Update ja-samba package to 2.2.7.1.1.1nb1.

Manually merge changes between samba 2.2.7a and samba 2.2.7b,
addressing both CAN-2003-0201 and CAN-2003-0085 by The Common
Vulnerabilities and Exposures (CVE) project.

8 files changed, 105 insertions, 10 deletions

diff --git a/net/ja-samba/MESSAGE.security b/net/ja-samba/MESSAGE.security
index 21b2ab974ea..ec5b1e4bc4d 100644
--- a/net/ja-samba/MESSAGE.security
+++ b/net/ja-samba/MESSAGE.security
@@ -1,9 +1,9 @@
 ===========================================================================
-$NetBSD: MESSAGE.security,v 1.1 2003/03/29 08:18:44 taca Exp $
+$NetBSD: MESSAGE.security,v 1.2 2003/04/07 18:10:07 taca Exp $
 
                   *===* ADDITIONAL SECURITY NOTES *===*
 
-ja-samba-2.2.7.1.1.1 already contains fixes for two security problems
-which are solved by samba 2.2.8.
+${PKGNAME} already contains fixes for two security problems
+which are solved by samba 2.2.8 and samba 2.2.8a.
 
 ===========================================================================
diff --git a/net/ja-samba/MESSAGE.smbpasswd b/net/ja-samba/MESSAGE.smbpasswd
index 4b38ef62d53..c0a29caf606 100644
--- a/net/ja-samba/MESSAGE.smbpasswd
+++ b/net/ja-samba/MESSAGE.smbpasswd
@@ -1,5 +1,5 @@
 ===========================================================================
-$NetBSD: MESSAGE.smbpasswd,v 1.1.1.1 2002/06/25 15:31:34 taca Exp $
+$NetBSD: MESSAGE.smbpasswd,v 1.2 2003/04/07 18:10:07 taca Exp $
 
                       *===* SECURITY NOTES *===*
 
@@ -12,8 +12,8 @@ These encrypted passwords are _PASSWORD_EQUIVALENT_ from the viewpoint of
 the SMB protocol.  Do _NOT_ weaken the permissions of this file unless
 there is a very good reason.
 
-Please note that even if you pkg_delete ${PKGNAME}, the smbpasswd file
-will remain on the system.  If you don't intend to use this package
-anymore, then it is _STRONGLY_ recommended that you remove the smbpasswd
-file manually.
+Please note that even if you pkg_delete ${PKGNAME},
+the smbpasswd file will remain on the system.  If you don't intend to use
+this package anymore, then it is _STRONGLY_ recommended that you remove
+the smbpasswd file manually.
 ===========================================================================
diff --git a/net/ja-samba/Makefile b/net/ja-samba/Makefile
index e72fd1cf38a..f47f642e64c 100644
--- a/net/ja-samba/Makefile
+++ b/net/ja-samba/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.10 2003/03/29 08:18:45 taca Exp $
+# $NetBSD: Makefile,v 1.11 2003/04/07 18:10:07 taca Exp $
 
 .include "Makefile.common"
 
 PKGNAME=		ja-samba-${SAMBA_BASE_VERS:S/a/.1/}.${SAMBA_JA_VERS}
+PKGREVISION=		1
 CATEGORIES=		net
 
 MAINTAINER=		tech-pkg-ja@jp.netbsd.org
diff --git a/net/ja-samba/distinfo b/net/ja-samba/distinfo
index 2a195955ab3..798cb8a188b 100644
--- a/net/ja-samba/distinfo
+++ b/net/ja-samba/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.6 2003/03/31 16:33:22 taca Exp $
+$NetBSD: distinfo,v 1.7 2003/04/07 18:10:07 taca Exp $
 
 SHA1 (samba-2.2.7a-ja-1.1.tar.bz2) = 7555ad9055a5c2e19f7506138713ade174d26816
 Size (samba-2.2.7a-ja-1.1.tar.bz2) = 7307743 bytes
@@ -14,3 +14,7 @@ SHA1 (patch-an) = 55c7f9785c19d84b8ad74bbf0827162b156e2327
 SHA1 (patch-ao) = cc0b3d73d0c7de4cd46e66b0d66b2c3bbaddeb41
 SHA1 (patch-ap) = 199e2f8e5f2a5ac5aace21e6ada1fd8887a19059
 SHA1 (patch-aq) = e5b442fb7eb837bb2771ac71c73e6f95ae6fdfc2
+SHA1 (patch-ar) = 1974317b2be6689df6d0ad06138fa5a28dfaf99f
+SHA1 (patch-as) = 3aa4e0d7f254d2302940b4b6540b4e1b96582b2b
+SHA1 (patch-at) = 1b4215e00c243eb21d009ef13896371eecacf5c3
+SHA1 (patch-au) = ad02a1175a5aeb2e6a8f65b280df0e550d557970
diff --git a/net/ja-samba/patches/patch-ar b/net/ja-samba/patches/patch-ar
new file mode 100644
index 00000000000..98c7939405b
--- /dev/null
+++ b/net/ja-samba/patches/patch-ar
@@ -0,0 +1,40 @@
+$NetBSD: patch-ar,v 1.1 2003/04/07 18:10:08 taca Exp $
+
+--- smbd/ipc.c.orig	2003-03-17 13:17:56.000000000 +0900
++++ smbd/ipc.c
+@@ -398,7 +398,7 @@ int reply_trans(connection_struct *conn,
+   
+ 	if (tdscnt)  {
+ 		if((data = (char *)malloc(tdscnt)) == NULL) {
+-			DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt));
++			DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt));
+ 			END_PROFILE(SMBtrans);
+ 			return(ERROR_DOS(ERRDOS,ERRnomem));
+ 		} 
+@@ -412,7 +412,7 @@ int reply_trans(connection_struct *conn,
+ 
+ 	if (tpscnt) {
+ 		if((params = (char *)malloc(tpscnt)) == NULL) {
+-			DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt));
++			DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt));
+ 			SAFE_FREE(data);
+ 			END_PROFILE(SMBtrans);
+ 			return(ERROR_DOS(ERRDOS,ERRnomem));
+@@ -428,7 +428,7 @@ int reply_trans(connection_struct *conn,
+ 	if (suwcnt) {
+ 		int i;
+ 		if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) {
+-			DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16))));
++			DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16))));
+ 			SAFE_FREE(data);
+ 			SAFE_FREE(params);
+ 			END_PROFILE(SMBtrans);
+@@ -524,7 +524,7 @@ int reply_trans(connection_struct *conn,
+ 	}
+ 	
+ 	
+-	DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n",
++	DEBUG(3,("trans <%s> data=%u params=%u setup=%u\n",
+ 		 name,tdscnt,tpscnt,suwcnt));
+ 	
+ 	/*
diff --git a/net/ja-samba/patches/patch-as b/net/ja-samba/patches/patch-as
new file mode 100644
index 00000000000..5c013e8c37c
--- /dev/null
+++ b/net/ja-samba/patches/patch-as
@@ -0,0 +1,13 @@
+$NetBSD: patch-as,v 1.1 2003/04/07 18:10:08 taca Exp $
+
+--- smbd/password.c.orig	2002-11-21 22:05:51.000000000 +0900
++++ smbd/password.c
+@@ -816,7 +816,7 @@ and given password ok\n", user));
+ 		if (!ok && lp_username(snum)) {
+ 			char *auser;
+ 			pstring user_list;
+-			StrnCpy(user_list,lp_username(snum),sizeof(pstring));
++			StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1);
+ 
+ 			pstring_sub(user_list,"%S",lp_servicename(snum), True);
+ 	  
diff --git a/net/ja-samba/patches/patch-at b/net/ja-samba/patches/patch-at
new file mode 100644
index 00000000000..8d1c65444aa
--- /dev/null
+++ b/net/ja-samba/patches/patch-at
@@ -0,0 +1,24 @@
+$NetBSD: patch-at,v 1.1 2003/04/07 18:10:08 taca Exp $
+
+--- smbd/reply.c.orig	2003-02-05 15:15:15.000000000 +0900
++++ smbd/reply.c
+@@ -1490,6 +1490,9 @@ int reply_search(connection_struct *conn
+ 
+         for (i=numentries;(i<maxentries) && !finished;i++)
+         {
++	  /* check to make sure we have room in the buffer */
++	  if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE )
++	  	break;
+           finished = 
+             !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
+           if (!finished)
+@@ -3603,6 +3606,9 @@ int reply_printqueue(connection_struct *
+     
+ 
+ 		for (i=first;i<first+num_to_get;i++) {
++			/* check to make sure we have room in the buffer */
++			if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE )
++				break;
+ 			put_dos_date2(p,0,queue[i].time);
+ 			SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
+ 			SSVAL(p,5, queue[i].job);
diff --git a/net/ja-samba/patches/patch-au b/net/ja-samba/patches/patch-au
new file mode 100644
index 00000000000..af9799bc677
--- /dev/null
+++ b/net/ja-samba/patches/patch-au
@@ -0,0 +1,13 @@
+$NetBSD: patch-au,v 1.1 2003/04/07 18:10:08 taca Exp $
+
+--- smbd/statcache.c.orig	2001-11-09 18:27:43.000000000 +0900
++++ smbd/statcache.c
+@@ -88,7 +88,7 @@ void stat_cache_add( char *full_orig_nam
+    * StrnCpy always null terminates.
+    */
+ 
+-  StrnCpy(orig_name, full_orig_name, namelen);
++  StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1));
+   if(!case_sensitive)
+     strupper( orig_name );
+