diff options
author | Michael Adam <obnox@samba.org> | 2009-04-27 18:10:14 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2009-04-28 17:53:36 +0200 |
commit | ea99b6854632c66bef81500e4d6c388351802d48 (patch) | |
tree | a12d8d675d873e0989b17b0c9259d2ba58857292 | |
parent | bec6191ffa9ed1d860001689b8f46bd785ed932b (diff) | |
download | samba-ea99b6854632c66bef81500e4d6c388351802d48.tar.gz |
s3:loadparm: prevent infinite include nesting.
This introduces a hard coded MAX_INCLUDE_DEPTH of 100.
When this is exceeded, handle_include (and hence lp_load) fails.
One could of course implement a more intelligent loop detection
in the include-tree, but this would require some restructuring
of the internal loadparm housekeeping. Maybe as a second improvement
step.
Michael
(cherry picked from commit d5f2bbdc489b751331e86afae58b0d80c5fedb9c)
(cherry picked from commit bfd10fd322fe1721b8b45256cd988ed83b18a8a6)
-rw-r--r-- | source3/param/loadparm.c | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c7bb47de604..68a6ca20300 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -6874,6 +6874,10 @@ done: return ret; } +#define MAX_INCLUDE_DEPTH 100 + +static uint8_t include_depth; + static struct file_lists { struct file_lists *next; char *name; @@ -7061,12 +7065,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) { char *fname; + if (include_depth >= MAX_INCLUDE_DEPTH) { + DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n", + include_depth)); + return false; + } + if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) { if (!bAllowIncludeRegistry) { return true; } if (bInGlobalSection) { - return process_registry_globals(); + bool ret; + include_depth++; + ret = process_registry_globals(); + include_depth--; + return ret; } else { DEBUG(1, ("\"include = registry\" only effective " "in %s section\n", GLOBAL_NAME)); @@ -7083,7 +7097,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) string_set(ptr, fname); if (file_exist(fname)) { - bool ret = pm_process(fname, do_section, do_parameter, NULL); + bool ret; + include_depth++; + ret = pm_process(fname, do_section, do_parameter, NULL); + include_depth--; SAFE_FREE(fname); return ret; } |