>Number:         37137
>Category:       bin
>Synopsis:       mount_smbfs barfs incorrectly on long usernames (patch included)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 16 09:50:00 +0000 2007
>Originator:     Bernhard Moellemann
>Release:        NetBSD 4.0_RC1 and NetBSD-current
>Organization:
Home sweet Home
>Environment:
NetBSD borg 4.0_RC1 NetBSD 4.0_RC1 (GENERIC_LAPTOP) #0: Fri Sep 7 14:53:
37 CEST 2007 root@arcanic:/mnt/top/src/src-4.0/obj/sys/arch/i386/compile/GENERIC
_LAPTOP i386
Architecture: i386
Machine: i386

>Description:
mount_smbfs does not accept long user names like "BernhardMoellemann"
which are perfectly legal und not unusual in corporate environments.

Windows and smbclient from pgksrc accept the username.

This is due to a mismatched strlen()-check in src/dist/smbfs/lib/smb/ctx.c
It checks the length of the username against the size of the servername.

>How-To-Repeat:
borg # mount_smbfs -W GRP '//BernhardMoellemann@server12345/Gruppen1234' /share

gives

mount_smbfs: user name 'BernhardMoellemann' too long


>Fix:

Change src/dist/smbfs/lib/smb/ctx.c with this patch

--- /mnt/top/src/src/dist/smbfs/lib/smb/ctx.c   2006-05-02 12:09:18.000000000 +0200
+++ /mnt/top/src/src-4.0/dist/smbfs/lib/smb/ctx.c       2007-10-16 10:42:43.000000000 +0200
@@ -312,7 +312,7 @@
 int
 smb_ctx_setuser(struct smb_ctx *ctx, const char *name)
 {
-       if (strlen(name) >= sizeof(ctx->ct_ssn.ioc_srvname)) {
+       if (strlen(name) >= sizeof(ctx->ct_ssn.ioc_user)) {
                smb_error("user name '%s' too long", 0, name);
                return ENAMETOOLONG;
        }


-- 
    Bernhard Möllemann  //
                      \X/