The branch, v3-6-test has been updated
via f3f960b s3-smbd: Don't segfault if user specified ports out for
range.
from d0b872e Fix bug #9213 - Bad ASN.1 NegTokenInit packet can cause
invalid free.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit f3f960bed8e155f7a3f93fc7f2cc4d483785e975
Author: Andreas Schneider <a...@samba.org>
Date: Tue Sep 25 14:28:22 2012 +0200
s3-smbd: Don't segfault if user specified ports out for range.
(cherry picked from commit 50d324b7e070de4672eff3fb6231923e6dca807a)
Signed-off-by: Andreas Schneider <a...@samba.org>
Fix bug #9218 - Samba panics if a user specifies an invalid port number.
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/server.c | 23 ++++++++++++-----------
1 files changed, 12 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 2400ce4..c699d3b 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -650,6 +650,8 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
int num_interfaces = iface_count();
int i;
char *ports;
+ char *tok;
+ const char *ptr;
unsigned dns_port = 0;
#ifdef HAVE_ATEXIT
@@ -671,6 +673,16 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
ports = talloc_strdup(talloc_tos(), smb_ports);
}
+ for (ptr = ports;
+ next_token_talloc(talloc_tos(),&ptr, &tok, " \t,");) {
+ unsigned port = atoi(tok);
+
+ if (port == 0 || port > 0xffff) {
+ exit_server_cleanly("Invalid port in the config or on "
+ "the commandline specified!");
+ }
+ }
+
if (lp_interfaces() && lp_bind_interfaces_only()) {
/* We have been given an interfaces line, and been
told to only bind to those interfaces. Create a
@@ -682,8 +694,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
for(i = 0; i < num_interfaces; i++) {
const struct sockaddr_storage *ifss =
iface_n_sockaddr_storage(i);
- char *tok;
- const char *ptr;
if (ifss == NULL) {
DEBUG(0,("open_sockets_smbd: "
@@ -695,9 +705,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
for (ptr=ports;
next_token_talloc(talloc_tos(),&ptr, &tok, "
\t,");) {
unsigned port = atoi(tok);
- if (port == 0 || port > 0xffff) {
- continue;
- }
/* Keep the first port for mDNS service
* registration.
@@ -715,8 +722,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
/* Just bind to 0.0.0.0 - accept connections
from anywhere. */
- char *tok;
- const char *ptr;
const char *sock_addr = lp_socket_address();
char *sock_tok;
const char *sock_ptr;
@@ -734,11 +739,7 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, "
\t,"); ) {
for (ptr=ports; next_token_talloc(talloc_tos(), &ptr,
&tok, " \t,"); ) {
struct sockaddr_storage ss;
-
unsigned port = atoi(tok);
- if (port == 0 || port > 0xffff) {
- continue;
- }
/* Keep the first port for mDNS service
* registration.
--
Samba Shared Repository
