The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow. Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.
Use defensive strlcpy() when filling nn_name in all cases.
PR: 228354
Reported by: donald.buchholz@intel.com
Reviewed by: jpaetzel, ian (prior version)
Discussed with: Security Officer (gtetlow)
MFC after: 3 days
Security: Stack overflow with the hostname.
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15936
The current code for encoding a netbios name converts each byte to a 16-bit
value and stores the result by casting a char* to u_short*, resulting in
alignment faults on strict-alignment platforms.
This change reimplements the encoding routine using only byte accesses to
memory. There is no particular reason to work with 16-bit values just
because the encoding process creates two bytes of output for every byte of
input. Working a byte at at time also avoids endian problems for big-endian
platforms.
PR: 180438
PR: 189415
Differential Revision: https://reviews.freebsd.org/D4622
It's just like "-U guest", except that it actually works, at least
with Samba 4, which seems to return authentication failure for "-U guest".
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
The issue here is that we have to pass this flag as a string,
in iov, because it doesn't fit in mntflags, which is an int.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.
to cdevpriv(9). This commit changes the semantic of mount_smbfs
in userland as well, which now passes file descriptor in order to
to mount a specific filesystem istance.
Reviewed by: attilio, ed
Tested by: martymac
which is less likely to block a remote system from boot.
Submitted by: Garrett Cooper <yanegomi@gmail.com>
PR: doc/160775
MFC after: 1 month
Approved by: re (kib)
Also remove upper 16bits which always seem to be 0xFFFF. We don't
allocate more than 64KB buffer anyway.
This change make smbutil work on sparc64.
Reviewed by: marius, bp
Approved by: bp
previously in order to ensure it fit properly in the bufer when encoded.
This prevents a debugging printf from firing if a source or destination
host name for an smb mount exceeds 15 characters.
MFC after: 3 days
Obtained from: Apple, Inc.
when using character set conversions.
Also include POSIX <string.h> vs. BSD <strings.h> now that we've broken
traditional BSD behavior [and compatibility with our BSD brethren].
PR: 72445
Submitted by: Vladimir Nechitailo <nechit@lpi.ru>
Patch by: Stasys Smailys <ssmailys@komvista.lt>
We can't realy on the mount(2) system call to do it for us here because
smb_lib_init() needs the module and we call it before mount(). The old
code has been slightly modified to not use the getvfsent(3) API which
is now retired.
Noticed by: many
the iprintf macro. It was causing the actual format string and
variable names to be written out, instead of substituting the values
of the variables into the format string.
usernames, workgroup names and passwords. We can now connect to
servers with 15-character NetBIOS names. (Some versions of Windows
use semi-random 15-char names by default.)
PR: 46902
struct vfsconf. This silences a warning, but could also prevent
stack corruption problems if xvfsconf ever became larger than vfsconf.
PR: 53863
Submitted by: Lukas Ertl