From e059fffd03a1382fb2b7059b6de369d9fc765a17 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Jun 2001 07:22:16 +0000 Subject: [PATCH] Added other_safe_chars to alpha_strcpy(). Needs testing but is a better fix for the problem. Jeremy. --- source/include/smb.h | 2 ++ source/lib/util_str.c | 12 ++++++++---- source/lib/util_unistr.c | 8 ++++++-- source/smbd/message.c | 4 ++-- source/smbd/reply.c | 4 ++-- 5 files changed, 20 insertions(+), 10 deletions(-) diff --git a/source/include/smb.h b/source/include/smb.h index c4c9664c5ce..7a7c2bcedec 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1662,6 +1662,8 @@ typedef struct user_struct #define MAP_TO_GUEST_ON_BAD_USER 1 #define MAP_TO_GUEST_ON_BAD_PASSWORD 2 +#define SAFE_NETBIOS_CHARS ". -_" + #include "nsswitch/winbindd_nss.h" #include "smb_acls.h" diff --git a/source/lib/util_str.c b/source/lib/util_str.c index f1376fe0f7b..1c1b31a83c0 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -933,11 +933,12 @@ char *safe_strcat(char *dest, const char *src, size_t maxlength) /******************************************************************* Paranoid strcpy into a buffer of given length (includes terminating - zero. Strips out all but 'a-Z0-9' and replaces with '_'. Deliberately - does *NOT* check for multibyte characters. Don't change it ! + zero. Strips out all but 'a-Z0-9' and the character in other_safe_chars + and replaces with '_'. Deliberately does *NOT* check for multibyte + characters. Don't change it ! ********************************************************************/ -char *alpha_strcpy(char *dest, const char *src, size_t maxlength) +char *alpha_strcpy(char *dest, const char *src, const char *other_safe_chars, size_t maxlength) { size_t len, i; @@ -955,9 +956,12 @@ char *alpha_strcpy(char *dest, const char *src, size_t maxlength) if (len >= maxlength) len = maxlength - 1; + if (!other_safe_chars) + other_safe_chars = ""; + for(i = 0; i < len; i++) { int val = (src[i] & 0xff); - if(isupper(val) ||islower(val) || isdigit(val)) + if(isupper(val) || islower(val) || isdigit(val) || strchr(other_safe_chars, val)) dest[i] = src[i]; else dest[i] = '_'; diff --git a/source/lib/util_unistr.c b/source/lib/util_unistr.c index 70586651456..96aa62a283c 100644 --- a/source/lib/util_unistr.c +++ b/source/lib/util_unistr.c @@ -1453,9 +1453,10 @@ BOOL str_is_all_w(const smb_ucs2_t *s,smb_ucs2_t c) maxlength is in ucs2 units. ********************************************************************/ -smb_ucs2_t *alpha_strcpy_w(smb_ucs2_t *dest, const smb_ucs2_t *src, size_t maxlength) +smb_ucs2_t *alpha_strcpy_w(smb_ucs2_t *dest, const smb_ucs2_t *src, const smb_ucs2_t *other_safe_chars, size_t maxlength) { size_t len, i; + smb_ucs2_t nullstr_w = (smb_ucs2_t)0; if (!dest) { DEBUG(0,("ERROR: NULL dest in alpha_strcpy_w\n")); @@ -1471,9 +1472,12 @@ smb_ucs2_t *alpha_strcpy_w(smb_ucs2_t *dest, const smb_ucs2_t *src, size_t maxle if (len >= maxlength) len = maxlength - 1; + if (!other_safe_chars) + other_safe_chars = &nullstr_w; + for(i = 0; i < len; i++) { smb_ucs2_t val = src[i]; - if(isupper_w(val) ||islower_w(val) || isdigit_w(val)) + if(isupper_w(val) ||islower_w(val) || isdigit_w(val) || strchr_w(other_safe_chars, val)) dest[i] = src[i]; else dest[i] = (smb_ucs2_t)'_'; diff --git a/source/smbd/message.c b/source/smbd/message.c index a023650c74a..bae9f6c906a 100644 --- a/source/smbd/message.c +++ b/source/smbd/message.c @@ -86,8 +86,8 @@ static void msg_deliver(void) pstring s; pstrcpy(s,lp_msg_command()); - pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,sizeof(alpha_msgfrom))); - pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,sizeof(alpha_msgto))); + pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom))); + pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto))); standard_sub_basic(s); pstring_sub(s,"%s",name); smbrun(s,NULL); diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 0c40e5f2b3a..da4659dfa15 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -96,7 +96,7 @@ int reply_special(char *inbuf,char *outbuf) remote_machine[15] = 0; trim_string(remote_machine," "," "); strlower(remote_machine); - alpha_strcpy(remote_machine,remote_machine,sizeof(remote_machine)-1); + alpha_strcpy(remote_machine,remote_machine,SAFE_NETBIOS_CHARS,sizeof(remote_machine)-1); fstrcpy(local_machine,name1); len = strlen(local_machine); @@ -106,7 +106,7 @@ int reply_special(char *inbuf,char *outbuf) } trim_string(local_machine," "," "); strlower(local_machine); - alpha_strcpy(local_machine,local_machine,sizeof(local_machine)-1); + alpha_strcpy(local_machine,local_machine,SAFE_NETBIOS_CHARS,sizeof(local_machine)-1); if (name_type == 'R') { /* We are being asked for a pathworks session ---