This is a security audit change of the main source.

It removed all ocurrences of the following functions :

sprintf
strcpy
strcat

The replacements are slprintf, safe_strcpy and safe_strcat.

It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.

Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.

Jeremy.

1 files changed, 6 insertions, 6 deletions

diff --git a/source/smbd/connection.c b/source/smbd/connection.c
index 5cf8b800f2c..64b3f153cff 100644
--- a/source/smbd/connection.c
+++ b/source/smbd/connection.c
@@ -48,9 +48,9 @@ BOOL yield_connection(int cnum,char *name,int max_connections)
 	pstrcpy(fname,lp_lockdir());
 	trim_string(fname,"","/");
 
-	strcat(fname,"/");
-	strcat(fname,name);
-	strcat(fname,".LCK");
+	pstrcat(fname,"/");
+	pstrcat(fname,name);
+	pstrcat(fname,".LCK");
 
 	fd = open(fname,O_RDWR);
 	if (fd == -1) {
@@ -133,9 +133,9 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
 	if (!directory_exist(fname,NULL))
 		mkdir(fname,0755);
 	
-	strcat(fname,"/");
-	strcat(fname,name);
-	strcat(fname,".LCK");
+	pstrcat(fname,"/");
+	pstrcat(fname,name);
+	pstrcat(fname,".LCK");
 	
 	if (!file_exist(fname,NULL)) {
 		fd = open(fname,O_RDWR|O_CREAT|O_EXCL, 0644);