Re: Samba problems (new release available)

Cliff Green (green@UMDNJ.EDU)
Mon, 11 May 1998 13:26:34 -0400

Date:	Mon, 11 May 1998 13:26:34 -0400
From:	"Cliff Green" <green@UMDNJ.EDU>
To:	samba-technical@samba.anu.edu.au
Subject: Re: Samba problems (new release available)

--On Monday, May 11, 1998, 8:32 PM +1000 "Andrew Tridgell"
<tridge@samba.anu.edu.au> wrote:

> I have released a new version of Samba (version 1.9.18p6)
[munch]
>
> The fix I used was to write a slprintf() function that works much like
> snprintf() but always null terminates the string. This replaced
> sprintf in many places in the Samba source.
>
> slprintf() is implemented in terms of vsnprintf() if
> available. Otherwise is uses a memory area allocated with memalign
> with the last page of the memory area protected from writes using
> mprotect(). So on systems without vsnprintf() Samba will harmlessly
> segfault on a buffer overflow (this is not a DOS attack because each
> client gets their own copy of smbd)

HP's C (HPUX 10.20) doesn't have either vsnprintf or memalign. When
compiling, slprintf.c yields a warning about an int (from the undefined
memalign) being implicitly converted to a pointer (for buf) on line 48. The
real fun comes later, when linking smbd, and one gets an unsatisfied symbol
reference to memalign.

Changing line 48 from
buf = memalign(pagesize, len);
to
buf = valloc(pagesize);

seems to fix the problem; by that I mean the warning and fatal linker error
go away. However, not being an expert on memory allocation issues, I don't
know if this fixes it by breaking it. Any comments?

c

--
Cliff Green				green@umdnj.edu
Academic Computing Service	-	UMDNJ