From 18bc76a0c6830358a137b4198e17b1b7ce92b9bf Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Mar 2000 12:38:45 +0000 Subject: changed the definition of dos_PutUniCode the previous definition could result is us overflowing a buffer. The null termination was always added yet the size returned did not include the null termination. the new function takes a BOOL null_terminate, and always returns the total number of bytes consumed by the string. (This used to be commit 426c90433396a95033eefcc4af97603abc934221) --- source3/nmbd/nmbd_processlogon.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) (limited to 'source3/nmbd') diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index bc4c6ea127..0886654de9 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -159,11 +159,8 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); { q = align2(q, buf); - dos_PutUniCode(q, my_name, sizeof(pstring)); /* PDC name */ - q = skip_unicode_string(q, 1); - - dos_PutUniCode(q, global_myworkgroup,sizeof(pstring)); /* Domain name*/ - q = skip_unicode_string(q, 1); + q += dos_PutUniCode(q, my_name, sizeof(pstring), True); /* PDC name */ + q += dos_PutUniCode(q, global_myworkgroup,sizeof(pstring), True); /* Domain name*/ SIVAL(q, 0, ntversion); SSVAL(q, 4, lmnttoken); @@ -239,12 +236,10 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", } q += 2; - dos_PutUniCode(q, reply_name,sizeof(pstring)); - q = skip_unicode_string(q, 1); + q += dos_PutUniCode(q, reply_name,sizeof(pstring), True); unistrcpy(q, uniuser); q = skip_unicode_string(q, 1); /* User name (workstation trust account) */ - dos_PutUniCode(q, lp_workgroup(),sizeof(pstring)); - q = skip_unicode_string(q, 1); /* Domain name. */ + q += dos_PutUniCode(q, lp_workgroup(),sizeof(pstring), True); SIVAL(q, 0, ntversion); q += 4; -- cgit