The Samba-Bugzilla – Bug 2028
Flood of string overflow messages while downloading printer driver
Last modified: 2005-08-24 10:17:16 UTC
The problem came from get_a_printer_2(...) and *construct_nt_devicemode(...)
functions in ../printing/nt_printing.c. Specifically, the size of "char
adevice" which is based on MAXDEVICENAME (size= 32) is too small. My
understanding of the code is that the "adevice" variable is used to temporary
storing printername which is of "fstring" type. Since "fstring" type is
typically of size 256 and proven to possibably contain more then 32 characters
based on the printer, flood of level 0 log message can easily produced from
Increase MAXDEVICENAME size perhaps?
[2004/11/11 11:26:26, 0] lib/util_str.c:safe_strcpy_fn(598)
ERROR: string overflow by 1 (32 - 31) in safe_strcpy [\\hpxxxxx\HP Color
LaserJet 4500 PCL 6]
[Hundreds more just like this one]
MAXDEVICENAME is fixed size from MS's API. I'll fix this
tomorrow. Been meaning to anyway.
And jra gets mailed about all these anyways not no need for the CC.
Created attachment 768 [details]
use slprintf() instead of safe_strcpy() to avoid annoying log messages
about to check fix in for 3.0.9.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.