The branch, master has been updated via 99ef0ba048c libsmb: Make cli_smb2_rmdir asynchronous via 02f40802846 libsmb: add in/out cblobs to cli_smb2_create_fnum via 56e08d39965 libsmb: Avoid a separate "cblobs" var sending smb2 create via a787c319f1e libsmb: Reformat the cli_smb2_create_fnum_send args via f3392f0fa32 lib: modify string conversion wrapper to handle signed input via fa2c919e1d0 ctdb-utils: Use wrapper for string to integer conversion via 2b2ff12e706 source4: Use wrapper for string to integer conversion via 58e2c153442 libcli: Use wrapper for string to integer conversion via e7b7c634e8b common-lib: Use wrapper for string to integer conversion via ebeae5dcbad wbinfo: Use wrapper for string to integer conversion via ea7231dcc0b libwbclient: Use wrapper for string to integer conversion via 81cc7a35189 ctdb-tools: Use wrapper for string to integer conversion via 55acae774a9 ctdb-server: Use wrapper for string to integer conversion via e96bccc879a ctdb-protocol: Use wrapper for string to integer conversion via 414bc3748b6 rpcclient: Use wrapper for string to integer conversion via c067429c32b modules: Use wrapper for string to integer conversion via fdd52979263 winbindd: Use wrapper for string to integer conversion via c957f6cc069 passdb: Use wrapper for string to integer conversion via e82228f2e09 utils: Use wrapper for string to integer conversion via fef2a7ca0a8 groupdb: Use wrapper for string to integer conversion via c9f4b92a613 lib: Use wrapper for string to integer conversion via cef18c2dfd6 util: Add two wrapper for string to int conversion from 5cf0764bc4b libcli/security: add "Owner Rights" calculation to access_check_max_allowed()
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 99ef0ba048ce3b1a1052418708f98ddd47e76162 Author: Volker Lendecke <v...@samba.org> Date: Thu Feb 28 13:47:22 2019 +0100 libsmb: Make cli_smb2_rmdir asynchronous Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Mar 1 01:30:35 UTC 2019 on sn-devel-144 commit 02f4080284610bdfd9771964099af18e7f9a67b8 Author: Volker Lendecke <v...@samba.org> Date: Wed Feb 20 17:23:46 2019 +0100 libsmb: add in/out cblobs to cli_smb2_create_fnum This is driven by the imminent smb2 unix extensions, we'll want to make use of it from source3/libsmb. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 56e08d399651b1f7d79f60c0b162d4d19d47ae7a Author: Volker Lendecke <v...@samba.org> Date: Wed Feb 20 17:06:32 2019 +0100 libsmb: Avoid a separate "cblobs" var sending smb2 create Less lines of code, and we will add custom cblobs soon. This change makes that logic easier. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a787c319f1eab417233b65c68cbc31d7ccce6378 Author: Volker Lendecke <v...@samba.org> Date: Fri Feb 15 18:24:31 2019 +0100 libsmb: Reformat the cli_smb2_create_fnum_send args We'll add parameters in the next commit, make that commit a bit more obvious Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit f3392f0fa321d88ac71d9dc0410167523d9696a5 Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Feb 5 08:39:14 2019 +0100 lib: modify string conversion wrapper to handle signed input The standard string conversion routines convert a "signed string" into the positive representation of the resulting value. This is not wanted and therefore now detected and flag'ed as an error. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fa2c919e1d05a2033ce1cb41a86f8bdd789d68b8 Author: Swen Schillig <s...@linux.ibm.com> Date: Wed Jan 30 10:28:52 2019 +0100 ctdb-utils: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2b2ff12e706d999ff2d84affa79c64b33cc289a7 Author: Swen Schillig <s...@linux.ibm.com> Date: Wed Jan 30 09:31:34 2019 +0100 source4: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 58e2c1534429c05adb0cf5957d281dca0286fc13 Author: Swen Schillig <s...@linux.ibm.com> Date: Wed Jan 30 08:39:15 2019 +0100 libcli: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e7b7c634e8bb5e9df5c523377458d880a6368ddc Author: Swen Schillig <s...@linux.ibm.com> Date: Wed Jan 30 08:33:02 2019 +0100 common-lib: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ebeae5dcbad898e8ee0d64c4ed44751b753f27de Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Jan 29 14:36:44 2019 +0100 wbinfo: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ea7231dcc0b50c535f913f0542d600d0b2119a21 Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Jan 29 14:21:25 2019 +0100 libwbclient: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 81cc7a35189fffc0538997e739f4556142ae5458 Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Jan 29 13:27:28 2019 +0100 ctdb-tools: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 55acae774a9994715043dfe6e7668c19f514c545 Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Jan 29 13:07:56 2019 +0100 ctdb-server: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e96bccc879a675856b3a875db2d718445410caea Author: Swen Schillig <s...@linux.ibm.com> Date: Tue Jan 29 13:03:20 2019 +0100 ctdb-protocol: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 414bc3748b6fbd54cbd50a0ff1f20cbe31b06ccc Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 14:35:30 2019 +0100 rpcclient: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c067429c32b7e8853274f8711bb5c5bd33b5e628 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 14:30:15 2019 +0100 modules: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fdd529792639a60683df927a8e02d47d2749fd10 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 14:07:39 2019 +0100 winbindd: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c957f6cc069aef32d88bd6a46584a262c65579db Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 13:57:15 2019 +0100 passdb: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e82228f2e09d66807d0bce150bb1db9731bbd4d4 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 13:36:45 2019 +0100 utils: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fef2a7ca0a87dc3de25480b8070f8090d5f1cb09 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 13:12:09 2019 +0100 groupdb: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c9f4b92a6131dedcaa38d6fe907d17a30a595f06 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 12:54:07 2019 +0100 lib: Use wrapper for string to integer conversion In order to detect an value overflow error during the string to integer conversion with strtoul/strtoull, the errno variable must be set to zero before the execution and checked after the conversion is performed. This is achieved by using the wrapper function strtoul_err and strtoull_err. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit cef18c2dfd60be372eee10cbcefd5849ae979d31 Author: Swen Schillig <s...@linux.ibm.com> Date: Mon Jan 28 09:42:13 2019 +0100 util: Add two wrapper for string to int conversion Adding wrapper strtoull_err and strtoul_err to handle error conditions of the conversion process. Signed-off-by: Swen Schillig <s...@linux.ibm.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: ctdb/protocol/protocol_util.c | 11 +- ctdb/server/ctdb_recovery_helper.c | 9 +- ctdb/tools/ctdb.c | 66 +++- ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c | 8 +- examples/fuse/clifuse.c | 33 +- lib/ldb-samba/ldb_matching_rules.c | 23 +- lib/ldb-samba/ldif_handlers.c | 7 +- lib/param/loadparm.c | 24 +- lib/util/access.c | 7 +- lib/util/asn1.c | 17 +- lib/util/util.c | 94 +++++ lib/util/util.h | 7 + lib/util/util_str.c | 10 +- libcli/security/dom_sid.c | 14 +- nsswitch/libwbclient/wbc_idmap.c | 10 +- nsswitch/libwbclient/wbc_sid.c | 36 +- nsswitch/libwbclient/wscript | 2 +- nsswitch/wbinfo.c | 14 +- source3/groupdb/mapping.c | 11 +- source3/groupdb/mapping_tdb.c | 12 +- source3/lib/interface.c | 18 +- source3/lib/messages_dgm.c | 15 +- source3/lib/namemap_cache.c | 17 +- source3/lib/sysquotas.c | 7 +- source3/lib/tldap_util.c | 11 +- source3/lib/util_str.c | 5 +- source3/libsmb/cli_smb2_fnum.c | 388 ++++++++++++++++----- source3/libsmb/cli_smb2_fnum.h | 63 ++-- source3/libsmb/clifile.c | 23 +- source3/modules/vfs_preopen.c | 6 +- source3/modules/vfs_snapper.c | 5 +- source3/modules/vfs_unityed_media.c | 6 +- source3/passdb/account_pol.c | 8 +- source3/passdb/pdb_ldap.c | 73 +++- source3/passdb/pdb_tdb.c | 6 +- source3/rpcclient/cmd_samr.c | 7 +- source3/rpcclient/cmd_spoolss.c | 8 +- source3/utils/net_idmap.c | 9 +- source3/utils/net_registry.c | 16 +- source3/utils/net_rpc_registry.c | 9 +- source3/utils/net_sam.c | 5 +- source3/utils/pdbedit.c | 11 +- source3/utils/regedit_dialog.c | 5 +- source3/winbindd/idmap_ldap.c | 37 +- source3/winbindd/winbindd_lookuprids.c | 6 +- source3/winbindd/winbindd_util.c | 24 +- source3/wscript_build | 2 + source4/dns_server/dlz_bind9.c | 6 +- source4/dsdb/common/dsdb_dn.c | 5 +- source4/dsdb/common/util.c | 17 +- source4/dsdb/samdb/ldb_modules/dirsync.c | 15 +- .../dsdb/samdb/ldb_modules/partition_metadata.c | 7 +- source4/dsdb/samdb/ldb_modules/samldb.c | 5 +- source4/dsdb/samdb/ldb_modules/schema_load.c | 8 +- source4/dsdb/schema/schema_prefixmap.c | 6 +- source4/lib/registry/ldb.c | 20 +- source4/lib/socket/interface.c | 6 +- source4/libcli/resolve/dns_ex.c | 5 +- source4/nbt_server/wins/winsdb.c | 12 +- source4/rpc_server/lsa/dcesrv_lsa.c | 9 +- source4/torture/nbench/nbench.c | 8 +- source4/torture/smb2/sharemode.c | 7 +- source4/web_server/web_server.c | 7 +- 63 files changed, 1041 insertions(+), 307 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/protocol/protocol_util.c b/ctdb/protocol/protocol_util.c index 75427e44f50..99dbe82404d 100644 --- a/ctdb/protocol/protocol_util.c +++ b/ctdb/protocol/protocol_util.c @@ -26,6 +26,7 @@ #include "protocol.h" #include "protocol_util.h" +#include "lib/util/util.h" static struct { enum ctdb_runstate runstate; @@ -286,8 +287,8 @@ int ctdb_sock_addr_from_string(const char *str, return EINVAL; } - port = strtoul(p+1, &endp, 10); - if (endp == p+1 || *endp != '\0') { + port = strtoul_err(p+1, &endp, 10, &ret); + if (endp == p+1 || *endp != '\0' || ret != 0) { /* Empty string or trailing garbage */ return EINVAL; } @@ -309,7 +310,7 @@ int ctdb_sock_addr_mask_from_string(const char *str, unsigned int m; char *endp = NULL; ssize_t len; - bool ret; + int ret = 0; if (addr == NULL || mask == NULL) { return EINVAL; @@ -325,8 +326,8 @@ int ctdb_sock_addr_mask_from_string(const char *str, return EINVAL; } - m = strtoul(p+1, &endp, 10); - if (endp == p+1 || *endp != '\0') { + m = strtoul_err(p+1, &endp, 10, &ret); + if (endp == p+1 || *endp != '\0' || ret != 0) { /* Empty string or trailing garbage */ return EINVAL; } diff --git a/ctdb/server/ctdb_recovery_helper.c b/ctdb/server/ctdb_recovery_helper.c index 7fdcc2e5a29..57e12b47037 100644 --- a/ctdb/server/ctdb_recovery_helper.c +++ b/ctdb/server/ctdb_recovery_helper.c @@ -30,6 +30,7 @@ #include "lib/util/sys_rw.h" #include "lib/util/time.h" #include "lib/util/tevent_unix.h" +#include "lib/util/util.h" #include "protocol/protocol.h" #include "protocol/protocol_api.h" @@ -2739,7 +2740,7 @@ int main(int argc, char *argv[]) TALLOC_CTX *mem_ctx; struct tevent_context *ev; struct ctdb_client_context *client; - int ret; + int ret = 0; struct tevent_req *req; uint32_t generation; @@ -2750,7 +2751,11 @@ int main(int argc, char *argv[]) write_fd = atoi(argv[1]); sockpath = argv[2]; - generation = (uint32_t)strtoul(argv[3], NULL, 0); + generation = (uint32_t)strtoul_err(argv[3], NULL, 0, &ret); + if (ret != 0) { + fprintf(stderr, "recovery: unable to initialize generation\n"); + goto failed; + } mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c index bef9c5f97fb..8140d7337c5 100644 --- a/ctdb/tools/ctdb.c +++ b/ctdb/tools/ctdb.c @@ -315,6 +315,7 @@ static bool parse_nodestring(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, goto done; } else { char *ns, *tok; + int error = 0; ns = talloc_strdup(mem_ctx, nodestring); if (ns == NULL) { @@ -326,8 +327,8 @@ static bool parse_nodestring(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, uint32_t pnn; char *endptr; - pnn = (uint32_t)strtoul(tok, &endptr, 0); - if (pnn == 0 && tok == endptr) { + pnn = (uint32_t)strtoul_err(tok, &endptr, 0, &error); + if (error != 0 || (pnn == 0 && tok == endptr)) { fprintf(stderr, "Invalid node %s\n", tok); return false; } @@ -535,7 +536,8 @@ static bool db_exists(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, struct ctdb_dbid *db = NULL; uint32_t id = 0; const char *name = NULL; - int ret, i; + int i; + int ret = 0; ret = ctdb_ctrl_get_dbmap(mem_ctx, ctdb->ev, ctdb->client, ctdb->pnn, TIMEOUT(), &dbmap); @@ -544,7 +546,10 @@ static bool db_exists(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, } if (strncmp(db_arg, "0x", 2) == 0) { - id = strtoul(db_arg, NULL, 0); + id = strtoul_err(db_arg, NULL, 0, &ret); + if (ret != 0) { + return false; + } for (i=0; i<dbmap->num; i++) { if (id == dbmap->dbs[i].db_id) { db = &dbmap->dbs[i]; @@ -1059,8 +1064,9 @@ static int control_setvar(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, { struct ctdb_var_list *tun_var_list; struct ctdb_tunable tunable; - int ret, i; bool found; + int i; + int ret = 0; if (argc != 2) { usage("setvar"); @@ -1089,7 +1095,10 @@ static int control_setvar(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, } tunable.name = argv[0]; - tunable.value = strtoul(argv[1], NULL, 0); + tunable.value = strtoul_err(argv[1], NULL, 0, &ret); + if (ret != 0) { + return ret; + } ret = ctdb_ctrl_set_tunable(mem_ctx, ctdb->ev, ctdb->client, ctdb->cmd_pnn, TIMEOUT(), &tunable); @@ -1867,7 +1876,8 @@ static int control_process_exists(TALLOC_CTX *mem_ctx, { pid_t pid; uint64_t srvid = 0; - int ret, status; + int status; + int ret = 0; if (argc != 1 && argc != 2) { usage("process-exists"); @@ -1875,7 +1885,10 @@ static int control_process_exists(TALLOC_CTX *mem_ctx, pid = atoi(argv[0]); if (argc == 2) { - srvid = strtoull(argv[1], NULL, 0); + srvid = strtoull_err(argv[1], NULL, 0, &ret); + if (ret != 0) { + return ret; + } } if (srvid == 0) { @@ -2766,7 +2779,7 @@ static int control_ban(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, int argc, const char **argv) { struct ctdb_ban_state ban_state; - int ret; + int ret = 0; if (argc != 1) { usage("ban"); @@ -2779,7 +2792,10 @@ static int control_ban(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, } ban_state.pnn = ctdb->cmd_pnn; - ban_state.time = strtoul(argv[0], NULL, 0); + ban_state.time = strtoul_err(argv[0], NULL, 0, &ret); + if (ret != 0) { + return ret; + } if (ban_state.time == 0) { fprintf(stderr, "Ban time cannot be zero\n"); @@ -3092,14 +3108,18 @@ static int control_gettickles(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, ctdb_sock_addr addr; struct ctdb_tickle_list *tickles; unsigned port = 0; - int ret, i; + int i; + int ret = 0; if (argc < 1 || argc > 2) { usage("gettickles"); } if (argc == 2) { - port = strtoul(argv[1], NULL, 10); + port = strtoul_err(argv[1], NULL, 10, &ret); + if (ret != 0) { + return ret; + } } ret = ctdb_sock_addr_from_string(argv[0], &addr, false); @@ -3792,7 +3812,8 @@ static int control_moveip(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, { ctdb_sock_addr addr; uint32_t pnn; - int ret, retries = 0; + int retries = 0; + int ret = 0; if (argc != 2) { usage("moveip"); @@ -3804,8 +3825,8 @@ static int control_moveip(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, return 1; } - pnn = strtoul(argv[1], NULL, 10); - if (pnn == CTDB_UNKNOWN_PNN) { + pnn = strtoul_err(argv[1], NULL, 10, &ret); + if (pnn == CTDB_UNKNOWN_PNN || ret != 0) { fprintf(stderr, "Invalid PNN %s\n", argv[1]); return 1; } @@ -5228,7 +5249,7 @@ static int control_tstore(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, struct ctdb_ltdb_header header; uint8_t header_buf[sizeof(struct ctdb_ltdb_header)]; size_t np; - int ret; + int ret = 0; if (argc < 3 || argc > 5) { usage("tstore"); @@ -5257,7 +5278,10 @@ static int control_tstore(TALLOC_CTX *mem_ctx, struct ctdb_context *ctdb, ZERO_STRUCT(header); if (argc > 3) { - header.rsn = (uint64_t)strtoull(argv[3], NULL, 0); + header.rsn = (uint64_t)strtoull_err(argv[3], NULL, 0, &ret); + if (ret != 0) { + return ret; + } } if (argc > 4) { header.dmaster = (uint32_t)atol(argv[4]); @@ -6245,7 +6269,7 @@ int main(int argc, const char *argv[]) const struct ctdb_cmd *cmd; int loglevel; bool ok; - int ret; + int ret = 0; setlinebuf(stdout); @@ -6269,7 +6293,11 @@ int main(int argc, const char *argv[]) ctdb_timeout = getenv("CTDB_TIMEOUT"); if (ctdb_timeout != NULL) { - options.maxruntime = strtoul(ctdb_timeout, NULL, 0); + options.maxruntime = strtoul_err(ctdb_timeout, NULL, 0, &ret); + if (ret != 0) { + fprintf(stderr, "Invalid value CTDB_TIMEOUT\n"); + exit(1); + } } else { options.maxruntime = 120; } diff --git a/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c b/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c index 7ef76c26e02..a43855008c0 100644 --- a/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c +++ b/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c @@ -301,10 +301,14 @@ int main(int argc, char *argv[]) cmr_state->pool_name = argv[3]; cmr_state->object = argv[4]; if (argc == 6) { + int error = 0; /* optional lock duration provided */ char *endptr = NULL; - cmr_state->lock_duration_s = strtoull(argv[5], &endptr, 0); - if ((endptr == argv[5]) || (*endptr != '\0')) { + cmr_state->lock_duration_s = strtoull_err(argv[5], + &endptr, + 0, + &error); + if ((endptr == argv[5]) || (*endptr != '\0') || (error != 0)) { fprintf(stdout, CTDB_MUTEX_STATUS_ERROR); ret = -EINVAL; goto err_ctx_cleanup; diff --git a/examples/fuse/clifuse.c b/examples/fuse/clifuse.c index b724e642d4b..954c412f09c 100644 --- a/examples/fuse/clifuse.c +++ b/examples/fuse/clifuse.c @@ -150,11 +150,17 @@ static void cli_ll_create(fuse_req_t freq, fuse_ino_t parent, const char *name, } req = cli_smb2_create_fnum_send( - state, mstate->ev, mstate->cli, state->path, - 0, SMB2_IMPERSONATION_IMPERSONATION, - FILE_GENERIC_READ|FILE_GENERIC_WRITE, FILE_ATTRIBUTE_NORMAL, + state, + mstate->ev, + mstate->cli, state->path, + 0, + SMB2_IMPERSONATION_IMPERSONATION, + FILE_GENERIC_READ|FILE_GENERIC_WRITE, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_CREATE, FILE_NON_DIRECTORY_FILE); + FILE_CREATE, + FILE_NON_DIRECTORY_FILE, + NULL); if (req == NULL) { TALLOC_FREE(state); fuse_reply_err(freq, ENOMEM); @@ -172,7 +178,7 @@ static void cli_ll_create_done(struct tevent_req *req) uint16_t fnum; NTSTATUS status; - status = cli_smb2_create_fnum_recv(req, &fnum, NULL); + status = cli_smb2_create_fnum_recv(req, &fnum, NULL, NULL, NULL); TALLOC_FREE(req); if (!NT_STATUS_IS_OK(status)) { fuse_reply_err(state->freq, map_errno_from_nt_status(status)); @@ -836,11 +842,18 @@ static void cli_ll_open(fuse_req_t freq, fuse_ino_t ino, } req = cli_smb2_create_fnum_send( - state, mstate->ev, mstate->cli, istate->path, - 0, SMB2_IMPERSONATION_IMPERSONATION, - acc, FILE_ATTRIBUTE_NORMAL, + state, + mstate->ev, + mstate->cli, + istate->path, + 0, + SMB2_IMPERSONATION_IMPERSONATION, + acc, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, FILE_NON_DIRECTORY_FILE); + FILE_OPEN, + FILE_NON_DIRECTORY_FILE, + NULL); if (req == NULL) { TALLOC_FREE(state); fuse_reply_err(freq, ENOMEM); @@ -856,7 +869,7 @@ static void cli_ll_open_done(struct tevent_req *req) uint16_t fnum; NTSTATUS status; - status = cli_smb2_create_fnum_recv(req, &fnum, NULL); + status = cli_smb2_create_fnum_recv(req, &fnum, NULL, NULL, NULL); TALLOC_FREE(req); if (!NT_STATUS_IS_OK(status)) { fuse_reply_err(state->freq, map_errno_from_nt_status(status)); diff --git a/lib/ldb-samba/ldb_matching_rules.c b/lib/ldb-samba/ldb_matching_rules.c index 2aaaeb7450b..7387c12f10d 100644 --- a/lib/ldb-samba/ldb_matching_rules.c +++ b/lib/ldb-samba/ldb_matching_rules.c @@ -383,16 +383,22 @@ static int dsdb_match_for_dns_to_tombstone_time(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { DBG_ERR("Empty timestamp passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || - tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { DBG_ERR("Invalid timestamp string passed\n"); return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } @@ -514,14 +520,21 @@ static int dsdb_match_for_expunge(struct ldb_context *ldb, return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } else { char *p = NULL; + int error = 0; char s[value_to_match->length+1]; + memcpy(s, value_to_match->data, value_to_match->length); s[value_to_match->length] = 0; if (s[0] == '\0' || s[0] == '-') { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } - tombstone_time = strtoull(s, &p, 10); - if (p == NULL || p == s || *p != '\0' || tombstone_time == ULLONG_MAX) { + tombstone_time = strtoull_err(s, &p, 10, &error); + if (p == NULL || + p == s || + *p != '\0' || + error != 0 || + tombstone_time == ULLONG_MAX) + { return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; } } diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c index ecc02e51c1d..d38cdd0c9a3 100644 --- a/lib/ldb-samba/ldif_handlers.c +++ b/lib/ldb-samba/ldif_handlers.c @@ -596,6 +596,8 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, line = string; while (line && line[0]) { + int error = 0; + p=strchr(line, ';'); if (p) { p[0] = '\0'; @@ -619,9 +621,10 @@ static int ldif_read_prefixMap(struct ldb_context *ldb, void *mem_ctx, return -1; } - blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = strtoul(line, &oid, 10); + blob->ctr.dsdb.mappings[blob->ctr.dsdb.num_mappings].id_prefix = + strtoul_err(line, &oid, 10, &error); - if (oid[0] != ':') { + if (oid[0] != ':' || error != 0) { talloc_free(tmp_ctx); return -1; } diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 84c83ae91ec..9c7bf892835 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -331,13 +331,21 @@ int lp_int(const char *s) */ unsigned long lp_ulong(const char *s) { + int error = 0; + unsigned long int ret; if (!s || !*s) { - DEBUG(0,("lp_ulong(%s): is called with NULL!\n",s)); + DBG_DEBUG("lp_ulong(%s): is called with NULL!\n",s); return -1; } - return strtoul(s, NULL, 0); + ret = strtoul_err(s, NULL, 0, &error); + if (error != 0) { + DBG_DEBUG("lp_ulong(%s): conversion failed\n",s); + return -1; + } + + return ret; } /** @@ -345,13 +353,21 @@ unsigned long lp_ulong(const char *s) */ unsigned long long lp_ulonglong(const char *s) { + int error = 0; + unsigned long long int ret; if (!s || !*s) { - DEBUG(0, ("lp_ulonglong(%s): is called with NULL!\n", s)); + DBG_DEBUG("lp_ulonglong(%s): is called with NULL!\n", s); return -1; } - return strtoull(s, NULL, 0); + ret = strtoull_err(s, NULL, 0, &error); + if (error != 0) { + DBG_DEBUG("lp_ulonglong(%s): conversion failed\n",s); + return -1; + } + + return ret; } /** diff --git a/lib/util/access.c b/lib/util/access.c index 7da0573a74d..a05a47c15b2 100644 --- a/lib/util/access.c +++ b/lib/util/access.c @@ -71,8 +71,11 @@ static bool masked_match(const char *tok, const char *slash, const char *s) } } else { -- Samba Shared Repository