sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

pdb: Fix array overrun by one.

Browse Source 
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This commit is contained in:
Andreas Schneider 2013-02-19 09:23:53 +01:00 committed by Alexander Bokovoy
parent 5207d456f1
commit b510e5e6c4
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/passdb/pdb_smbpasswd.c
View File

@ -737,7 +737,8 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
fstring user_name;
char *status;
char linebuf[256];
#define LINEBUF_SIZE 255
char linebuf[LINEBUF_SIZE + 1];
char readbuf[1024];
int c;
fstring ascii_p16;
@ -792,7 +793,7 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
linebuf[0] = '\0';
status = fgets(linebuf, sizeof(linebuf), fp);
status = fgets(linebuf, LINEBUF_SIZE, fp);
if (status == NULL && ferror(fp)) {
pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
fclose(fp);
@ -1021,7 +1022,7 @@ This is no longer supported.!\n", pwd->smb_name));
dump_data(100, (uint8 *)ascii_p16, wr_len);
#endif
if(wr_len > sizeof(linebuf)) {
if(wr_len > LINEBUF_SIZE) {
DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
fclose(fp);