The Samba-Bugzilla – Attachment 4119 Details for
Bug 6317
include cycles trigger infinte loop and segfault
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
updated patch
prevent-inifinet-include-loops-and-segfault.v3-3-test.patch (text/plain), 2.00 KB, created by
Michael Adam
on 2009-05-05 09:39:04 UTC
(
hide
)
Description:
updated patch
Filename:
MIME Type:
Creator:
Michael Adam
Created:
2009-05-05 09:39:04 UTC
Size:
2.00 KB
patch
obsolete
>From b11b31495b7204fa954427344149f5b5d150abd6 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Mon, 27 Apr 2009 18:10:14 +0200 >Subject: [PATCH] s3:loadparm: prevent infinite include nesting. > >This introduces a hard coded MAX_INCLUDE_DEPTH of 100. >When this is exceeded, handle_include (and hence lp_load) fails. > >One could of course implement a more intelligent loop detection >in the include-tree, but this would require some restructuring >of the internal loadparm housekeeping. Maybe as a second improvement >step. > >Michael >--- > source/param/loadparm.c | 21 +++++++++++++++++++-- > 1 files changed, 19 insertions(+), 2 deletions(-) > >diff --git a/source/param/loadparm.c b/source/param/loadparm.c >index d402087..72220c6 100644 >--- a/source/param/loadparm.c >+++ b/source/param/loadparm.c >@@ -6689,6 +6689,10 @@ done: > return ret; > } > >+#define MAX_INCLUDE_DEPTH 100 >+ >+static uint8_t include_depth; >+ > static struct file_lists { > struct file_lists *next; > char *name; >@@ -6876,12 +6880,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) > { > char *fname; > >+ if (include_depth >= MAX_INCLUDE_DEPTH) { >+ DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n", >+ include_depth)); >+ return false; >+ } >+ > if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) { > if (!bAllowIncludeRegistry) { > return true; > } > if (bInGlobalSection) { >- return process_registry_globals(); >+ bool ret; >+ include_depth++; >+ ret = process_registry_globals(); >+ include_depth--; >+ return ret; > } else { > DEBUG(1, ("\"include = registry\" only effective " > "in %s section\n", GLOBAL_NAME)); >@@ -6898,7 +6912,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) > string_set(ptr, fname); > > if (file_exist(fname, NULL)) { >- bool ret = pm_process(fname, do_section, do_parameter, NULL); >+ bool ret; >+ include_depth++; >+ ret = pm_process(fname, do_section, do_parameter, NULL); >+ include_depth--; > SAFE_FREE(fname); > return ret; > } >-- >1.6.0.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 6317
:
4118
| 4119