static int cmd_symlink(void)
{
TALLOC_CTX *ctx = talloc_tos();
char *oldname = NULL;
char *newname = NULL;
char *buf = NULL;
char *buf2 = NULL;
char *targetname = NULL;
struct cli_state *targetcli;
101 static char *
102 get_unicode_name(const char *name, int size, int big_endian)
103 {
104 int i, increment;
105 char *newname, *ret;
106
107 if((name == NULL) || (*name == '\0') || (size <= 0))
108 return NULL;
109
110 newname = (char *)cli_malloc(size * 7);
157 if((fd1 = open(fname, O_RDONLY)) == -1) {
158 mprintf("!utf16decode: Can't open file %s\n", fname);
159 return -1;
160 }
161
162 newname = malloc(strlen(fname) + 7);
163 sprintf(newname, "%s.ascii", fname);
164
165 if((fd2 = open(newname, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
166 mprintf("!utf16decode: Can't create file %s\n", newname);
CVE-2006-6942
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary HTML or web script via (1) a comment
for a table name, as exploited through (a) db_operations.php,
(2) the db parameter to (b) db_create.php, (3) the newname parameter
to db_operations.php, the (4) query_history_latest,
(5) query_history_latest_db, and (6) querydisplay_tab parameters to
(c) querywindow.php, and (7) the pos parameter to (d) sql.php.
This issue affects only the oldstable distribution (Sarge).
CVE-2006-6942
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary HTML or web script via (1) a comment
for a table name, as exploited through (a) db_operations.php,
(2) the db parameter to (b) db_create.php, (3) the newname parameter
to db_operations.php, the (4) query_history_latest,
(5) query_history_latest_db, and (6) querydisplay_tab parameters to
(c) querywindow.php, and (7) the pos parameter to (d) sql.php.
This issue affects only the oldstable distribution (Sarge).
