_ipa.c +++ b/source3/passdb/pdb_ipa.c @@ -787,7 +787,9 @@ static struct pdb_domain_info *pdb_ipasam_get_domain_info(struct pdb_methods *pd if (info->dns_domain == NULL) { goto fail; } - strlower_m(info->dns_domain); + if (!strlower_m(info->dns_domain)) { + goto fail; + } info->dns_forest = talloc_strdup(info, info->dns_domain); /* we expect a domain SID to have 4 sub IDs */ diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 56225a2965..9b4d8a6a4d 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -2015,9 +2015,14 @@ static NTSTATUS ldapsam_rename_sam_account(struct pdb_methods *my_methods, posix name but preserve the case in passdb */ fstrcpy( oldname_lower, oldname ); - strlower_m( oldname_lower ); + if (!strlower_m( oldname_lower )) { + return NT_STATUS_INVALID_PARAMETER; + } fstrcpy( newname_lower, newname ); - strlower_m( newname_lower ); + if (!strlower_m( newname_lower )) { + return NT_STATUS_INVALID_PARAMETER; + } + rename_script = realloc_string_sub2(rename_script, "%unew", newname_lower, diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 1295862303..bd6e123e31 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -572,7 +572,9 @@ static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, /* Data is stored in all lower-case */ fstrcpy(name, sname); - strlower_m(name); + if (!strlower_m(name)) { + return NT_STATUS_INVALID_PARAMETER; + } /* set search key */ slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name); @@ -668,7 +670,9 @@ static bool tdb_delete_samacct_only( struct samu *sam_pass ) NTSTATUS status; fstrcpy(name, pdb_get_username(sam_pass)); - strlower_m(name); + if (!strlower_m(name)) { + return false; + } /* set the search key */ @@ -712,7 +716,9 @@ static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods *my_methods, } fstrcpy(name, pdb_get_username(sam_pass)); - strlower_m(name); + if (!strlower_m(name)) { + return NT_STATUS_INVALID_PARAMETER; + } /* set the search key */ @@ -785,7 +791,9 @@ static bool tdb_update_samacct_only( struct samu* newpwd, int flag ) data.dptr = buf; fstrcpy(name, pdb_get_username(newpwd)); - strlower_m(name); + if (!strlower_m(name)) { + goto done; + } DEBUG(5, ("Storing %saccount %s with RID %d\n", flag == TDB_INSERT ? "(new) " : "", name, @@ -823,7 +831,9 @@ static bool tdb_update_ridrec_only( struct samu* newpwd, int flag ) NTSTATUS status; fstrcpy(name, pdb_get_username(newpwd)); - strlower_m(name); + if (!strlower_m(name)) { + return false; + } /* setup RID data */ data = string_term_tdb_data(name); @@ -1032,10 +1042,14 @@ static NTSTATUS tdbsam_rename_sam_account(struct pdb_methods *my_methods, so that we lower case the posix name but preserve the case in passdb */ fstrcpy( oldname_lower, pdb_get_username(old_acct) ); - strlower_m( oldname_lower ); + if (!strlower_m( oldname_lower )) { + goto cancel; + } fstrcpy( newname_lower, newname ); - strlower_m( newname_lower ); + if (!strlower_m( newname_lower )) { + goto cancel; + } rename_script = talloc_string_sub2(new_acct, rename_script, diff --git a/source3/printing/lpq_parse.c b/source3/printing/lpq_parse.c index 21e7b37faf..91fc2ead71 100644 --- a/source3/printing/lpq_parse.c +++ b/source3/printing/lpq_parse.c @@ -1117,7 +1117,9 @@ bool parse_lpq_entry(enum printing_types printing_type,char *line, printer status line: handle them so that most severe condition is shown */ int i; - strlower_m(line); + if (!strlower_m(line)) { + return false; + } switch (status->status) { case LPSTAT_OK: diff --git a/source3/printing/nt_printing_tdb.c b/source3/printing/nt_printing_tdb.c index 028dc0b1da..870231af8c 100644 --- a/source3/printing/nt_printing_tdb.c +++ b/source3/printing/nt_printing_tdb.c @@ -54,7 +54,7 @@ static TDB_DATA make_printer_tdbkey(TALLOC_CTX *ctx, const char *sharename ) TDB_DATA key; fstrcpy(share, sharename); - strlower_m(share); + (void)strlower_m(share); keystr = talloc_asprintf(ctx, "%s%s", PRINTERS_PREFIX, share); key = string_term_tdb_data(keystr ? keystr : ""); @@ -74,7 +74,7 @@ static TDB_DATA make_printers_secdesc_tdbkey(TALLOC_CTX *ctx, TDB_DATA key; fstrcpy(share, sharename ); - strlower_m(share); + (void)strlower_m(share); keystr = talloc_asprintf(ctx, "%s%s", SECDESC_PREFIX, share); key = string_term_tdb_data(keystr ? keystr : ""); diff --git a/source3/rpc_server/dfs/srv_dfs_nt.c b/source3/rpc_server/dfs/srv_dfs_nt.c index 49e65066e5..fc9c92b552 100644 --- a/source3/rpc_server/dfs/srv_dfs_nt.c +++ b/source3/rpc_server/dfs/srv_dfs_nt.c @@ -138,7 +138,9 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) if (!altpath) { return WERR_NOMEM; } - strlower_m(altpath); + if (!strlower_m(altpath)) { + return WERR_INVALID_PARAM; + } DEBUG(5,("init_reply_dfs_remove: Request to remove %s -> %s\\%s.\n", r->in.dfs_entry_path, r->in.servername, r->in.sharename)); } diff --git a/source3/rpc_server/dssetup/srv_dssetup_nt.c b/source3/rpc_server/dssetup/srv_dssetup_nt.c index fef2dbd7e0..1a3998b8be 100644 --- a/source3/rpc_server/dssetup/srv_dssetup_nt.c +++ b/source3/rpc_server/dssetup/srv_dssetup_nt.c @@ -78,7 +78,9 @@ static WERROR fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, if (!dnsdomain) { return WERR_NOMEM; } - strlower_m(dnsdomain); + if (!strlower_m(dnsdomain)) { + return WERR_INVALID_PARAM; + } basic->dns_domain = dnsdomain; /* FIXME!! We really should fill in the correct forest diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index c9350afa49..e33350c932 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -206,7 +206,7 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn) memset(blob_out.data, '\0', 16); checked_strlcpy(unix_name, lp_netbios_name(), sizeof(unix_name)); - strlower_m(unix_name); + (void)strlower_m(unix_name); push_ascii_nstring(dos_name, unix_name); strlcpy((char *)blob_out.data, dos_name, 17); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index ce9cff90e2..0cd48f8950 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -1098,7 +1098,11 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, return NULL; } - strlower_m(service); + if (!strlower_m(service)) { + DEBUG(2, ("strlower_m %s failed\n", service)); + *status = NT_STATUS_INVALID_PARAMETER; + return NULL; + } snum = find_service(talloc_tos(), service, &service); if (!service) { diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index 2cf91af3ff..1346d1309b 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -202,7 +202,10 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, return NT_STATUS_NO_MEMORY; } - strlower_m(service); + if (!strlower_m(service)) { + DEBUG(2, ("strlower_m %s failed\n", service)); + return NT_STATUS_INVALID_PARAMETER; + } /* TODO: do more things... */ if (strequal(service,HOMES_NAME)) { diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index 74f33a5cdd..58e09822a1 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -269,12 +269,12 @@ static NTSTATUS listfn(const char *mnt, struct file_info *f, const char *s, fstrcpy(state->short_name, f->short_name ? f->short_name : ""); - strlower_m(state->short_name); + (void)strlower_m(state->short_name); *state->pp_long_name = SMB_STRDUP(f->name); if (!*state->pp_long_name) { return NT_STATUS_NO_MEMORY; } - strlower_m(*state->pp_long_name); + (void)strlower_m(*state->pp_long_name); return NT_STATUS_OK; } diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index b1eac52df2..b1d55f10b0 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -1256,7 +1256,9 @@ static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, } else { name_to_fqdn( machine_name, lp_netbios_name() ); } - strlower_m( machine_name ); + if (!strlower_m( machine_name )) { + return NT_STATUS_INVALID_PARAMETER; + } if (num_addrs == 0 || iplist == NULL) { /* @@ -2192,7 +2194,11 @@ int net_ads_changetrustpw(struct net_context *c, int argc, const char **argv) } fstrcpy(my_name, lp_netbios_name()); - strlower_m(my_name); + if (!strlower_m(my_name)) { + ads_destroy(&ads); + return -1; + } + if (asprintf(&host_principal, "%s$@%s", my_name, ads->config.realm) == -1) { ads_destroy(&ads); return -1; diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 50383fee6b..ed81aacac7 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -321,7 +321,10 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) status = NT_STATUS_NO_MEMORY; goto done; } - strlower_m(acct_name); + if (!strlower_m(acct_name)) { + status = NT_STATUS_INVALID_PARAMETER; + goto done; + } init_lsa_String(&lsa_acct_name, acct_name); diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c index 153b45e7f8..382fe2f250 100644 --- a/source3/utils/net_usershare.c +++ b/source3/utils/net_usershare.c @@ -523,7 +523,9 @@ static int net_usershare_info(struct net_context *c, int argc, const char **argv return net_usershare_info_usage(c, argc, argv); } - strlower_m(wcard); + if (!strlower_m(wcard)) { + return -1; + } ctx = talloc_init("share_info"); ret = get_share_list(ctx, wcard, only_ours); @@ -1036,7 +1038,9 @@ static int net_usershare_list(struct net_context *c, int argc, return net_usershare_list_usage(c, argc, argv); } - strlower_m(wcard); + if (!strlower_m(wcard)) { + return -1; + } ctx = talloc_init("share_list"); ret = get_share_list(ctx, wcard, only_ours); diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 06eed201f4..8a3551bf6b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -655,7 +655,11 @@ static int set_machine_info(const char *machinename, return -1; } - strlower_m(name); + if (!strlower_m(name)) { + fprintf(stderr, "strlower_m %s failed\n", name); + TALLOC_FREE(sam_pwent); + return -1; + } ret = pdb_getsampwnam(sam_pwent, name); if (!ret) { @@ -853,7 +857,10 @@ static int new_machine(const char *machinename, char *machine_sid) return -1; } - strlower_m(name); + if (!strlower_m(name)) { + fprintf(stderr, "strlower_m %s failed\n", name); + return -1; + } flags = LOCAL_ADD_USER | LOCAL_TRUST_ACCOUNT | LOCAL_SET_PASSWORD; diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index f845147da4..66c80da618 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -370,7 +370,11 @@ static int process_root(int local_flags) if (local_flags & LOCAL_ADD_USER) { SAFE_FREE(new_passwd); new_passwd = smb_xstrdup(user_name); - strlower_m(new_passwd); + if (!strlower_m(new_passwd)) { + fprintf(stderr, "strlower_m %s failed\n", + new_passwd); + exit(1); + } } /* diff --git a/source3/winbindd/wb_fill_pwent.c b/source3/winbindd/wb_fill_pwent.c index a716245ce8..62b1b4a189 100644 --- a/source3/winbindd/wb_fill_pwent.c +++ b/source3/winbindd/wb_fill_pwent.c @@ -111,7 +111,10 @@ static void wb_fill_pwent_sid2gid_done(struct tevent_req *subreq) /* Username */ fstrcpy(user_name, state->info->acct_name); - strlower_m(user_name); + if (!strlower_m(user_name)) { + tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } status = normalize_name_map(state, domain, user_name, &mapped_name); /* Basic removal of whitespace */ diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index cfa843424a..2c9dd4a9b3 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -1868,7 +1868,7 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, if (!strupper_m(discard_const_p(char, domain_name))) { return NT_STATUS_INVALID_PARAMETER; } - strlower_m(discard_const_p(char, name)); + (void)strlower_m(discard_const_p(char, name)); wcache_save_sid_to_name(domain, status, sid, domain_name, name, *type); } } diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 48bb79bdcd..d8febe6a5c 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -217,7 +217,9 @@ static NTSTATUS append_afs_token(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - strlower_m(afsname); + if (!strlower_m(afsname)) { + return NT_STATUS_INVALID_PARAMETER; + } DEBUG(10, ("Generating token for user %s\n", afsname)); diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 656735633b..c36ae0bb0a 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -931,7 +931,7 @@ void fill_domain_username(fstring name, const char *domain, const char *user, bo fstring tmp_user; fstrcpy(tmp_user, user); - strlower_m(tmp_user); + (void)strlower_m(tmp_user); if (can_assume && assume_domain(domain)) { strlcpy(name, tmp_user, sizeof(fstring)); @@ -954,7 +954,10 @@ char *fill_domain_username_talloc(TALLOC_CTX *mem_ctx, char *tmp_user, *name; tmp_user = talloc_strdup(mem_ctx, user); - strlower_m(tmp_user); + if (!strlower_m(tmp_user)) { + TALLOC_FREE(tmp_user); + return NULL; + } if (can_assume && assume_domain(domain)) { name = tmp_user; -- cgit