s3:auth: use talloc_alpha_strcpy() in auth3_session_info_create()

author Ralph Boehme <slow@samba.org>

Fri, 17 Jan 2020 18:28:34 +0000 (19:28 +0100)

committer Andreas Schneider <asn@cryptomilk.org>

Thu, 6 Feb 2020 10:17:43 +0000 (10:17 +0000)
author Ralph Boehme <slow@samba.org>
Fri, 17 Jan 2020 18:28:34 +0000 (19:28 +0100)
committer Andreas Schneider <asn@cryptomilk.org>
Thu, 6 Feb 2020 10:17:43 +0000 (10:17 +0000)
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c

index a12a631da4f5c1febb064fb2f39648bd09e9c6be..9427c05f573d5c20073bec3f8b0b708886a7be71 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -772,7 +772,6 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
         uint32_t num_gids = 0;
         gid_t *gids = NULL;
         struct dom_sid tmp_sid = { 0, };
-       fstring tmp = { 0, };
         NTSTATUS status;
         size_t i;
         bool ok;
@@ -1088,9 +1087,10 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
         }
  
         /* This is a potentially untrusted username for use in %U */
-       alpha_strcpy(tmp, original_user_name, ". _-$", sizeof(tmp));
         session_info->unix_info->sanitized_username =
-                               talloc_strdup(session_info->unix_info, tmp);
+               talloc_alpha_strcpy(session_info->unix_info,
+                                   original_user_name,
+                                   SAFE_NETBIOS_CHARS "$");
         if (session_info->unix_info->sanitized_username == NULL) {
                 TALLOC_FREE(frame);
                 return NT_STATUS_NO_MEMORY;
author	Ralph Boehme <slow@samba.org>
	Fri, 17 Jan 2020 18:28:34 +0000 (19:28 +0100)
committer	Andreas Schneider <asn@cryptomilk.org>
	Thu, 6 Feb 2020 10:17:43 +0000 (10:17 +0000)