mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
s3:loadparm: prevent infinite include nesting.
This introduces a hard coded MAX_INCLUDE_DEPTH of 100. When this is exceeded, handle_include (and hence lp_load) fails. One could of course implement a more intelligent loop detection in the include-tree, but this would require some restructuring of the internal loadparm housekeeping. Maybe as a second improvement step. Michael
This commit is contained in:
parent
09ec85715b
commit
d5f2bbdc48
@ -6908,6 +6908,10 @@ done:
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define MAX_INCLUDE_DEPTH 100
|
||||||
|
|
||||||
|
static uint8_t include_depth;
|
||||||
|
|
||||||
static struct file_lists {
|
static struct file_lists {
|
||||||
struct file_lists *next;
|
struct file_lists *next;
|
||||||
char *name;
|
char *name;
|
||||||
@ -7095,12 +7099,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr)
|
|||||||
{
|
{
|
||||||
char *fname;
|
char *fname;
|
||||||
|
|
||||||
|
if (include_depth >= MAX_INCLUDE_DEPTH) {
|
||||||
|
DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
|
||||||
|
include_depth));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
|
if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
|
||||||
if (!bAllowIncludeRegistry) {
|
if (!bAllowIncludeRegistry) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (bInGlobalSection) {
|
if (bInGlobalSection) {
|
||||||
return process_registry_globals();
|
bool ret;
|
||||||
|
include_depth++;
|
||||||
|
ret = process_registry_globals();
|
||||||
|
include_depth--;
|
||||||
|
return ret;
|
||||||
} else {
|
} else {
|
||||||
DEBUG(1, ("\"include = registry\" only effective "
|
DEBUG(1, ("\"include = registry\" only effective "
|
||||||
"in %s section\n", GLOBAL_NAME));
|
"in %s section\n", GLOBAL_NAME));
|
||||||
@ -7117,7 +7131,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr)
|
|||||||
string_set(ptr, fname);
|
string_set(ptr, fname);
|
||||||
|
|
||||||
if (file_exist(fname)) {
|
if (file_exist(fname)) {
|
||||||
bool ret = pm_process(fname, do_section, do_parameter, NULL);
|
bool ret;
|
||||||
|
include_depth++;
|
||||||
|
ret = pm_process(fname, do_section, do_parameter, NULL);
|
||||||
|
include_depth--;
|
||||||
SAFE_FREE(fname);
|
SAFE_FREE(fname);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user