From: Ralph Boehme <slow@samba.org>
Date: Fri, 17 Jan 2020 18:28:34 +0000 (+0100)
Subject: s3:auth: use talloc_alpha_strcpy() in auth3_session_info_create()
X-Git-Tag: ldb-2.1.1~175
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2b230321da2a74c17fdbaf478f4963eca5d769a3;p=thirdparty%2Fsamba.git

s3:auth: use talloc_alpha_strcpy() in auth3_session_info_create()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a12a631da4f..9427c05f573 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -772,7 +772,6 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
 	uint32_t num_gids = 0;
 	gid_t *gids = NULL;
 	struct dom_sid tmp_sid = { 0, };
-	fstring tmp = { 0, };
 	NTSTATUS status;
 	size_t i;
 	bool ok;
@@ -1088,9 +1087,10 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
 	}
 
 	/* This is a potentially untrusted username for use in %U */
-	alpha_strcpy(tmp, original_user_name, ". _-$", sizeof(tmp));
 	session_info->unix_info->sanitized_username =
-				talloc_strdup(session_info->unix_info, tmp);
+		talloc_alpha_strcpy(session_info->unix_info,
+				    original_user_name,
+				    SAFE_NETBIOS_CHARS "$");
 	if (session_info->unix_info->sanitized_username == NULL) {
 		TALLOC_FREE(frame);
 		return NT_STATUS_NO_MEMORY;