From 61b5fd6f32e9ccb612df1354a3e3b3bed5f2b808 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 31 Aug 1998 03:11:42 +0000
Subject: bounds check next_token() to prevent possible buffer overflows (This
 used to be commit 3eade55dc7c842bdc50205c330802d211fae54d3)

---
 source3/nmbd/nmbd_synclists.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'source3/nmbd/nmbd_synclists.c')

diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c
index b62d9b7569..432b6dcbe2 100644
--- a/source3/nmbd/nmbd_synclists.c
+++ b/source3/nmbd/nmbd_synclists.c
@@ -150,6 +150,8 @@ void sync_browse_lists(struct work_record *work,
 	CatchChild();
 	if ((s->pid = fork())) return;
 
+	BlockSignals( False, SIGTERM );
+
 	DEBUG(2,("Initiating browse sync for %s to %s(%s)\n",
 		 work->work_group, name, inet_ntoa(ip)));
 
@@ -239,11 +241,9 @@ static void complete_sync(struct sync_record *s)
 		
 		ptr = line;
 
-		DEBUG(9,("sync line [%s]\n", line));
-		
-		if (!next_token(&ptr,server,NULL) ||
-		    !next_token(&ptr,type_str,NULL) ||
-		    !next_token(&ptr,comment,NULL)) {
+		if (!next_token(&ptr,server,NULL,sizeof(server)) ||
+		    !next_token(&ptr,type_str,NULL, sizeof(type_str)) ||
+		    !next_token(&ptr,comment,NULL, sizeof(comment))) {
 			continue;
 		}
 
-- 
cgit