IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
Required following ABI vnum bump for smbc_get/setPort changes.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
- Since the revamp of libsmbclient, there has still been an external
declaration for smbc_urlencode and smbc_urldecode in libsmbclient.h, yet
those functions were renamed and made private. The two choices were to
remove the function names from libsmbclient.h or to make them public
again. The reported requested that they be public. This commit makes it so.
Derrell
- James suggested using gcc's "deprecated" attribute to mark the context
structure fields to generate warnings. This creates a scenario with the
best of all worlds. I'm able to move to an organization that more easily
allows future enhancements, while avoiding any mandatory changes by
applications. Thanks, James!
- Updated WHATSNEW.txt so that it accurately reflects the current state of
affairs.
Derrell
(This used to be commit a67f96fbe9)
- Ensured that all public functions have documentation in libsmbclient.h
- Reformatted for "proper" indentation
- Re-added temporarily-disabled alternate authentication function capability
Derrell
(This used to be commit 64b7150d92)
Given the tacit (if that) approval by some people, and clear disapproval by
others for my proposed clean-up and reorganization of libsmbclient, I've come
up with a slightly different approach. This commit changes back to the
original libsmbclient.h SMBCCTX structure which will maintain ABI
compatibility. I retain, here, the setter and getter functions which all new
code should use. Older programs already compiled should continue to work
fine. Older programs being recompiled will encounter compile-time errors
(intentionally!) so that the code can be corrected to use the setter/getter
interfaces.
Although this doesn't clean up the interface in the way I had wanted, the code
reorganization and requirement for new programs to use the setters and getters
allows future progress to be made on libsmbclient without further muddying up
the interface, while retaining the ABI compatibility that was the big issue
causing disapproval. I hope that this compromise is adequate.
Derrell
(This used to be commit 56429a3d60)
The libsmbclient interface has suffered from difficulty of improvement and
feature enrichment without causing ABI breakage. Although there were a number
of issues, the primary ones were:
(a) the user of the library would manually manipulate the context structure
members, meaning that nothing in the context structure could change other
than adding stuff at the end;
(b) there were three methods of setting options: setting bits in a flags field
within the context structure, setting explicit options variables within an
options structure in the context structure, and by calling the
smbc_option_set() function;
(c) the authentication callback did not traditionally provide enough
information to the callee which required adding an option for a callback
with a different signature, and now there are requests for even more
information at the callback, requiring yet a third signature and option to
set it (if we implement that feature).
This commit provides a reorganization of the code which fixes (a) and (b).
The context structure is now entirely opaque, and there are setter and getter
functions for manipulating it. This makes maintaining ABI consistency much,
much easier.
Additionally, the options setting/getting has been unified into a single
mechanism using smbc_option_set() and smbc_option_get().
Yet to be completed is a refactoring of the authentication callback (c).
The test programs in examples/libsmbclient have been modified (if necessary;
some applications require no changes at all) for the new API and a few have
been minimally tested.
Derrell
(This used to be commit d4b4bae8de)
