nsswitch:tests: Use testit_grep to get error printed if cmd fails
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Jun 12 17:30:41 UTC 2026 on atb-devel-224
kshumikhina [Wed, 3 Jun 2026 21:50:52 +0000 (01:50 +0400)]
s3: fix NULL pointer dereference in tcopy_passwd via pw_gecos
If gecos, displayName, and cn attributes are all missing from the LDAP entry,
unix_pw.pw_gecos remains NULL. This causes a crash inside tcopy_passwd due
to a NULL pointer dereference.
Fix this by falling back to an empty string, matching the behavior of
pw_dir and pw_shell.
Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org> Signed-off-by: Shumikhina Ksenia <shumikhinaka@sgu.ru> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 12 15:22:01 UTC 2026 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Jun 12 09:41:28 UTC 2026 on atb-devel-224
python: Catch UnsupportedAlgorithm in get_public_key()
cryptography.exceptions.UnsupportedAlgorithm is raised by
load_der_public_key() when the DER data references an unknown key OID,
which the test exercises with a bogus OID.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
libcli: Fix another stringop-overflow false positive
libcli/auth/netlogon_creds_cli.c: In function ‘netlogon_creds_cli_check_negotiate_caps’:
lib/replace/replace.h:850:24: error: ‘memset_explicit’ writing 16 bytes into a
region of size 8 overflows the destination [-Werror=stringop-overflow=]
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
In file included from source3/include/includes.h:23,
from source3/lib/dbwrap/dbwrap_watch.c:20:
source3/lib/dbwrap/dbwrap_watch.c: In function ‘dbwrap_watched_watch_remove_instance’:
lib/replace/replace.h:850:24: error: ‘memset_explicit’ writing 32 bytes into a
region of size 24 overflows the destination [-Werror=stringop-overflow=]
GCC 15's -Wstringop-overflow analysis of memset_explicit (via the ZERO_STRUCT
macro) tracks the pointer through the (char *) cast and misidentifies the
destination as the first member pid (24 bytes) rather than the enclosing struct
dbwrap_watcher (32 bytes). This is a GCC false positive.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 1 Jun 2026 12:05:28 +0000 (14:05 +0200)]
tsocket: Use direct struct initialization
Avoid a ZERO_STRUCTP
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Jun 11 13:19:34 UTC 2026 on atb-devel-224
Volker Lendecke [Thu, 11 Jun 2026 08:51:40 +0000 (10:51 +0200)]
lib: Convert dos_PutUniCode() to use an externally visible fn
push_string_check() is a macro calling into push_string_check_fn(),
which calls directly into push_ucs2() if STR_UNICODE is set and
STR_ASCII is not set, which is the case in this calling site.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Shachar Sharon [Sun, 7 Jun 2026 07:26:14 +0000 (10:26 +0300)]
vfs_ceph_new: use proper 'name' in unlinkat
Commit 5cab6a9be79 ("vfs_ceph_new: Enhance logging for improved
debugging and code flow visibility") improved logging by using the
modern 'smb_fname_str_dbg' function. However, it also changed unlinkat
hook to use this debug-logging function for 'name'. Revert this specific
change.
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Shweta Sodani <ssodani@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Jun 11 06:37:38 UTC 2026 on atb-devel-224
Volker Lendecke [Fri, 5 Jun 2026 10:21:42 +0000 (12:21 +0200)]
libsmb: Fix dsgetdcname in cases where IPv6 addresses might be available
Previous code stored a struct NETLOGON_SAM_LOGON_RESPONSE_EX in
gencache for later retrieval. NETLOGON_SAM_LOGON_RESPONSE_EX can not
hold IPv6 addresses, so we had to replace it with "127.0.0.1". When
retrieving this later, we were using "127.0.0.1" as the DC address
that we were returning from dsgetdcname() via
dsgetdcname_cache_fetch(). This turns out to be not the right answer.
This changes dsgetdcname() to store the full struct
netr_DsRGetDCNameInfo that can hold IPv6 addresses. We also store it
under a different cache key including all function arguments, so that
existing cache entries can not mislead us.
This patch moves all cache handling to the main routine, which to me
makes it simpler to read.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 8 19:59:49 UTC 2026 on atb-devel-224
Volker Lendecke [Tue, 2 Jun 2026 10:47:39 +0000 (12:47 +0200)]
libsmb: Simplify dsgetdcname()
Using talloc_stackframe() is a common pattern in Samba for temporary
storage. Avoid the explicit "ptr_to_free" and replace it with a more
common pattern.
Also, the information that is stored "retry_query_with_null" is
available further down, use that directly.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 5 Jun 2026 09:37:55 +0000 (11:37 +0200)]
tests: Fix some wbinfo_lookuprids_cache flakyness
If the key contains spaces, the shell qouting through "testit" does
not work properly. Avoid having to fix that quoting by replacing
spaces with '\20'.
You can force it by setting the
my $samsid = "S-1-5-21-1-32-" . int(rand(4294967295));
in selftest/target/Samba3.pm.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Jun 8 14:49:01 UTC 2026 on atb-devel-224
With claims and conditions, ACEs are no longer simple blobs, they
themselves are structures with talloc children. This means
talloc_memdup() is no longer sufficient to copy an ACE. Copy the whole
ACL via NDR.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=16095 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 8 11:47:54 UTC 2026 on atb-devel-224
shumikhinaka [Wed, 3 Jun 2026 21:31:45 +0000 (01:31 +0400)]
lib:printer_driver: Added pointer validation
If no comma is found, strchr_m will return NULL. p will be set to NULL, and
if (p) will not be executed. The variable p will remain set to NULL and will
be passed to the spoolss_driver_version_to_qword function.
If strchr_m returns NULL, the function immediately terminates and returns the
status NT_STATUS_INVALID_PARAMETER. This prevents invalid data from being
passed to subsequent functions.
Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org> Signed-off-by: Shumikhina Ksenia <shumikhinaka@sgu.ru> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jun 4 12:05:45 UTC 2026 on atb-devel-224
parse_ace() accepted strings like "ALLOWED123" as valid ACE
types because strncmp() compared only prefixes without
NULL terminators.
Switch to exact string comparison to ensure only valid
ACE type names are accepted.
Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org> Signed-off-by: Daniil Sarafannikov <sarafannikovda@sgu.ru> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Wed Jun 3 08:26:04 UTC 2026 on atb-devel-224
printer_driver: fix incorrect processing of empty string
get_string_token() accessed s[strlen(s) - 1] without checking
for empty strings. If a configuration value is present but empty,
this results in an out-of-bound read.
Add explicit empty string check before accessing last character.
Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org> Signed-off-by: Daniil Sarafannikov <sarafannikovda@sgu.ru> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
generate_random_str_list_buf() fills the buffer with random bytes
using generate_secret_buffer(), but later uses the values as
char (possibly signed) when calculating the index into the
character list.
On platforms where char is signed, this may result in a negative
index and out-of-bounds read.
Cast buffer values to uint8_t before calculating modulo to ensure
the index is non-negative.
Pair-Programmed-With: Dmitry Mikhalchenko <tascad@altlinux.org> Signed-off-by: Daniil Sarafannikov <sarafannikovda@sgu.ru> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Gary Lockyer [Thu, 9 Apr 2026 01:22:58 +0000 (13:22 +1200)]
s4:dsdb: count_attrs fix cast-align warning
data.dptr is allocated by malloc, so dptr will be correctly aligned.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Fri May 29 04:15:56 UTC 2026 on atb-devel-224
Gary Lockyer [Wed, 8 Apr 2026 22:33:39 +0000 (10:33 +1200)]
s4:lib:messaging:handlers fix cast-align warning
Have added asserts to check the alignment, as do_inject_build and do_sleep are
only enabled in developer and selftest builds.
The pointers sig_p and seconds_p where added for code readability, you can
dereference the result of discard_align_p directly i.e.
int sig = *discard_align_p(int, data->data);
but that's not immediately obvious
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Douglas Bagnall [Wed, 27 May 2026 22:38:52 +0000 (10:38 +1200)]
bootstrap: we don't use python3-requests
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 28 18:42:21 UTC 2026 on atb-devel-224
Douglas Bagnall [Wed, 27 May 2026 22:37:34 +0000 (10:37 +1200)]
tests:gpo: drop unused mock requests module
Since 4c2db6489be1364a8ce2841f7eedcd976fa1463b (for CVE-2026-3012)
gp_cert_auto_enroll_ext does not use the requests module, so for the
test we no longer need to intercept it using monkey patching.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Gary Lockyer [Wed, 15 Apr 2026 01:32:11 +0000 (13:32 +1200)]
s3:libsmb:cliquota fix tautological-compare
The wrapping of pointer arithmetic is undefined behaviour. Clang from version 20
onwards will treat an overflow check of the following form:
ptr + offset < ptr
as always evaluating to false
Gary Lockyer [Wed, 15 Apr 2026 00:35:24 +0000 (12:35 +1200)]
s3:utils:clirap2 fix tautological-compare
The wrapping of pointer arithmetic is undefined behaviour. Clang from version 20
onwards will treat an overflow check of the following form:
ptr + offset < ptr
as always evaluating to false
Gary Lockyer [Wed, 15 Apr 2026 00:33:08 +0000 (12:33 +1200)]
s3/torture/test_smb1_dfs fix tautological-compare
The wrapping of pointer arithmetic is undefined behaviour. Clang from version 20
onwards will treat an overflow check of the following form:
ptr + offset < ptr
as always evaluating to false.
Gary Lockyer [Tue, 14 Apr 2026 23:13:16 +0000 (11:13 +1200)]
libcli:auth:msrpc_parse fix tautological-compare
The wrapping of pointer arithmetic is undefined behaviour. Clang from version 20
onwards will treat an overflow check of the following form:
ptr + offset < ptr
as always evaluating to false
Gary Lockyer [Tue, 14 Apr 2026 22:58:15 +0000 (10:58 +1200)]
s3:libsmb:clilist fix tautological-compare
The wrapping of pointer arithmetic is undefined behaviour. Clang from version 20
onwards will treat an overflow check of the following form:
ptr + offset < ptr
as always evaluating to false.
Gary Lockyer [Tue, 26 May 2026 23:00:30 +0000 (11:00 +1200)]
lib:util add pointer overflow checks
The wrapping of pointer arithmetic is undefined behaviour. Clang from version
20 onwards will treat checks like:
ptr + offset < ptr
As always evaluating to true.
This commit adds the macros:
offset_outside_range
ptr_overflow
Douglas Bagnall [Fri, 13 Mar 2026 02:16:09 +0000 (15:16 +1300)]
ndr:witness: ensure notifyResponse messages have size
If the type is message unknown, we look to read messages as data blobs
but if there is no data remaining, the blob is empty and the ndr
offset does not advance. This result in a potentially very long loop
from a tiny packet, expanding into many empty blobs.
With this we require that a message absorbs at least some NDR bytes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Thu May 28 00:33:53 UTC 2026 on atb-devel-224
Björn Jacke [Fri, 10 Apr 2026 15:38:16 +0000 (17:38 +0200)]
bootstrap: add support for Ubuntu 26.04 (resolute)
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed May 27 12:28:36 UTC 2026 on atb-devel-224
s4:dsdb: let samaccountname_bad_chars_check() use strstr_for_invalid_account_characters()
We don't need this logic twice...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed May 27 09:42:29 UTC 2026 on atb-devel-224
Actual implementation clears existing registry configuration when
no section is specified and then re-imports configuration from the
provided smb.conf format input file.
Update the documentation to reflect the current implementation
behavior.
Signed-off-by: Himanshu Mishra <hmishra@ddn.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue May 26 17:01:18 UTC 2026 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 26 13:54:03 UTC 2026 on atb-devel-224
CVE-2026-4480: s3:printing: mask and/or single quote jobname passed as %J to "print command"
Fix an unauthenticated remote code execution vulnerability with
printing set to anything *but* cups and iprint, for example "lprng",
so that "print command" is executed upon job submission. If the
client-controlled job name is handed to the "print command" via %J,
rpcd_spoolssd passes this to the shell without escaping critical
characters.
Using single quotes (directly) around %J, '%J' would avoid the
problem, we now try to autodetect if we can use '%J' implicitly
or we fallback to a fixed "__CVE-2026-4480_FallbackJobname__"
string instead of the client provided jobname.
This is the basic helper function for the security problems.
talloc_string_sub_mixed_quoting() checks for strange quoting
in smb.conf options.
And talloc_string_sub_unsafe() tries to autodetect how the unsafe
(client controlled value) and masked and single quote it,
as a fallback for strange quoting a fixed fallback string
is used and the caller should warn the admin and give
hints how to fix the configuration.
CVE-2026-4480/CVE-2026-4408: s3:lib: let realloc_string_sub2() use realloc_string_sub_raw()
We don't need this logic more than once!
But we leave the strange calling convention of
realloc_string_sub2(), where the caller it
not allowed to use the passed pointer when
NULL is returned...
Douglas Bagnall [Fri, 27 Feb 2026 01:46:04 +0000 (14:46 +1300)]
CVE-2026-3012: gpo tests should use real certificates
Or at least, more real than a short arbitrary byte string, so that
the certificates can be parsed.
This shows that certificate enrolment works via LDAP in the situations
where we would have fetched them via HTTP.
This does not fix the advanced_gp_cert_auto_enroll_ext test which
wants to install certificates it has no access too. This will not be
fixed in the security release.
Douglas Bagnall [Thu, 26 Feb 2026 01:21:01 +0000 (14:21 +1300)]
CVE-2026-3012: gp_auto_enrol: skip CAs not found in LDAP
If a certificate is mentioned in a GPO but is not present as a
cACertificate attribute on a pKIEnrollmentService object, we have no way
of obtaining it, so we might as well forget it.
Douglas Bagnall [Sun, 22 Feb 2026 22:01:57 +0000 (11:01 +1300)]
CVE-2026-3012: do not fetch certificate over http
In the case where a certificate was found via HTTP, it was trusted
without verification and put in the global CA store.
There is no means to check the certificate other than by comparing it
to certificates we may have gathered via LDAP, but in that case there
is no advantage over just using the LDAP-derived certificates.
Using the LDAP certificates was already the fallback case if HTTP
failed, so we just make it the default.
The HTTP fetch depends on the NDES service, which is a variant of
Simple Certificate Enrolment Protocol (SCEP, RFC8894), but in fact
Samba implements none of that protocol other than the HTTP fetch. SCEP
is for clients that are not true domain members. Domain members can
access to certificates over LDAP. This patch is not reducing SCEP
client support because Samba never had it.
Reported-by: Arad Inbar, DREAM Security Research Team Reported-by: Nir Somech, DREAM Security Research Team Reported-by: Ben Grinberg, DREAM Security Research Team Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Douglas Bagnall [Thu, 26 Feb 2026 22:30:40 +0000 (11:30 +1300)]
CVE-2026-3012: gpo tests: fix test cleanup
These tests are going to fail soon but as currently written they do
not clean up after themselves, erroring instead of failing and causing
cascading errors in subsequent tests. For now we don't care to make
the other tests less fragile.
Pavel Kohout [Fri, 13 Feb 2026 02:51:41 +0000 (15:51 +1300)]
CVE-2026-2340: vfs_worm: Check destination WORM status in rename
vfs_worm_renameat() only checked if the source file was WORM-protected,
but not the destination. This allowed overwriting immutable files via
SMB2 rename with ReplaceIfExists=1, bypassing WORM protection.
Add destination check using FSTATAT on the destination dirfsp, as
suggested by the maintainer.
CWE-284 (Improper Access Control)
Reported-by: Pavel Kohout, Aisle Research, www.aisle.com
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15997
Signed-off-by: Pavel Kohout <pavel.kohout@aisle.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
CVE-2026-1933: smbd: Add access checks to reparse point operations
On a share marked "read only = yes" and on file handles opened R/O
users can set or delete the reparse point xattrs on files that the
user has write-access in the file system for. Add the required access
checks.
Thanks to Asim Viladi Oglu Manizada for reporting the issue.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 21 18:27:37 UTC 2026 on atb-devel-224
C26: add explicit casts where const must be stripped for mutation
For cases where code intentionally writes through a pointer returned by
strchr/strrchr/strstr, add explicit discard_const_p casts or adjust variable
types to non-const to make the mutability intent clear.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
C26: refactor to avoid modifying data via const pointer
Refactor code that assigns to a struct member, then calls strchr/strrchr on it
for in-place modification. Use a local mutable variable for modification, then
assign the final result to the struct member.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Use C99 static array size in function parameters (e.g. uint8_t buf[static 516])
to document minimum array size requirements and enable compiler diagnostics.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
C26: use strchr_m/strrchr_m/strstr_m for multibyte-safe search
Replace strchr/strrchr/strstr with their multibyte-aware
Samba equivalents where appropriate. These wrappers return
char * regardless of input constness.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
charset: make strchr_m/strrchr_m/strstr_m const-correct via C11 _Generic
Since glibc-2.43 and C23, strchr/strrchr/strstr use _Generic macros to
return const char * when given const char * input. This caused build
failures in strchr_m and strrchr_m whose fast-path returns passed the
const char * result through as char *:
lib/util/charset/util_str.c:370: error: return discards 'const'
qualifier from pointer target type [-Werror=discarded-qualifiers]
Rather than wrapping the returns in discard_const_p (which the project
discourages adding more of), fix the API properly: rename the
implementations to strchr_m_const/strrchr_m_const/strstr_m_const
returning const char *, and expose C11 _Generic macros under the
original names. The macros preserve the caller's const qualification:
char * input yields char *, const char * input yields const char *.
This matches C23 strchr semantics and requires no changes at call sites.
libcli:auth: fix BURN_DATA_SIZE on array-decayed pointer parameter
_encode_pwd_buffer_from_str() declares `buf` as uint8_t buf[N],
which decays to a pointer. BURN_DATA_SIZE(buf, N) expands to
memset_explicit(&buf, 0, N), taking the address of the pointer
variable (8 bytes) rather than the buffer itself, triggering a
GCC -Wstringop-overflow error.
projects / thirdparty / samba.git / log
