return NT_STATUS_NO_MEMORY;
}
- strlcpy( secret_str, user_info->mapped.domain_name, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
- strlcat( secret_str, user_info->client.account_name, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
+ if (strlcpy( secret_str, user_info->mapped.domain_name, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, user_info->client.account_name, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
for (i = 0; i < 8; i++) {
slprintf(&hex_str[i*2], 3, "%02X", auth_context->challenge.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
- strlcat( secret_str, "\n", secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
if (user_info->password.response.lanman.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.lanman.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
}
- strlcat( secret_str, "\n", secret_str_len);
if (user_info->password.response.nt.data) {
for (i = 0; i < 24; i++) {
slprintf(&hex_str[i*2], 3, "%02X", user_info->password.response.nt.data[i]);
}
- strlcat( secret_str, hex_str, secret_str_len);
+ if (strlcat( secret_str, hex_str, secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
+ }
+ }
+ if (strlcat( secret_str, "\n", secret_str_len) >= secret_str_len) {
+ /* Truncate. */
+ goto cat_out;
}
- strlcat( secret_str, "\n", secret_str_len);
DEBUG(10,("script_check_user_credentials: running %s with parameters:\n%s\n",
script, secret_str ));
/* Cause the auth system to keep going.... */
return NT_STATUS_NOT_IMPLEMENTED;
+
+ cat_out:
+
+ SAFE_FREE(secret_str);
+ return NT_STATUS_NO_MEMORY;
}
/* module initialisation */
return NULL;
}
- strlcpy(ret,field, len);
+ if (strlcpy(ret,field, len) >= len) {
+ /* Truncate ! */
+ free(r);
+ return NULL;
+ }
p=strtok_r(r, sep, &saveptr);
if (p) {
- strlcat(ret, p, len);
+ if (strlcat(ret, p, len) >= len) {
+ free(r);
+ return NULL;
+ }
while ((p=strtok_r(NULL, sep, &saveptr)) != NULL) {
int retval;
}
fstr_sprintf(line, "%d\n", positives);
- strlcat(acl_str, line, MAXSIZE);
+ if (strlcat(acl_str, line, MAXSIZE) >= MAXSIZE) {
+ return false;
+ }
fstr_sprintf(line, "%d\n", negatives);
- strlcat(acl_str, line, MAXSIZE);
+ if (strlcat(acl_str, line, MAXSIZE) >= MAXSIZE) {
+ return false;
+ }
ace = acl->acelist;
while (ace != NULL) {
fstr_sprintf(line, "%s\t%d\n", ace->name, ace->rights);
- strlcat(acl_str, line, MAXSIZE);
+ if (strlcat(acl_str, line, MAXSIZE) >= MAXSIZE) {
+ return false;
+ }
ace = ace->next;
}
return true;
*new_dir = '\0';
if (dname[0] == '/') {
/* Absolute path. */
- strlcat(new_dir,"/",len+1);
+ if (strlcat(new_dir,"/",len+1) >= len+1) {
+ goto done;
+ }
}
/* Create directory tree if neccessary */
for(token = strtok_r(tok_str, "/", &saveptr); token;
token = strtok_r(NULL, "/", &saveptr)) {
- strlcat(new_dir, token, len+1);
+ if (strlcat(new_dir, token, len+1) >= len+1) {
+ goto done;
+ }
if (recycle_directory_exist(handle, new_dir))
DEBUG(10, ("recycle: dir %s already exists\n", new_dir));
else {
goto done;
}
}
- strlcat(new_dir, "/", len+1);
+ if (strlcat(new_dir, "/", len+1) >= len+1) {
+ goto done;
+ }
mode = recycle_subdir_mode(handle);
}
if (gsendlen + tmplen >= SENDBUFFERSIZE) {
flush_sendbuffer(handle);
}
- strlcat(so->gsendbuffer, tmp, SENDBUFFERSIZE + 1);
- strlcat(so->gsendbuffer, "\n", SENDBUFFERSIZE + 1);
+ /* FIXME ! Truncate checks... JRA. */
+ (void)strlcat(so->gsendbuffer, tmp, SENDBUFFERSIZE + 1);
+ (void)strlcat(so->gsendbuffer, "\n", SENDBUFFERSIZE + 1);
}
static bool is_scannedonly_file(struct Tscannedonly *so, const char *shortname)
goto out;
}
- strlcpy(fname, "\\shortname\\", sizeof(fname));
- strlcat(fname, "test .txt", sizeof(fname));
+ if (strlcpy(fname, "\\shortname\\", sizeof(fname)) >= sizeof(fname)) {
+ correct = false;
+ goto out;
+ }
+ if (strlcat(fname, "test .txt", sizeof(fname)) >= sizeof(fname)) {
+ correct = false;
+ goto out;
+ }
s.val = false;
}
/* search below that directory */
- strlcpy(new_mask, dir, sizeof(new_mask));
- strlcat(new_mask, "\\*", sizeof(new_mask));
+ if (strlcpy(new_mask, dir, sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (strlcat(new_mask, "\\*", sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
old_dir = local_state->cwd;
local_state->cwd = dir;
token = &((*tokens)[*num_tokens-1]);
- strlcpy(token->name, line, sizeof(token->name));
+ if (strlcpy(token->name, line, sizeof(token->name)) >= sizeof(token->name)) {
+ return false;
+ }
token->token.num_sids = 0;
token->token.sids = NULL;
continue;
char tmp[3];
snprintf(tmp, sizeof(tmp), "%02x", token[i]);
- strlcat(token_str, tmp, sizeof(tmp));
+ /* FIXME ! Truncate check. JRA. */
+ (void)strlcat(token_str, tmp, sizeof(tmp));
}
}