From 3b5bc93e9db4df6ded2eef7b32bda74328b04811 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Mar 2003 07:14:55 +0000 Subject: String handling parinoia fixes. This patch enables the compile-time checking of strings assable by means of sizeof(). (Original code had the configure check reversed). This is extended to all safe_strcpy() users, push_string and pull_string, as well as the cli and srv derivitives. There is an attempt to cap strings at the end of the cli buffer, and clobber_region() of the speified length (when not -1 :-). Becouse of the way they are declared, the 'overmalloc a string' users of safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips some of the checks). This whole ball of mud worked fine, until I pulled out my 'fix' for our statcache. When jeremy fixes that, we should be able to get back to testing this stuff. This patch also includes a 'marker' of the last caller to clobber_region (ie, the function that called pstrcpy() that called clobber_region) to assist in debugging problems that may have smashed the stack. This is printed at smb_panic() time. (Original idea and patch by metze). It also removes some unsused functions, and #if 0's some others that are unused but probably should be used in the near future. For now, this patch gives us some confidence on one class of trivial parsing error in our code. Andrew Bartlett (This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4) --- source3/smbd/srvstr.c | 41 ----------------------------------------- source3/smbd/statcache.c | 12 ++++++------ 2 files changed, 6 insertions(+), 47 deletions(-) delete mode 100644 source3/smbd/srvstr.c (limited to 'source3/smbd') diff --git a/source3/smbd/srvstr.c b/source3/smbd/srvstr.c deleted file mode 100644 index 36fecf5bd2..0000000000 --- a/source3/smbd/srvstr.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - Unix SMB/CIFS implementation. - server specific string routines - Copyright (C) Andrew Tridgell 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -int srvstr_push(void *base_ptr, void *dest, const char *src, int dest_len, int flags) -{ - return push_string(base_ptr, dest, src, dest_len, flags); -} - -int srvstr_pull(void *base_ptr, char *dest, const void *src, int dest_len, int src_len, - int flags) -{ - return pull_string(base_ptr, dest, src, dest_len, src_len, flags); -} - -/* pull a string from the smb_buf part of a packet. In this case the - string can either be null terminated or it can be terminated by the - end of the smbbuf area -*/ -int srvstr_pull_buf(void *inbuf, char *dest, const void *src, int dest_len, int flags) -{ - return pull_string(inbuf, dest, src, dest_len, smb_bufrem(inbuf, src), flags); -} diff --git a/source3/smbd/statcache.c b/source3/smbd/statcache.c index b6e84ec9a5..ac4ffcf575 100644 --- a/source3/smbd/statcache.c +++ b/source3/smbd/statcache.c @@ -62,7 +62,7 @@ void stat_cache_add( char *full_orig_name, char *orig_translated_path) return; /* - * If we are in case insentive mode, we need to + * If we are in case insentive mode, we don't need to * store names that need no translation - else, it * would be a waste. */ @@ -106,8 +106,8 @@ void stat_cache_add( char *full_orig_name, char *orig_translated_path) DEBUG(0,("stat_cache_add: Out of memory !\n")); return; } - safe_strcpy(scp->names, orig_name, namelen); - safe_strcpy((scp->names+namelen+1), translated_path, namelen); + overmalloc_safe_strcpy(scp->names, orig_name, namelen); + overmalloc_safe_strcpy((scp->names+namelen+1), translated_path, namelen); scp->name_len = namelen; hash_insert(&stat_cache, (char *)scp, orig_name); } @@ -122,8 +122,8 @@ void stat_cache_add( char *full_orig_name, char *orig_translated_path) DEBUG(0,("stat_cache_add: Out of memory !\n")); return; } - safe_strcpy(scp->names, orig_name, namelen); - safe_strcpy(scp->names+namelen+1, translated_path, namelen); + overmalloc_safe_strcpy(scp->names, orig_name, namelen); + overmalloc_safe_strcpy(scp->names+namelen+1, translated_path, namelen); scp->name_len = namelen; hash_insert(&stat_cache, (char *)scp, orig_name); } @@ -136,7 +136,7 @@ void stat_cache_add( char *full_orig_name, char *orig_translated_path) Return True if we translated (and did a scuccessful stat on) the entire name. *****************************************************************************/ -BOOL stat_cache_lookup(connection_struct *conn, char *name, char *dirpath, +BOOL stat_cache_lookup(connection_struct *conn, pstring name, pstring dirpath, char **start, SMB_STRUCT_STAT *pst) { stat_cache_entry *scp; -- cgit