From d87b5a9723f25daa98cba6277be57fa71456057e Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Thu, 27 Jun 2024 15:40:16 +1200 Subject: [PATCH] cmdline:burn: handle arguments separated from their --options We weren't treating "--password secret" the same as "--password=secret", which sometimes led to secrets not being redacted. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674 Signed-off-by: Douglas Bagnall Reviewed-by: Jo Sutton (cherry picked from commit 53a1184525279741e116350a9b53da15cb2f41d0) --- lib/cmdline/cmdline.c | 27 ++++++++++++++++++++++++++- selftest/knownfail.d/cmdline | 1 - 2 files changed, 26 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/cmdline diff --git a/lib/cmdline/cmdline.c b/lib/cmdline/cmdline.c index 3e0545e7b89..48801be2606 100644 --- a/lib/cmdline/cmdline.c +++ b/lib/cmdline/cmdline.c @@ -180,7 +180,32 @@ bool samba_cmdline_burn(int argc, char *argv[]) char *q = NULL; if (strlen(p) == ulen) { - continue; + /* + * The option string has no '=', so + * its argument will come in the NEXT + * argv member. If there is one, we + * can just step forward and take it, + * setting ulen to 0. + * + * {"--password=secret"} --> {"--password"} + * {"--password", "secret"} --> {"--password", ""} + * {"-Uadmin%secret"} --> {"-Uadmin"} + * {"-U", "admin%secret"} --> {"-U", "admin"} + */ + i++; + if (i == argc) { + /* + * this looks like an invalid + * command line, but that's + * for the caller to decide. + */ + return burnt; + } + p = argv[i]; + if (p == NULL) { + return false; + } + ulen = 0; } if (is_user) { diff --git a/selftest/knownfail.d/cmdline b/selftest/knownfail.d/cmdline deleted file mode 100644 index c9e4a86609c..00000000000 --- a/selftest/knownfail.d/cmdline +++ /dev/null @@ -1 +0,0 @@ -^samba.unittests.cmdline.torture_cmdline_burn.none.$ -- 2.47.3