The branch, master has been updated
via af599b3 Fixup (C) - we've both worked lots on this :-).
via 1815f02 Remove fstrings from client struct. Properly talloc strings
(ensuring we never end up with a NULL pointer).
from 66b2619 s3-waf: add pthreadpool support.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit af599b3d90e10ea8858bd9ae6b44028c814690c4
Author: Jeremy Allison <[email protected]>
Date: Tue Apr 26 16:31:28 2011 -0700
Fixup (C) - we've both worked lots on this :-).
Autobuild-User: Jeremy Allison <[email protected]>
Autobuild-Date: Wed Apr 27 21:56:29 CEST 2011 on sn-devel-104
commit 1815f0298f33c949f78e181477e8474a37663ccd
Author: Jeremy Allison <[email protected]>
Date: Wed Apr 27 12:06:25 2011 -0700
Remove fstrings from client struct. Properly talloc strings (ensuring we
never end up with a NULL pointer).
-----------------------------------------------------------------------
Summary of changes:
source3/include/client.h | 12 +-
source3/libsmb/cliconnect.c | 310 ++++++++++++++++++++++++++++++++++------
source3/winbindd/winbindd_cm.c | 7 +-
3 files changed, 280 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/client.h b/source3/include/client.h
index 9e4a61d..b51da90 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -71,7 +71,7 @@ struct cli_state {
int rap_error;
int privileges;
- fstring desthost;
+ char *desthost;
/* The credentials used to open the cli_state connection. */
char *domain;
@@ -83,12 +83,12 @@ struct cli_state {
* ones returned by the server if
* the protocol > NT1.
*/
- fstring server_type;
- fstring server_os;
- fstring server_domain;
+ char *server_type;
+ char *server_os;
+ char *server_domain;
- fstring share;
- fstring dev;
+ char *share;
+ char *dev;
struct nmb_name called;
struct nmb_name calling;
struct sockaddr_storage dest_ss;
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 0fc532d..b3b2c17 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -3,6 +3,8 @@
client connect/disconnect routines
Copyright (C) Andrew Tridgell 1994-1998
Copyright (C) Andrew Bartlett 2001-2003
+ Copyright (C) Volker Lendecke 2011
+ Copyright (C) Jeremy Allison 2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -47,6 +49,40 @@ static const struct {
#define STAR_SMBSERVER "*SMBSERVER"
+/********************************************************
+ Utility function to ensure we always return at least
+ a valid char * pointer to an empty string for the
+ cli->server_os, cli->server_type and cli->server_domain
+ strings.
+*******************************************************/
+
+static NTSTATUS smb_bytes_talloc_string(struct cli_state *cli,
+ char *inbuf,
+ char **dest,
+ uint8_t *src,
+ size_t srclen,
+ ssize_t *destlen)
+{
+ *destlen = clistr_pull_talloc(cli,
+ inbuf,
+ SVAL(inbuf, smb_flg2),
+ dest,
+ (char *)src,
+ srclen,
+ STR_TERMINATE);
+ if (*destlen == -1) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (*dest == NULL) {
+ *dest = talloc_strdup(cli, "");
+ if (*dest == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+ return NT_STATUS_OK;
+}
+
/**
* Set the user session key for a connection
* @param cli The cli structure to add it too
@@ -220,6 +256,7 @@ static void cli_session_setup_lanman2_done(struct
tevent_req *subreq)
uint8_t *bytes;
uint8_t *p;
NTSTATUS status;
+ ssize_t ret;
status = cli_smb_recv(subreq, state, &in, 0, NULL, NULL,
&num_bytes, &bytes);
@@ -234,12 +271,44 @@ static void cli_session_setup_lanman2_done(struct
tevent_req *subreq)
cli->vuid = SVAL(inbuf, smb_uid);
- p += clistr_pull(inbuf, cli->server_os, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_type, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_domain, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_os,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_type,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_domain,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
if (strstr(cli->server_type, "Samba")) {
cli->is_samba = True;
@@ -415,6 +484,7 @@ static void cli_session_setup_guest_done(struct tevent_req
*subreq)
uint8_t *bytes;
uint8_t *p;
NTSTATUS status;
+ ssize_t ret;
status = cli_smb_recv(subreq, state, &in, 0, NULL, NULL,
&num_bytes, &bytes);
@@ -429,12 +499,44 @@ static void cli_session_setup_guest_done(struct
tevent_req *subreq)
cli->vuid = SVAL(inbuf, smb_uid);
- p += clistr_pull(inbuf, cli->server_os, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_type, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_domain, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_os,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_type,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_domain,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
if (strstr(cli->server_type, "Samba")) {
cli->is_samba = True;
@@ -590,6 +692,7 @@ static void cli_session_setup_plain_done(struct tevent_req
*subreq)
uint8_t *bytes;
uint8_t *p;
NTSTATUS status;
+ ssize_t ret;
status = cli_smb_recv(subreq, state, &in, 0, NULL, NULL,
&num_bytes, &bytes);
@@ -603,12 +706,44 @@ static void cli_session_setup_plain_done(struct
tevent_req *subreq)
cli->vuid = SVAL(inbuf, smb_uid);
- p += clistr_pull(inbuf, cli->server_os, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_type, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_domain, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_os,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_type,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_domain,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
status = cli_set_username(cli, state->user);
if (tevent_req_nterror(req, status)) {
@@ -913,6 +1048,7 @@ static void cli_session_setup_nt1_done(struct tevent_req
*subreq)
uint8_t *bytes;
uint8_t *p;
NTSTATUS status;
+ ssize_t ret;
status = cli_smb_recv(subreq, state, &in, 0, NULL, NULL,
&num_bytes, &bytes);
@@ -927,12 +1063,41 @@ static void cli_session_setup_nt1_done(struct tevent_req
*subreq)
cli->vuid = SVAL(inbuf, smb_uid);
- p += clistr_pull(inbuf, cli->server_os, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_type, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(inbuf, cli->server_domain, (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_os,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_type,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ inbuf,
+ &cli->server_domain,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
if (strstr(cli->server_type, "Samba")) {
cli->is_samba = True;
@@ -1122,6 +1287,7 @@ static void cli_sesssetup_blob_done(struct tevent_req
*subreq)
uint8_t *p;
uint16_t blob_length;
uint8_t *inbuf;
+ ssize_t ret;
status = cli_smb_recv(subreq, state, &inbuf, 1, &wct, &vwv,
&num_bytes, &bytes);
@@ -1147,15 +1313,44 @@ static void cli_sesssetup_blob_done(struct tevent_req
*subreq)
p = bytes + blob_length;
- p += clistr_pull(state->inbuf, cli->server_os,
- (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(state->inbuf, cli->server_type,
- (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
- p += clistr_pull(state->inbuf, cli->server_domain,
- (char *)p, sizeof(fstring),
- bytes+num_bytes-p, STR_TERMINATE);
+ status = smb_bytes_talloc_string(cli,
+ (char *)inbuf,
+ &cli->server_os,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ (char *)inbuf,
+ &cli->server_type,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
+
+ status = smb_bytes_talloc_string(cli,
+ (char *)inbuf,
+ &cli->server_domain,
+ p,
+ bytes+num_bytes-p,
+ &ret);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+ p += ret;
if (strstr(cli->server_type, "Samba")) {
cli->is_samba = True;
@@ -1456,8 +1651,14 @@ static void cli_session_setup_ntlmssp_done(struct
tevent_req *subreq)
if (NT_STATUS_IS_OK(status)) {
if (state->cli->server_domain[0] == '\0') {
- fstrcpy(state->cli->server_domain,
- state->ntlmssp_state->server.netbios_domain);
+ TALLOC_FREE(state->cli->server_domain);
+ state->cli->server_domain = talloc_strdup(state->cli,
+
state->ntlmssp_state->server.netbios_domain);
+ if (state->cli->server_domain == NULL) {
+ TALLOC_FREE(subreq);
+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
}
cli_set_session_key(
state->cli, state->ntlmssp_state->session_key);
@@ -1754,12 +1955,15 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
const char *workgroup)
{
char *p;
- fstring user2;
+ char *user2;
if (user) {
- fstrcpy(user2, user);
+ user2 = talloc_strdup(talloc_tos(), user);
} else {
- user2[0] ='\0';
+ user2 = talloc_strdup(talloc_tos(), "");
+ }
+ if (user2 == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
if (!workgroup) {
@@ -1979,7 +2183,10 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX
*mem_ctx,
state->cli = cli;
vwv = state->vwv;
- fstrcpy(cli->share, share);
+ cli->share = talloc_strdup(cli, share);
+ if (!cli->share) {
+ return NULL;
+ }
/* in user level security don't send a password now */
if (cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
@@ -2143,8 +2350,24 @@ static void cli_tcon_andx_done(struct tevent_req *subreq)
inbuf = (char *)in;
- clistr_pull(inbuf, cli->dev, bytes, sizeof(fstring), num_bytes,
- STR_TERMINATE|STR_ASCII);
+ if (num_bytes) {
+ if (clistr_pull_talloc(cli,
+ inbuf,
+ SVAL(inbuf, smb_flg2),
+ &cli->dev,
+ bytes,
+ num_bytes,
+ STR_TERMINATE|STR_ASCII) == -1) {
+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ } else {
+ cli->dev = talloc_strdup(cli, "");
+ if (cli->dev == NULL) {
+ tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ }
if ((cli->protocol >= PROTOCOL_NT1) && (num_bytes == 3)) {
/* almost certainly win95 - enable bug fixes */
@@ -2777,7 +3000,10 @@ NTSTATUS cli_connect(struct cli_state *cli,
host = STAR_SMBSERVER;
}
- fstrcpy(cli->desthost, host);
+ cli->desthost = talloc_strdup(cli, host);
+ if (cli->desthost == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* allow hostnames of the form NAME#xx and do a netbios lookup */
if ((p = strchr(cli->desthost, '#'))) {
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 166e2ed..0bc791f 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -816,7 +816,12 @@ static NTSTATUS cm_prepare_connection(const struct
winbindd_domain *domain,
(*cli)->timeout = 10000; /* 10 seconds */
(*cli)->fd = sockfd;
- fstrcpy((*cli)->desthost, controller);
+ (*cli)->desthost = talloc_strdup((*cli), controller);
+ if ((*cli)->desthost == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
(*cli)->use_kerberos = True;
peeraddr_len = sizeof(peeraddr);
--
Samba Shared Repository
