sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-02 00:22:11 +03:00
Code Activity

changed to use slprintf() instead of sprintf() just about

Browse Source 
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.

This should prevent any sprintf based security holes.
This commit is contained in:
Andrew Tridgell
-
parent 6b0c1733d2
commit ee09e9dadb
33 changed files with 207 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
source/libsmb/clientgen.c
View File

@ -343,8 +343,8 @@ BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, int pipe_name_len,
data, data_count, max_data_count);
return (cli_receive_trans(cli, SMBtrans,
rparam, rparam_count,
rdata, rdata_count));
rparam, (int *)rparam_count,
rdata, (int *)rdata_count));
}
/****************************************************************************
@ -714,7 +714,8 @@ BOOL cli_send_tconX(struct cli_state *cli,
memcpy(pword, pass, passlen);
}
sprintf(fullshare, "\\\\%s\\%s", cli->desthost, share);
slprintf(fullshare, sizeof(fullshare)-1,
"\\\\%s\\%s", cli->desthost, share);
set_message(cli->outbuf,4,
2 + strlen(fullshare) + passlen + strlen(dev),True);