From e8dd34b0d3ba704deff696c1683297536a494893 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 26 Sep 1997 12:39:45 +0000 Subject: This commit fixes the security hole due to buffer overflows. The main fix is just a couple of lines long, but I have now also put precautionary checks on a large number of other places in the code where unchecked string copies were being performed. An exploit via one of these copies is unlikely, but is is better to be safe. I also added a routine to log possible exploit attempts using the code that was posted for obtaining root access on a Samba server. --- source/lib/username.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source/lib/username.c') diff --git a/source/lib/username.c b/source/lib/username.c index b8d152c83fd..46b8f4cb332 100644 --- a/source/lib/username.c +++ b/source/lib/username.c @@ -62,7 +62,7 @@ void map_username(char *user) if (strequal(user,last_from)) { DEBUG(3,("Mapped user %s to %s\n",user,last_to)); - strcpy(user,last_to); + fstrcpy(user,last_to); return; } @@ -173,7 +173,7 @@ struct passwd *Get_Pwnam(char *user,BOOL allow_change) if (ret) return(ret); if (allow_change) - strcpy(user,user2); + fstrcpy(user,user2); return(NULL); } -- cgit