From 2b230321da2a74c17fdbaf478f4963eca5d769a3 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Fri, 17 Jan 2020 19:28:34 +0100
Subject: [PATCH] s3:auth: use talloc_alpha_strcpy() in
 auth3_session_info_create()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 source3/auth/auth_util.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a12a631da4f..9427c05f573 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -772,7 +772,6 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
 	uint32_t num_gids = 0;
 	gid_t *gids = NULL;
 	struct dom_sid tmp_sid = { 0, };
-	fstring tmp = { 0, };
 	NTSTATUS status;
 	size_t i;
 	bool ok;
@@ -1088,9 +1087,10 @@ NTSTATUS auth3_session_info_create(TALLOC_CTX *mem_ctx,
 	}
 
 	/* This is a potentially untrusted username for use in %U */
-	alpha_strcpy(tmp, original_user_name, ". _-$", sizeof(tmp));
 	session_info->unix_info->sanitized_username =
-				talloc_strdup(session_info->unix_info, tmp);
+		talloc_alpha_strcpy(session_info->unix_info,
+				    original_user_name,
+				    SAFE_NETBIOS_CHARS "$");
 	if (session_info->unix_info->sanitized_username == NULL) {
 		TALLOC_FREE(frame);
 		return NT_STATUS_NO_MEMORY;
-- 
2.47.2