Bug 941 - String overflow by one, when using long workgroup or netbios names
String overflow by one, when using long workgroup or netbios names
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: Domain Control
3.0.1
All FreeBSD
: P3 major
: none
Assigned To: Gerald (Jerry) Carter
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-01-04 15:33 UTC by Carsten Menke
Modified: 2005-11-14 09:27 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carsten Menke 2004-01-04 15:33:26 UTC
It is not possible to use long netbios or workgroup names (> 15)
in Samba3 In the network neighborhood you see then the domain stripped down to
15 characters and the log.nmbd file shows this error:

ERROR: string overflow by 1 (17 - 16) in safe_strcpy

Even worse is the situation, when you have long netbios names for the machine
running Samba, then Samba does not even show up in the network neighborhood and
is not searchable by name.

I've tested this with different protocol level all from core and NT1 only, same
result. The config options below are an example of a long netbios name and a
long workgroup name which definitley not works.

##### Config #####
[global]
        display charset = UTF-8
        workgroup = COMPANYTEST.INTRA
        netbios name = COMPANYTEST-HAUPTSERVER-SUED
        smb passwd file = /etc/samba/private/passdb.tdb
        passdb backend = tdbsam
        min protocol = NT1
        time server = Yes
        os level = 64
        preferred master = Yes
        domain master = Yes
        domain logons = Yes
        wins support = Yes
        ldap ssl = no

[ALL]
        path = /Daten
        read only = No
        guest ok = Yes
Comment 1 Gerald (Jerry) Carter 2004-01-05 07:29:47 UTC
netbios names are limited to 15 characters + 1 resource 
byte.  This is in line with the netbios specs.  What is 
the problem here?
Comment 2 Carsten Menke 2004-01-05 15:25:44 UTC
OK, I asked our MCSE, he told me that it is possible to have longer names on a
Windows 2000 Domain Controler.

But I will check this again
Comment 3 Carsten Menke 2004-01-06 05:13:56 UTC
Anyway, if the specs specify that Netbios Names are 15 + 1 rescource byte, than
testparm should complain about longer names, than this.

I will investigate in this again.
Comment 4 Gerald (Jerry) Carter 2004-03-16 11:50:50 UTC
Jeremy has fixed issue in the netbios names.
This should be addressed in the current 3.0 cvs code.
Comment 5 Gerald (Jerry) Carter 2005-08-24 10:17:48 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 6 Gerald (Jerry) Carter 2005-11-14 09:27:59 UTC
database cleanup