From d5ee9b2f480ddbda0b8f69409698d27c99384f9c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 18 Mar 2003 11:22:52 +0000 Subject: Jeremy merged across my string parinoia fixes, but forgot to enable them! :-) This patch catches up on the rest of the work - as much string checking as is possible is done at compile time, and the rest at runtime. Lots of code converted to pstrcpy() etc, and other code reworked to correctly call sizeof(). Andrew Bartlett (This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be) --- source3/utils/net.c | 2 +- source3/utils/net_rap.c | 4 ++-- source3/utils/pdbedit.c | 22 ++++++++++++---------- source3/utils/smbcacls.c | 2 +- 4 files changed, 16 insertions(+), 14 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net.c b/source3/utils/net.c index ada0ed53e1..7588771fbc 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -241,7 +241,7 @@ BOOL net_find_dc(struct in_addr *server_ip, fstring server_name, const char *dom if (!lookup_dc_name(global_myname(), domain_name, server_ip, dc_name)) return False; - safe_strcpy(server_name, dc_name, FSTRING_LEN); + fstrcpy(server_name, dc_name); return True; } else return False; diff --git a/source3/utils/net_rap.c b/source3/utils/net_rap.c index 8f3dd53fa6..f52eabf494 100644 --- a/source3/utils/net_rap.c +++ b/source3/utils/net_rap.c @@ -638,7 +638,7 @@ static int rap_user_add(int argc, const char **argv) if (!(cli = net_make_ipc_connection(0))) return -1; - safe_strcpy(userinfo.user_name, argv[0], sizeof(userinfo.user_name)); + safe_strcpy(userinfo.user_name, argv[0], sizeof(userinfo.user_name)-1); if (opt_flags == -1) opt_flags = 0x21; @@ -755,7 +755,7 @@ static int rap_group_add(int argc, const char **argv) return -1; /* BB check for length 21 or smaller explicitly ? BB */ - safe_strcpy(grinfo.group_name, argv[0], sizeof(grinfo.group_name)); + safe_strcpy(grinfo.group_name, argv[0], sizeof(grinfo.group_name)-1); grinfo.reserved1 = '\0'; grinfo.comment = smb_xstrdup(opt_comment); diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9df10c21a4..265bda1e5d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -363,20 +363,21 @@ static int new_machine (struct pdb_context *in, const char *machine_in) { SAM_ACCOUNT *sam_pwent=NULL; fstring machinename; + fstring machineaccount; struct passwd *pwd = NULL; - char name[16]; fstrcpy(machinename, machine_in); + machinename[15]= '\0'; if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; strlower_m(machinename); - safe_strcpy (name, machinename, 16); - safe_strcat (name, "$", 16); + fstrcpy(machineaccount, machinename); + fstrcat(machineaccount, "$"); - if ((pwd = getpwnam_alloc(name))) { + if ((pwd = getpwnam_alloc(machineaccount))) { if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { fprintf(stderr, "Could not init sam from pw\n"); passwd_free(&pwd); @@ -392,14 +393,14 @@ static int new_machine (struct pdb_context *in, const char *machine_in) pdb_set_plaintext_passwd (sam_pwent, machinename); - pdb_set_username (sam_pwent, name, PDB_CHANGED); + pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { - print_user_info (in, name, True, False); + print_user_info (in, machineaccount, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); pdb_free_sam (&sam_pwent); @@ -435,12 +436,13 @@ static int delete_user_entry (struct pdb_context *in, const char *username) static int delete_machine_entry (struct pdb_context *in, const char *machinename) { - char name[16]; + fstring name; SAM_ACCOUNT *samaccount = NULL; - safe_strcpy (name, machinename, 16); - if (name[strlen(name)] != '$') - safe_strcat (name, "$", 16); + fstrcpy(name, machinename); + name[15] = '\0'; + if (name[strlen(name)-1] != '$') + fstrcat (name, "$"); if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { return -1; diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index a5cee0dae1..bce64df960 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -916,7 +916,7 @@ You can string acls together with spaces, commas or newlines\n\ if (filename[0] != '\\') { pstring s; s[0] = '\\'; - safe_strcpy(&s[1], filename, sizeof(pstring)-1); + safe_strcpy(&s[1], filename, sizeof(pstring)-2); pstrcpy(filename, s); } -- cgit