Changeset 988 for vendor/current/source3/libsmb/nmblib.c
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/libsmb/nmblib.c (modified) (25 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/libsmb/nmblib.c
r740 r988 69 69 res->ttl ) ); 70 70 71 if ( res->rdlength == 0 || res->rdata == NULL )71 if (res->rdlength == 0) { 72 72 return; 73 } 73 74 74 75 for (i = 0; i < res->rdlength; i+= MAX_NETBIOSNAME_LEN) { … … 289 290 ******************************************************************/ 290 291 291 static int put_nmb_name(char *buf, int offset,struct nmb_name *name)292 static int put_nmb_name(char *buf, size_t buflen, int offset,struct nmb_name *name) 292 293 { 293 294 int ret,m; … … 303 304 304 305 if (buf) { 306 if (offset >= buflen) { 307 return 0; 308 } 305 309 buf[offset] = 0x20; 306 310 } … … 310 314 for (m=0;m<MAX_NETBIOSNAME_LEN;m++) { 311 315 if (buf) { 316 if (offset+2+2*m >= buflen) { 317 return 0; 318 } 312 319 buf[offset+1+2*m] = 'A' + ((buf1[m]>>4)&0xF); 313 320 buf[offset+2+2*m] = 'A' + (buf1[m]&0xF); … … 317 324 318 325 if (buf) { 326 if (offset >= buflen) { 327 return 0; 328 } 319 329 buf[offset] = 0; 320 330 } … … 322 332 if (name->scope[0]) { 323 333 /* XXXX this scope handling needs testing */ 324 ret += strlen(name->scope) + 1; 334 size_t scopenamelen = strlen(name->scope) + 1; 335 ret += scopenamelen; 325 336 if (buf) { 326 safe_strcpy(&buf[offset+1],name->scope, 327 sizeof(name->scope)); 337 if (offset+1+scopenamelen >= buflen) { 338 return 0; 339 } 340 strlcpy(&buf[offset+1],name->scope, 341 buflen - (offset+1)); 328 342 329 343 p = &buf[offset+1]; … … 331 345 buf[offset] = PTR_DIFF(p,&buf[offset+1]); 332 346 offset += (buf[offset] + 1); 347 if (offset+1 >= buflen) { 348 return 0; 349 } 333 350 p = &buf[offset+1]; 334 351 } … … 405 422 ******************************************************************/ 406 423 407 static int put_res_rec(char *buf, int offset,struct res_rec *recs,int count)424 static int put_res_rec(char *buf, size_t buflen, int offset,struct res_rec *recs,int count) 408 425 { 409 426 int ret=0; … … 411 428 412 429 for (i=0;i<count;i++) { 413 int l = put_nmb_name(buf, offset,&recs[i].rr_name);430 int l = put_nmb_name(buf,buflen,offset,&recs[i].rr_name); 414 431 offset += l; 415 432 ret += l; … … 888 905 dgram->header.msg_type == 0x11 || 889 906 dgram->header.msg_type == 0x12) { 890 offset += put_nmb_name((char *)ubuf, offset,&dgram->source_name);891 offset += put_nmb_name((char *)ubuf, offset,&dgram->dest_name);907 offset += put_nmb_name((char *)ubuf,len,offset,&dgram->source_name); 908 offset += put_nmb_name((char *)ubuf,len,offset,&dgram->dest_name); 892 909 } 893 910 … … 918 935 memset( (char *)n, '\0', sizeof(struct nmb_name) ); 919 936 fstrcpy(unix_name, name); 920 strupper_m(unix_name);937 (void)strupper_m(unix_name); 921 938 push_ascii(n->name, unix_name, sizeof(n->name), STR_TERMINATE); 922 939 n->name_type = (unsigned int)type & 0xFF; 923 push_ascii(n->scope, global_scope(), 64, STR_TERMINATE);940 push_ascii(n->scope, lp_netbios_scope(), 64, STR_TERMINATE); 924 941 } 925 942 … … 980 997 if (len) { 981 998 /* Length check. */ 982 int extra = put_nmb_name(NULL, offset,999 int extra = put_nmb_name(NULL,0,offset, 983 1000 &nmb->question.question_name); 984 1001 if (offset + extra > len) { … … 986 1003 } 987 1004 } 988 offset += put_nmb_name((char *)ubuf, offset,1005 offset += put_nmb_name((char *)ubuf,len,offset, 989 1006 &nmb->question.question_name); 990 1007 if (buf) { … … 998 1015 if (len) { 999 1016 /* Length check. */ 1000 int extra = put_res_rec(NULL, offset,nmb->answers,1017 int extra = put_res_rec(NULL,0,offset,nmb->answers, 1001 1018 nmb->header.ancount); 1002 1019 if (offset + extra > len) { … … 1004 1021 } 1005 1022 } 1006 offset += put_res_rec((char *)ubuf, offset,nmb->answers,1023 offset += put_res_rec((char *)ubuf,len,offset,nmb->answers, 1007 1024 nmb->header.ancount); 1008 1025 } … … 1011 1028 if (len) { 1012 1029 /* Length check. */ 1013 int extra = put_res_rec(NULL, offset,nmb->nsrecs,1030 int extra = put_res_rec(NULL,0,offset,nmb->nsrecs, 1014 1031 nmb->header.nscount); 1015 1032 if (offset + extra > len) { … … 1017 1034 } 1018 1035 } 1019 offset += put_res_rec((char *)ubuf, offset,nmb->nsrecs,1036 offset += put_res_rec((char *)ubuf,len,offset,nmb->nsrecs, 1020 1037 nmb->header.nscount); 1021 1038 } … … 1049 1066 if (len) { 1050 1067 /* Length check. */ 1051 int extra = put_res_rec(NULL, offset,nmb->additional,1068 int extra = put_res_rec(NULL,0,offset,nmb->additional, 1052 1069 nmb->header.arcount); 1053 1070 if (offset + extra > len) { … … 1055 1072 } 1056 1073 } 1057 offset += put_res_rec((char *)ubuf, offset,nmb->additional,1074 offset += put_res_rec((char *)ubuf,len,offset,nmb->additional, 1058 1075 nmb->header.arcount); 1059 1076 } … … 1132 1149 ***************************************************************************/ 1133 1150 1134 int matching_len_bits( unsigned char *p1,unsigned char *p2, size_t len)1151 int matching_len_bits(const unsigned char *p1, const unsigned char *p2, size_t len) 1135 1152 { 1136 1153 size_t i, j; … … 1246 1263 char *p; 1247 1264 1248 result = talloc_array(mem_ctx, char, 33 + strlen( global_scope()) + 2);1265 result = talloc_array(mem_ctx, char, 33 + strlen(lp_netbios_scope()) + 2); 1249 1266 if (result == NULL) { 1250 1267 return NULL; … … 1262 1279 1263 1280 pull_ascii_fstring(buf_unix, In); 1264 strupper_m(buf_unix); 1281 if (!strupper_m(buf_unix)) { 1282 return NULL; 1283 } 1265 1284 1266 1285 push_ascii_nstring(buf_dos, buf_unix); … … 1281 1300 1282 1301 /* Add the scope string. */ 1283 for( i = 0, len = 0; *( global_scope()) != '\0'; i++, len++ ) {1284 switch( ( global_scope())[i] ) {1302 for( i = 0, len = 0; *(lp_netbios_scope()) != '\0'; i++, len++ ) { 1303 switch( (lp_netbios_scope())[i] ) { 1285 1304 case '\0': 1286 1305 p[0] = len; … … 1294 1313 break; 1295 1314 default: 1296 p[len+1] = ( global_scope())[i];1315 p[len+1] = (lp_netbios_scope())[i]; 1297 1316 break; 1298 1317 } … … 1316 1335 c = *(unsigned char *)(buf+ofs); 1317 1336 if ((c & 0xC0) == 0xC0) { 1318 uint16 l = 0;1337 uint16_t l = 0; 1319 1338 1320 1339 if (ofs > buf_len - 1) {
Note:
See TracChangeset
for help on using the changeset viewer.
