From dfd33bcbb81998e68c00d2a01aab6b5c468ecf87 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 23 Feb 2011 15:26:38 +0100 Subject: s3: Fix 64-bit errors Casting those variables will lead to sscanf believing that it sees pointers to unsigned longs. These might be 64 bit long, thus sscanf will overwrite memory it should not overwrite. Assigning the vars later is okay, there we get automatic type conversion. C can be nasty ... Christian, please check! --- source3/winbindd/idmap_autorid.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 756c6c29af..ae65647ed6 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -395,6 +395,7 @@ static struct autorid_global_config *idmap_autorid_loadconfig(TALLOC_CTX * ctx) TDB_DATA data; struct autorid_global_config *cfg; + unsigned long minvalue, rangesize, maxranges; data = dbwrap_fetch_bystring(autorid_db, ctx, CONFIGKEY); @@ -408,16 +409,19 @@ static struct autorid_global_config *idmap_autorid_loadconfig(TALLOC_CTX * ctx) return NULL; } - if (sscanf - ((char *)data.dptr, "minvalue:%lu rangesize:%lu maxranges:%lu", - (unsigned long *)&cfg->minvalue, (unsigned long *)&cfg->rangesize, - (unsigned long *)&cfg->maxranges) != 3) { + if (sscanf((char *)data.dptr, + "minvalue:%lu rangesize:%lu maxranges:%lu", + &minvalue, &rangesize, &maxranges) != 3) { DEBUG(1, ("Found invalid configuration data" "creating new config\n")); return NULL; } + cfg->minvalue = minvalue; + cfg->rangesize = rangesize; + cfg->maxranges = maxranges; + DEBUG(10, ("Loaded previously stored configuration " "minvalue:%d rangesize:%d\n", cfg->minvalue, cfg->rangesize)); -- cgit