diff options
Diffstat (limited to 'source/lib')
-rw-r--r-- | source/lib/fault.c | 2 | ||||
-rw-r--r-- | source/lib/messages.c | 9 | ||||
-rw-r--r-- | source/lib/pidfile.c | 7 | ||||
-rw-r--r-- | source/lib/replace/system/config.m4 | 3 | ||||
-rw-r--r-- | source/lib/replace/system/filesys.h | 4 | ||||
-rw-r--r-- | source/lib/sysacls.c | 2 | ||||
-rw-r--r-- | source/lib/util.c | 83 | ||||
-rw-r--r-- | source/lib/util_sec.c | 24 | ||||
-rw-r--r-- | source/lib/util_str.c | 36 | ||||
-rw-r--r-- | source/lib/util_tdb.c | 13 |
10 files changed, 136 insertions, 47 deletions
diff --git a/source/lib/fault.c b/source/lib/fault.c index b632a5c82fa..b214d9027ea 100644 --- a/source/lib/fault.c +++ b/source/lib/fault.c @@ -156,7 +156,7 @@ void dump_core_setup(const char *progname) * turned on in smb.conf and the relevant daemon is not restarted. */ if (!lp_enable_core_files()) { - DEBUG(0, ("Exiting on internal error (core file administratively disabled\n")); + DEBUG(0, ("Exiting on internal error (core file administratively disabled)\n")); exit(1); } diff --git a/source/lib/messages.c b/source/lib/messages.c index e2c8a6b52fa..08a94142572 100644 --- a/source/lib/messages.c +++ b/source/lib/messages.c @@ -183,13 +183,18 @@ static NTSTATUS message_notify(struct process_id procid) SMB_ASSERT(pid > 0); if (euid != 0) { - become_root_uid_only(); + /* If we're not root become so to send the message. */ + save_re_uid(); + set_effective_uid(0); } ret = kill(pid, SIGUSR1); if (euid != 0) { - unbecome_root_uid_only(); + /* Go back to who we were. */ + int saved_errno = errno; + restore_re_uid_fromroot(); + errno = saved_errno; } if (ret == -1) { diff --git a/source/lib/pidfile.c b/source/lib/pidfile.c index 49626acade5..89ab6d799b7 100644 --- a/source/lib/pidfile.c +++ b/source/lib/pidfile.c @@ -93,6 +93,13 @@ void pidfile_create(const char *program_name) strncpy( name, program_name, sizeof( name)-1); } else { short_configfile = strrchr( dyn_CONFIGFILE, '/'); + if (short_configfile == NULL) { + /* conf file in current directory */ + short_configfile = dyn_CONFIGFILE; + } else { + /* full/relative path provided */ + short_configfile++; + } slprintf( name, sizeof( name)-1, "%s-%s", program_name, short_configfile+1); } diff --git a/source/lib/replace/system/config.m4 b/source/lib/replace/system/config.m4 index 4d66317a5ee..74278787e71 100644 --- a/source/lib/replace/system/config.m4 +++ b/source/lib/replace/system/config.m4 @@ -1,6 +1,7 @@ # filesys AC_HEADER_DIRENT -AC_CHECK_HEADERS(fcntl.h sys/fcntl.h sys/acl.h sys/resource.h sys/ioctl.h sys/mode.h sys/filio.h sys/fs/s5param.h sys/filsys.h ) +AC_CHECK_HEADERS(fcntl.h sys/fcntl.h sys/resource.h sys/ioctl.h sys/mode.h sys/filio.h sys/fs/s5param.h sys/filsys.h) +AC_CHECK_HEADERS(sys/acl.h acl/libacl.h) # select AC_CHECK_HEADERS(sys/select.h) diff --git a/source/lib/replace/system/filesys.h b/source/lib/replace/system/filesys.h index 1e48f7ab404..3b68abe48ae 100644 --- a/source/lib/replace/system/filesys.h +++ b/source/lib/replace/system/filesys.h @@ -41,6 +41,10 @@ #include <sys/acl.h> #endif +#ifdef HAVE_ACL_LIBACL_H +#include <acl/libacl.h> +#endif + #ifdef HAVE_SYS_FS_S5PARAM_H #include <sys/fs/s5param.h> #endif diff --git a/source/lib/sysacls.c b/source/lib/sysacls.c index d31c1870c34..dcd76407144 100644 --- a/source/lib/sysacls.c +++ b/source/lib/sysacls.c @@ -181,7 +181,7 @@ char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p) id = idbuf; } else { id = gr->gr_name; - } + } case SMB_ACL_GROUP_OBJ: tag = "group"; break; diff --git a/source/lib/util.c b/source/lib/util.c index 45d3916ebe6..f49af133adb 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -3112,3 +3112,86 @@ int this_is_smp(void) return 0; #endif } + +/**************************************************************** + Check if an offset into a buffer is safe. + If this returns True it's safe to indirect into the byte at + pointer ptr+off. +****************************************************************/ + +BOOL is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + const char *end_base = buf_base + buf_len; + char *end_ptr = ptr + off; + + if (!buf_base || !ptr) { + return False; + } + + if (end_base < buf_base || end_ptr < ptr) { + return False; /* wrap. */ + } + + if (end_ptr < end_base) { + return True; + } + return False; +} + +/**************************************************************** + Return a safe pointer into a buffer, or NULL. +****************************************************************/ + +char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + return is_offset_safe(buf_base, buf_len, ptr, off) ? + ptr + off : NULL; +} + +/**************************************************************** + Return a safe pointer into a string within a buffer, or NULL. +****************************************************************/ + +char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + if (!is_offset_safe(buf_base, buf_len, ptr, off)) { + return NULL; + } + /* Check if a valid string exists at this offset. */ + if (skip_string(buf_base,buf_len, ptr + off) == NULL) { + return NULL; + } + return ptr + off; +} + +/**************************************************************** + Return an SVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + /* + * Note we use off+1 here, not off+2 as SVAL accesses ptr[0] and ptr[1], + * NOT ptr[2]. + */ + if (!is_offset_safe(buf_base, buf_len, ptr, off+1)) { + return failval; + } + return SVAL(ptr,off); +} + +/**************************************************************** + Return an IVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + /* + * Note we use off+3 here, not off+4 as IVAL accesses + * ptr[0] ptr[1] ptr[2] ptr[3] NOT ptr[4]. + */ + if (!is_offset_safe(buf_base, buf_len, ptr, off+3)) { + return failval; + } + return IVAL(ptr,off); +} diff --git a/source/lib/util_sec.c b/source/lib/util_sec.c index 3d997ee76ac..18992086975 100644 --- a/source/lib/util_sec.c +++ b/source/lib/util_sec.c @@ -265,7 +265,7 @@ void save_re_uid(void) and restore them! ****************************************************************************/ -static void restore_re_uid_fromroot(void) +void restore_re_uid_fromroot(void) { #if USE_SETRESUID setresuid(saved_ruid, saved_euid, -1); @@ -292,28 +292,6 @@ void restore_re_uid(void) } /**************************************************************************** - Lightweight become root - no group change. -****************************************************************************/ - -void become_root_uid_only(void) -{ - save_re_uid(); - set_effective_uid(0); -} - -/**************************************************************************** - Lightweight unbecome root - no group change. Expects we are root already, - saves errno across call boundary. -****************************************************************************/ - -void unbecome_root_uid_only(void) -{ - int saved_errno = errno; - restore_re_uid_fromroot(); - errno = saved_errno; -} - -/**************************************************************************** save the real and effective gid for later restoration. Used by the getgroups code ****************************************************************************/ diff --git a/source/lib/util_str.c b/source/lib/util_str.c index ccf0af8b623..457232c2b21 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -424,17 +424,42 @@ void string_replace( pstring s, char oldc, char newc ) } /** - Skip past some strings in a buffer. -**/ + * Skip past some strings in a buffer - old version - no checks. + * **/ -char *skip_string(char *buf,size_t n) +char *push_skip_string(char *buf) { - while (n--) - buf += strlen(buf) + 1; + buf += strlen(buf) + 1; return(buf); } /** + Skip past a string in a buffer. Buffer may not be + null terminated. end_ptr points to the first byte after + then end of the buffer. +**/ + +char *skip_string(const char *base, size_t len, char *buf) +{ + const char *end_ptr = base + len; + + if (end_ptr < base || !base || !buf || buf >= end_ptr) { + return NULL; + } + + /* Skip the string */ + while (*buf) { + buf++; + if (buf >= end_ptr) { + return NULL; + } + } + /* Skip the '\0' */ + buf++; + return buf; +} + +/** Count the number of characters in a string. Normally this will be the same as the number of bytes in a string for single byte strings, but will be different for multibyte. @@ -2591,4 +2616,3 @@ size_t utf16_len_n(const void *src, size_t n) return len; } - diff --git a/source/lib/util_tdb.c b/source/lib/util_tdb.c index 9136e2d6c1e..a1b5bf5bb16 100644 --- a/source/lib/util_tdb.c +++ b/source/lib/util_tdb.c @@ -25,18 +25,6 @@ #undef calloc #undef strdup -/*************************************************************** - Allow a caller to set a "alarm" flag that tdb can check to abort - a blocking lock on SIGALRM. -***************************************************************/ - -static sig_atomic_t *palarm_fired; - -static void tdb_set_lock_alarm(sig_atomic_t *palarm) -{ - palarm_fired = palarm; -} - /* these are little tdb utility functions that are meant to make dealing with a tdb database a little less cumbersome in Samba */ @@ -77,7 +65,6 @@ static int tdb_chainlock_with_timeout_internal( TDB_CONTEXT *tdb, TDB_DATA key, /* Allow tdb_chainlock to be interrupted by an alarm. */ int ret; gotalarm = 0; - tdb_set_lock_alarm(CONST_DISCARD(sig_atomic_t *, &gotalarm)); if (timeout) { CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); |