The branch, v3-5-test has been updated
via 92bd768 Revert "Fix bug #7781 (Samba transforms "ShareName" to
lowercase when adding new share via MMC)"
via 79564b8 Revert "Revert "s3-smbd: Don't segfault if user specified
ports out for range.""
from fce3a18 Revert "s3-smbd: Don't segfault if user specified ports out
for range."
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 92bd768ed56585c2a45d0ca41eec9e6a1e3701ae
Author: Karolin Seeger <ksee...@samba.org>
Date: Wed Oct 31 11:40:26 2012 +0100
Revert "Fix bug #7781 (Samba transforms "ShareName" to lowercase when
adding new share via MMC)"
This reverts commit 157b88da4db727eafa682c7fc7eab11d5955f57b.
This one seems to break make test on my system.
Karolin
commit 79564b889dba69fa39d9839e5d45457657ab0950
Author: Karolin Seeger <ksee...@samba.org>
Date: Wed Oct 31 11:39:34 2012 +0100
Revert "Revert "s3-smbd: Don't segfault if user specified ports out for
range.""
This reverts commit fce3a18d3d5ed46f8e0d1653f862e46b5dff0e03.
This patch does not seem to cause the issue. Sorry for the noise.
Karolin
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 2 +-
source3/lib/dummysmbd.c | 2 +-
source3/lib/util_str.c | 4 --
source3/modules/vfs_xattr_tdb.c | 3 +-
source3/param/loadparm.c | 9 +++-
source3/printing/nt_printing.c | 12 ++++-
source3/registry/reg_backend_printing.c | 7 +--
source3/rpc_server/srv_srvsvc_nt.c | 75 ++++++++++++++-----------------
source3/smbd/lanman.c | 14 ++----
source3/smbd/msdfs.c | 3 +-
source3/smbd/server.c | 23 +++++-----
source3/smbd/service.c | 16 ++-----
source3/smbd/smb2_tcon.c | 2 +-
13 files changed, 82 insertions(+), 90 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index cee5d6a..785cc30 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -7002,7 +7002,7 @@ bool set_conn_connectpath(connection_struct *conn, const
char *connectpath);
bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir);
void load_registry_shares(void);
int add_home_service(const char *service, const char *username, const char
*homedir);
-int find_service(const char *service_in, fstring service);
+int find_service(fstring service);
connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
int snum, user_struct *vuser,
DATA_BLOB password,
diff --git a/source3/lib/dummysmbd.c b/source3/lib/dummysmbd.c
index 28c6f0e..a41e6dc 100644
--- a/source3/lib/dummysmbd.c
+++ b/source3/lib/dummysmbd.c
@@ -28,7 +28,7 @@ int get_client_fd(void)
return -1;
}
-int find_service(const char *service_in, fstring service)
+int find_service(fstring service)
{
return -1;
}
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index 17a4a8f..d869637 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -2301,10 +2301,6 @@ bool validate_net_name( const char *name,
{
int i;
- if (!name) {
- return false;
- }
-
for ( i=0; i<max_len && name[i]; i++ ) {
/* fail if strchr_m() finds one of the invalid characters */
if ( name[i] && strchr_m( invalid_chars, name[i] ) ) {
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index fa8db04..f7fbfce 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -733,7 +733,8 @@ static int xattr_tdb_connect(vfs_handle_struct *handle,
const char *service,
return res;
}
- snum = find_service(service, sname);
+ fstrcpy(sname, service);
+ snum = find_service(sname);
if (snum == -1) {
/*
* Should not happen, but we should not fail just *here*.
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index eaff9e6..8c1cf09 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -9471,10 +9471,15 @@ struct share_params *get_share_params(TALLOC_CTX
*mem_ctx,
const char *sharename)
{
struct share_params *result;
- fstring sname;
+ char *sname;
int snum;
- snum = find_service(sharename, sname);
+ if (!(sname = SMB_STRDUP(sharename))) {
+ return NULL;
+ }
+
+ snum = find_service(sname);
+ SAFE_FREE(sname);
if (snum < 0) {
return NULL;
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 85ce703..beaa9e5 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1472,7 +1472,9 @@ static uint32 get_correct_cversion(struct pipes_struct *p,
return 3;
}
- printdollar_snum = find_service("print$", printdollar);
+ fstrcpy(printdollar, "print$");
+
+ printdollar_snum = find_service(printdollar);
if (printdollar_snum == -1) {
*perr = WERR_NO_SUCH_SHARE;
return -1;
@@ -1862,7 +1864,9 @@ WERROR move_driver_to_download_area(struct pipes_struct
*p,
return WERR_UNKNOWN_PRINTER_DRIVER;
}
- printdollar_snum = find_service("print$", printdollar);
+ fstrcpy(printdollar, "print$");
+
+ printdollar_snum = find_service(printdollar);
if (printdollar_snum == -1) {
*perr = WERR_NO_SUCH_SHARE;
return WERR_NO_SUCH_SHARE;
@@ -5130,7 +5134,9 @@ static bool delete_driver_files(struct pipes_struct
*rpc_pipe,
DEBUG(6,("delete_driver_files: deleting driver [%s] - version [%d]\n",
r->driver_name, r->version));
- printdollar_snum = find_service("print$", printdollar);
+ fstrcpy(printdollar, "print$");
+
+ printdollar_snum = find_service(printdollar);
if (printdollar_snum == -1) {
return false;
}
diff --git a/source3/registry/reg_backend_printing.c
b/source3/registry/reg_backend_printing.c
index cba4f79..90ccc33 100644
--- a/source3/registry/reg_backend_printing.c
+++ b/source3/registry/reg_backend_printing.c
@@ -278,7 +278,7 @@ done:
static bool add_printers_by_registry( struct regsubkey_ctr *subkeys )
{
int i, num_keys, snum;
- char *printername_in;
+ char *printername;
NT_PRINTER_INFO_LEVEL_2 info2;
NT_PRINTER_INFO_LEVEL printer;
@@ -289,9 +289,8 @@ static bool add_printers_by_registry( struct regsubkey_ctr
*subkeys )
become_root();
for ( i=0; i<num_keys; i++ ) {
- fstring printername;
- printername_in = regsubkey_ctr_specific_key( subkeys, i );
- snum = find_service(printername_in, printername);
+ printername = regsubkey_ctr_specific_key( subkeys, i );
+ snum = find_service( printername );
/* just verify a valied snum for now */
if ( snum == -1 ) {
diff --git a/source3/rpc_server/srv_srvsvc_nt.c
b/source3/rpc_server/srv_srvsvc_nt.c
index b51c7e2..a2d1d07 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1397,11 +1397,9 @@ WERROR _srvsvc_NetShareGetInfo(pipes_struct *p,
DEBUG(5,("_srvsvc_NetShareGetInfo: %d\n", __LINE__));
- if (!r->in.share_name) {
- return WERR_INVALID_NAME;
- }
+ fstrcpy(share_name, r->in.share_name);
- snum = find_service(r->in.share_name, share_name);
+ snum = find_service(share_name);
if (snum < 0) {
return WERR_INVALID_NAME;
}
@@ -1509,7 +1507,7 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
struct srvsvc_NetShareSetInfo *r)
{
char *command = NULL;
- fstring share_name;
+ char *share_name = NULL;
char *comment = NULL;
const char *pathname = NULL;
int type;
@@ -1525,25 +1523,26 @@ WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
DEBUG(5,("_srvsvc_NetShareSetInfo: %d\n", __LINE__));
- if (!r->in.share_name) {
- return WERR_INVALID_NAME;
+ share_name = talloc_strdup(p->mem_ctx, r->in.share_name);
+ if (!share_name) {
+ return WERR_NOMEM;
}
if (r->out.parm_error) {
*r->out.parm_error = 0;
}
- if ( strequal(r->in.share_name,"IPC$")
- || ( lp_enable_asu_support() &&
strequal(r->in.share_name,"ADMIN$") )
- || strequal(r->in.share_name,"global") )
+ if ( strequal(share_name,"IPC$")
+ || ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
+ || strequal(share_name,"global") )
{
DEBUG(5,("_srvsvc_NetShareSetInfo: share %s cannot be "
"modified by a remote user.\n",
- r->in.share_name ));
+ share_name ));
return WERR_ACCESS_DENIED;
}
- snum = find_service(r->in.share_name, share_name);
+ snum = find_service(share_name);
/* Does this share exist ? */
if (snum < 0)
@@ -1738,8 +1737,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
struct srvsvc_NetShareAdd *r)
{
char *command = NULL;
- char *share_name_in = NULL;
- fstring share_name;
+ char *share_name = NULL;
char *comment = NULL;
char *pathname = NULL;
int type;
@@ -1776,7 +1774,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
/* Not enough info in a level 1 to do anything. */
return WERR_ACCESS_DENIED;
case 2:
- share_name_in = talloc_strdup(ctx, r->in.info->info2->name);
+ share_name = talloc_strdup(ctx, r->in.info->info2->name);
comment = talloc_strdup(ctx, r->in.info->info2->comment);
pathname = talloc_strdup(ctx, r->in.info->info2->path);
max_connections = (r->in.info->info2->max_users ==
(uint32_t)-1) ?
@@ -1787,7 +1785,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
/* No path. Not enough info in a level 501 to do anything. */
return WERR_ACCESS_DENIED;
case 502:
- share_name_in = talloc_strdup(ctx, r->in.info->info502->name);
+ share_name = talloc_strdup(ctx, r->in.info->info502->name);
comment = talloc_strdup(ctx, r->in.info->info502->comment);
pathname = talloc_strdup(ctx, r->in.info->info502->path);
max_connections = (r->in.info->info502->max_users ==
(uint32_t)-1) ?
@@ -1815,21 +1813,21 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
/* check for invalid share names */
- if (!share_name_in || !validate_net_name(share_name_in,
+ if (!share_name || !validate_net_name(share_name,
INVALID_SHARENAME_CHARS,
- strlen(share_name_in))) {
+ strlen(share_name))) {
DEBUG(5,("_srvsvc_NetShareAdd: Bad sharename \"%s\"\n",
- share_name_in ? share_name_in : ""));
+ share_name ? share_name : ""));
return WERR_INVALID_NAME;
}
- if (strequal(share_name_in,"IPC$") || strequal(share_name_in,"global")
+ if (strequal(share_name,"IPC$") || strequal(share_name,"global")
|| (lp_enable_asu_support() &&
- strequal(share_name_in,"ADMIN$"))) {
+ strequal(share_name,"ADMIN$"))) {
return WERR_ACCESS_DENIED;
}
- snum = find_service(share_name_in, share_name);
+ snum = find_service(share_name);
/* Share already exists. */
if (snum >= 0) {
@@ -1847,7 +1845,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
}
/* Ensure share name, pathname and comment don't contain '"'
characters. */
- string_replace(share_name_in, '"', ' ');
+ string_replace(share_name, '"', ' ');
string_replace(path, '"', ' ');
if (comment) {
string_replace(comment, '"', ' ');
@@ -1857,7 +1855,7 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
"%s \"%s\" \"%s\" \"%s\" \"%s\" %d",
lp_add_share_cmd(),
get_dyn_CONFIGFILE(),
- share_name_in,
+ share_name,
path,
comment ? comment : "",
max_connections);
@@ -1894,8 +1892,6 @@ WERROR _srvsvc_NetShareAdd(pipes_struct *p,
return WERR_ACCESS_DENIED;
if (psd) {
- /* Note we use share_name here, not share_name_in as
- we need a canonicalized name for setting security. */
if (!set_share_security(share_name, psd)) {
DEBUG(0,("_srvsvc_NetShareAdd: Failed to add security
info to share %s.\n",
share_name ));
@@ -1923,7 +1919,7 @@ WERROR _srvsvc_NetShareDel(pipes_struct *p,
struct srvsvc_NetShareDel *r)
{
char *command = NULL;
- fstring share_name;
+ char *share_name = NULL;
int ret;
int snum;
SE_PRIV se_diskop = SE_DISK_OPERATOR;
@@ -1933,21 +1929,22 @@ WERROR _srvsvc_NetShareDel(pipes_struct *p,
DEBUG(5,("_srvsvc_NetShareDel: %d\n", __LINE__));
- if (!r->in.share_name) {
+ share_name = talloc_strdup(p->mem_ctx, r->in.share_name);
+ if (!share_name) {
return WERR_NET_NAME_NOT_FOUND;
}
- if ( strequal(r->in.share_name,"IPC$")
- || ( lp_enable_asu_support() &&
strequal(r->in.share_name,"ADMIN$") )
- || strequal(r->in.share_name,"global") )
+ if ( strequal(share_name,"IPC$")
+ || ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
+ || strequal(share_name,"global") )
{
return WERR_ACCESS_DENIED;
}
- if (!(params = get_share_params(p->mem_ctx, r->in.share_name))) {
+ if (!(params = get_share_params(p->mem_ctx, share_name))) {
return WERR_NO_SUCH_SHARE;
}
- snum = find_service(r->in.share_name, share_name);
+ snum = find_service(share_name);
/* No change to printer shares. */
if (lp_print_ok(snum))
@@ -2090,11 +2087,9 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
ZERO_STRUCT(st);
- if (!r->in.share) {
- return WERR_INVALID_NAME;
- }
+ fstrcpy(servicename, r->in.share);
- snum = find_service(r->in.share, servicename);
+ snum = find_service(servicename);
if (snum == -1) {
DEBUG(10, ("Could not find service %s\n", servicename));
werr = WERR_NET_NAME_NOT_FOUND;
@@ -2222,11 +2217,9 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
ZERO_STRUCT(st);
- if (!r->in.share) {
- return WERR_INVALID_NAME;
- }
+ fstrcpy(servicename, r->in.share);
- snum = find_service(r->in.share, servicename);
+ snum = find_service(servicename);
if (snum == -1) {
DEBUG(10, ("Could not find service %s\n", servicename));
werr = WERR_NET_NAME_NOT_FOUND;
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 9b173d4..7b01968 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -849,7 +849,6 @@ static bool api_DosPrintQGetInfo(connection_struct *conn,
uint16 vuid,
char *str2 = skip_string(param,tpscnt,str1);
char *p = skip_string(param,tpscnt,str2);
char *QueueName = p;
- fstring share_name;
unsigned int uLevel;
int count=0;
int snum;
@@ -900,7 +899,7 @@ static bool api_DosPrintQGetInfo(connection_struct *conn,
uint16 vuid,
return(True);
}
- snum = find_service(QueueName, share_name);
+ snum = find_service(QueueName);
if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) )
return False;
@@ -1930,13 +1929,12 @@ static bool api_RNetShareGetInfo(connection_struct
*conn,uint16 vuid,
char *p = skip_string(param,tpscnt,netname);
int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
int snum;
- fstring share_name;
if (!str1 || !str2 || !netname || !p) {
return False;
}
- snum = find_service(netname, share_name);
+ snum = find_service(netname);
if (snum < 0) {
return False;
}
@@ -2128,7 +2126,7 @@ static bool api_RNetShareAdd(connection_struct
*conn,uint16 vuid,
return False;
}
pull_ascii_fstring(sharename,data);
- snum = find_service(sharename, sharename);
+ snum = find_service(sharename);
if (snum >= 0) { /* already exists */
res = ERRfilexists;
goto error_exit;
@@ -4184,7 +4182,6 @@ static bool api_WPrintJobEnumerate(connection_struct
*conn, uint16 vuid,
struct pack_desc desc;
print_queue_struct *queue=NULL;
print_status_struct status;
- fstring share_name;
if (!str1 || !str2 || !p) {
return False;
@@ -4214,7 +4211,7 @@ static bool api_WPrintJobEnumerate(connection_struct
*conn, uint16 vuid,
return False;
}
- snum = find_service(name, share_name);
+ snum = find_service(name);
if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
return False;
}
@@ -4335,7 +4332,6 @@ static bool api_WPrintDestGetInfo(connection_struct
*conn, uint16 vuid,
char *str2 = skip_string(param,tpscnt,str1);
char *p = skip_string(param,tpscnt,str2);
char* PrinterName = p;
- fstring share_name;
int uLevel;
struct pack_desc desc;
int snum;
@@ -4363,7 +4359,7 @@ static bool api_WPrintDestGetInfo(connection_struct
*conn, uint16 vuid,
return False;
}
- snum = find_service(PrinterName, share_name);
+ snum = find_service(PrinterName);
if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
*rdata_len = 0;
desc.errcode = NERR_DestNotFound;
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 718d0de..0480b58 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -822,7 +822,8 @@ NTSTATUS get_referred_path(TALLOC_CTX *ctx,
snum = lp_servicenumber(jucn->service_name);
if(snum < 0) {
fstring service_name;
- if ((snum = find_service(jucn->service_name, service_name)) <
0) {
+ fstrcpy(service_name, jucn->service_name);
+ if ((snum = find_service(service_name)) < 0) {
return NT_STATUS_NOT_FOUND;
}
TALLOC_FREE(jucn->service_name);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 63a9869..f34d9f6 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -560,6 +560,8 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
int num_interfaces = iface_count();
int i;
char *ports;
+ char *tok;
+ const char *ptr;
unsigned dns_port = 0;
#ifdef HAVE_ATEXIT
@@ -581,6 +583,16 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
ports = talloc_strdup(talloc_tos(), smb_ports);
}
+ for (ptr = ports;
+ next_token_talloc(talloc_tos(),&ptr, &tok, " \t,");) {
+ unsigned port = atoi(tok);
+
+ if (port == 0 || port > 0xffff) {
+ exit_server_cleanly("Invalid port in the config or on "
+ "the commandline specified!");
+ }
+ }
+
if (lp_interfaces() && lp_bind_interfaces_only()) {
/* We have been given an interfaces line, and been
told to only bind to those interfaces. Create a
@@ -592,8 +604,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
for(i = 0; i < num_interfaces; i++) {
const struct sockaddr_storage *ifss =
iface_n_sockaddr_storage(i);
- char *tok;
- const char *ptr;
if (ifss == NULL) {
DEBUG(0,("open_sockets_smbd: "
@@ -605,9 +615,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
for (ptr=ports;
next_token_talloc(talloc_tos(),&ptr, &tok, "
\t,");) {
unsigned port = atoi(tok);
- if (port == 0 || port > 0xffff) {
- continue;
- }
/* Keep the first port for mDNS service
* registration.
@@ -625,8 +632,6 @@ static bool open_sockets_smbd(struct smbd_parent_context
*parent,
/* Just bind to 0.0.0.0 - accept connections
from anywhere. */
- char *tok;
- const char *ptr;
const char *sock_addr = lp_socket_address();
char *sock_tok;
const char *sock_ptr;
--
Samba Shared Repository
