Lines 477-482
Link Here
|
477 |
*err = errno; |
477 |
*err = errno; |
478 |
return NULL; |
478 |
return NULL; |
479 |
} |
479 |
} |
|
|
480 |
if (st.st_uid != getuid()) { |
481 |
*err = EACCES; |
482 |
return NULL; |
483 |
} |
480 |
if ((st.st_mode & (S_IRWXO | S_IRWXG)) != 0) { |
484 |
if ((st.st_mode & (S_IRWXO | S_IRWXG)) != 0) { |
481 |
*err = NCPLIB_INVALID_MODE; |
485 |
*err = NCPLIB_INVALID_MODE; |
482 |
return NULL; |
486 |
return NULL; |
Lines 816-822
Link Here
|
816 |
static NWDSCCODE __docopy_string (UNUSED(NWDSContextHandle ctx), const void* val, |
820 |
static NWDSCCODE __docopy_string (UNUSED(NWDSContextHandle ctx), const void* val, |
817 |
const enum SYNTAX synt, size_t currentSize, |
821 |
const enum SYNTAX synt, size_t currentSize, |
818 |
char* result, size_t maxSize){ |
822 |
char* result, size_t maxSize){ |
819 |
|
823 |
int l; |
820 |
#ifdef DEBUG_PRINT |
824 |
#ifdef DEBUG_PRINT |
821 |
printf ("__docopy_string got :%s synt = %d cursize=%d maxsize= %d\n",(char *)val,synt,currentSize,maxSize ); |
825 |
printf ("__docopy_string got :%s synt = %d cursize=%d maxsize= %d\n",(char *)val,synt,currentSize,maxSize ); |
822 |
#endif |
826 |
#endif |
Lines 825-914
Link Here
|
825 |
if (!result) return ERR_NULL_POINTER; |
829 |
if (!result) return ERR_NULL_POINTER; |
826 |
switch (synt) { |
830 |
switch (synt) { |
827 |
case SYN_DIST_NAME: |
831 |
case SYN_DIST_NAME: |
828 |
#if 0 |
|
|
829 |
{ |
830 |
NWDSCCODE err; |
831 |
char tmpBuf [MAX_DN_BYTES+1]; |
832 |
|
833 |
err = NWDSAbbreviateName(ctx, val, tmpBuf); |
834 |
if (err) |
835 |
return err; |
836 |
strcpy (result,tmpBuf); |
837 |
} |
838 |
#else |
839 |
strcpy(result,val); |
840 |
#endif |
841 |
break; |
842 |
case SYN_CI_STRING: |
832 |
case SYN_CI_STRING: |
843 |
case SYN_CE_STRING: |
833 |
case SYN_CE_STRING: |
844 |
case SYN_PR_STRING: |
834 |
case SYN_PR_STRING: |
845 |
case SYN_NU_STRING: |
835 |
case SYN_NU_STRING: |
846 |
case SYN_TEL_NUMBER: |
836 |
case SYN_TEL_NUMBER: |
847 |
case SYN_CLASS_NAME: |
837 |
case SYN_CLASS_NAME: |
848 |
strcpy(result,val); |
838 |
l = snprintf(result, maxSize, "%s", (const char *)val); |
849 |
break; |
839 |
break; |
850 |
case SYN_PATH:{ |
840 |
case SYN_PATH:{ |
851 |
const Path_T* p = (const Path_T*)val; |
841 |
const Path_T* p = (const Path_T*)val; |
852 |
if (strlen(p->volumeName)+strlen(p->path)+2+2+1>=maxSize) |
842 |
|
853 |
return NWE_BUFFER_OVERFLOW; |
843 |
l = snprintf(result, maxSize, "%u,%s,%s", p->nameSpaceType, p->volumeName, p->path); |
854 |
sprintf(result,"%u,%s,%s", p->nameSpaceType,p->volumeName, p->path); |
|
|
855 |
} |
844 |
} |
856 |
break; |
845 |
break; |
857 |
case SYN_TYPED_NAME:{ |
846 |
case SYN_TYPED_NAME:{ |
858 |
const Typed_Name_T* tn = (const Typed_Name_T*)val; |
847 |
const Typed_Name_T* tn = (const Typed_Name_T*)val; |
859 |
if (strlen(tn->objectName)+8+8+2+1>=maxSize) |
848 |
|
860 |
return NWE_BUFFER_OVERFLOW; |
849 |
l = snprintf(result, maxSize, "%u,%u,%s", tn->interval, tn->level, tn->objectName); |
861 |
sprintf(result,"%u,%u,%s", tn->interval,tn->level,tn->objectName); |
|
|
862 |
} |
850 |
} |
863 |
break; |
851 |
break; |
864 |
case SYN_FAX_NUMBER:{ |
852 |
case SYN_FAX_NUMBER:{ |
865 |
const Fax_Number_T* fn = (const Fax_Number_T*)val; |
853 |
const Fax_Number_T* fn = (const Fax_Number_T*)val; |
866 |
if (strlen(fn->telephoneNumber)+2+1+1>=maxSize) |
854 |
|
867 |
return NWE_BUFFER_OVERFLOW; |
855 |
l = snprintf(result, maxSize, "%s,%u", fn->telephoneNumber, fn->parameters.numOfBits); |
868 |
sprintf(result,"%s,%u", fn->telephoneNumber,fn->parameters.numOfBits); |
|
|
869 |
} |
856 |
} |
870 |
break; |
857 |
break; |
871 |
case SYN_EMAIL_ADDRESS:{ |
858 |
case SYN_EMAIL_ADDRESS:{ |
872 |
const EMail_Address_T* ea = (const EMail_Address_T*)val; |
859 |
const EMail_Address_T* ea = (const EMail_Address_T*)val; |
873 |
/*change the SMTP:aaa@bbbb to SMTP,aaa@bbbb */ |
860 |
/*change the SMTP:aaa@bbbb to SMTP,aaa@bbbb */ |
874 |
char* p=strchr(ea->address,':'); |
861 |
char* p=strchr(ea->address,':'); |
875 |
if (strlen(ea->address)+2+1+1>=maxSize) |
|
|
876 |
return NWE_BUFFER_OVERFLOW; |
877 |
|
862 |
|
878 |
if (p) *p=','; |
863 |
if (p) *p=','; |
879 |
sprintf(result,"%u,%s", ea->type,ea->address); |
864 |
l = snprintf(result, maxSize, "%u,%s", ea->type, ea->address); |
880 |
} |
865 |
} |
881 |
break; |
866 |
break; |
882 |
case SYN_PO_ADDRESS:{ |
867 |
case SYN_PO_ADDRESS:{ |
883 |
const NWDSChar* const* pa = (const NWDSChar* const*)val; |
868 |
const NWDSChar* const* pa = (const NWDSChar* const*)val; |
884 |
int n; |
869 |
|
885 |
size_t len=1; |
870 |
l = snprintf(result, maxSize, "%s,%s,%s,%s,%s,%s", pa[0], pa[1], pa[2], pa[3], pa[4], pa[5]); |
886 |
for (n=0;n <5;n++) |
|
|
887 |
len +=strlen(pa[n]+1); |
888 |
if (len >=maxSize) |
889 |
return NWE_BUFFER_OVERFLOW; |
890 |
sprintf(result,"%s,%s,%s,%s,%s,%s",pa[0],pa[1],pa[2],pa[3],pa[4],pa[5]); |
891 |
} |
871 |
} |
892 |
break; |
872 |
break; |
893 |
case SYN_HOLD:{ |
873 |
case SYN_HOLD:{ |
894 |
const Hold_T* h = (const Hold_T*)val; |
874 |
const Hold_T* h = (const Hold_T*)val; |
895 |
if (strlen(h->objectName)+8+1+1>=maxSize) |
875 |
|
896 |
return NWE_BUFFER_OVERFLOW; |
876 |
l = snprintf(result, maxSize, "%u,%s", h->amount, h->objectName); |
897 |
sprintf(result,"%u,%s", h->amount, h->objectName); |
|
|
898 |
} |
877 |
} |
899 |
break; |
878 |
break; |
900 |
case SYN_TIMESTAMP:{ |
879 |
case SYN_TIMESTAMP:{ |
901 |
const TimeStamp_T* stamp = (const TimeStamp_T*)val; |
880 |
const TimeStamp_T* stamp = (const TimeStamp_T*)val; |
902 |
if (maxSize <=3*9) |
881 |
|
903 |
return NWE_BUFFER_OVERFLOW; |
882 |
l = snprintf(result, maxSize, "%u,%u,%u", stamp->wholeSeconds, stamp->replicaNum, stamp->eventID); |
904 |
sprintf(result,"%u,%u,%u",stamp->wholeSeconds, stamp->replicaNum,stamp->eventID); |
|
|
905 |
} |
883 |
} |
906 |
break; |
884 |
break; |
907 |
case SYN_BACK_LINK:{ |
885 |
case SYN_BACK_LINK:{ |
908 |
const Back_Link_T* bl = (const Back_Link_T*)val; |
886 |
const Back_Link_T* bl = (const Back_Link_T*)val; |
909 |
if (strlen(bl->objectName)+8+1+1 >=maxSize) |
887 |
|
910 |
return NWE_BUFFER_OVERFLOW; |
888 |
l = snprintf(result, maxSize, "%08X,%s", bl->remoteID, bl->objectName); |
911 |
sprintf(result,"%08X,%s", bl->remoteID, bl->objectName); |
|
|
912 |
} |
889 |
} |
913 |
break; |
890 |
break; |
914 |
case SYN_CI_LIST:{ |
891 |
case SYN_CI_LIST:{ |
Lines 933-992
Link Here
|
933 |
} |
910 |
} |
934 |
*(--aux)=0; |
911 |
*(--aux)=0; |
935 |
} |
912 |
} |
936 |
break; |
913 |
return 0; |
937 |
|
914 |
|
938 |
case SYN_OCTET_LIST:{ |
915 |
case SYN_OCTET_LIST:{ |
939 |
const Octet_List_T* ol = (const Octet_List_T*)val; |
916 |
const Octet_List_T* ol = (const Octet_List_T*)val; |
940 |
size_t i; |
917 |
size_t i; |
941 |
char aux [4]; |
918 |
char *aux; |
942 |
if ((ol->length+1)*3+1 >=maxSize) |
919 |
|
|
|
920 |
if (20 + (ol->length+1)*3+1 >=maxSize) |
943 |
return NWE_BUFFER_OVERFLOW; |
921 |
return NWE_BUFFER_OVERFLOW; |
944 |
sprintf(result,"%u", ol->length); |
922 |
sprintf(result, "%u", ol->length); |
|
|
923 |
aux = result + strlen(result); |
945 |
for (i = 0; i < ol->length; i++) { |
924 |
for (i = 0; i < ol->length; i++) { |
946 |
sprintf(aux,",%02X", ol->data[i]); |
925 |
sprintf(aux, ",%02X", ol->data[i]); |
947 |
strcat(result,aux); |
926 |
aux += 3; |
948 |
} |
927 |
} |
949 |
} |
928 |
} |
950 |
break; |
929 |
return 0; |
951 |
case SYN_OCTET_STRING:{ |
930 |
case SYN_OCTET_STRING:{ |
952 |
const Octet_String_T* os = (const Octet_String_T*)val; |
931 |
const Octet_String_T* os = (const Octet_String_T*)val; |
953 |
char aux [4]; |
|
|
954 |
size_t i; |
932 |
size_t i; |
|
|
933 |
char *aux; |
955 |
#ifdef DEBUG_PRINT |
934 |
#ifdef DEBUG_PRINT |
956 |
printf ("len %d\n",os->length); |
935 |
printf ("len %d\n",os->length); |
957 |
#endif |
936 |
#endif |
958 |
if ((os->length+1)*3+1 >=maxSize) |
937 |
if (20 + (os->length+1)*3+1 >=maxSize) |
959 |
return NWE_BUFFER_OVERFLOW; |
938 |
return NWE_BUFFER_OVERFLOW; |
960 |
sprintf(result,"%u", os->length); |
939 |
sprintf(result, "%u", os->length); |
|
|
940 |
aux = result + strlen(result); |
961 |
for (i = 0; i < os->length; i++) { |
941 |
for (i = 0; i < os->length; i++) { |
962 |
sprintf(aux,",%02X", os->data[i]); |
942 |
sprintf(aux, ",%02X", os->data[i]); |
963 |
strcat(result,aux); |
943 |
aux += 3; |
964 |
} |
944 |
} |
965 |
} |
945 |
} |
966 |
break; |
946 |
return 0; |
967 |
case SYN_NET_ADDRESS:{ |
947 |
case SYN_NET_ADDRESS:{ |
968 |
const Net_Address_T* na = (const Net_Address_T*)val; |
948 |
const Net_Address_T* na = (const Net_Address_T*)val; |
969 |
size_t z; |
949 |
size_t z; |
970 |
char aux[4]; |
950 |
char *aux; |
|
|
951 |
|
971 |
z=na->addressLength; |
952 |
z=na->addressLength; |
972 |
if (3*(z+2)+1 >=maxSize) |
953 |
if (40 + 3*(z+2)+1 >=maxSize) |
973 |
return NWE_BUFFER_OVERFLOW; |
954 |
return NWE_BUFFER_OVERFLOW; |
974 |
sprintf(result,"%u,%u", na->addressType,na->addressLength); |
955 |
sprintf(result, "%u,%u", na->addressType, na->addressLength); |
|
|
956 |
aux = result + strlen(result); |
975 |
for (z = 0; z < na->addressLength; z++) { |
957 |
for (z = 0; z < na->addressLength; z++) { |
976 |
sprintf(aux,",%02X", na->address[z]); |
958 |
sprintf(aux, ",%02X", na->address[z]); |
977 |
strcat(result,aux); |
959 |
aux += 3; |
978 |
} |
960 |
} |
979 |
} |
961 |
} |
980 |
break; |
962 |
return 0; |
981 |
case SYN_OBJECT_ACL:{ |
963 |
case SYN_OBJECT_ACL:{ |
982 |
const Object_ACL_T* oacl = (const Object_ACL_T*)val; |
964 |
const Object_ACL_T* oacl = (const Object_ACL_T*)val; |
983 |
if (strlen(oacl->protectedAttrName)+strlen(oacl->subjectName)+8+2+1 >=maxSize) |
965 |
|
984 |
return NWE_BUFFER_OVERFLOW; |
966 |
l = snprintf(result, maxSize, "%s,%s,%08X", oacl->protectedAttrName, oacl->subjectName, oacl->privileges); |
985 |
sprintf(result,"%s,%s,%08X",oacl->protectedAttrName,oacl->subjectName,oacl->privileges); |
|
|
986 |
} |
967 |
} |
987 |
break; |
968 |
break; |
988 |
default: |
969 |
default: |
989 |
return EINVAL; |
970 |
return EINVAL; |
|
|
971 |
} |
972 |
if (l < 0 || (size_t)l >= maxSize) { |
973 |
return NWE_BUFFER_OVERFLOW; |
990 |
} |
974 |
} |
991 |
return 0; |
975 |
return 0; |
992 |
} |
976 |
} |