source: npl/system/nss_ldap/patches/uid_t.patch

Last change on this file was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago

initial commit, transferred from cleaned syn3 svn tree
  • Property mode set to 100644
File size: 1.1 KB
RevLine 
[c5c522c]1Description: Fixed possible overflow in uid/gid handling
2Bug-Debian: http://bugs.debian.org/354093
3
4--- a/ldap-pwd.c
5+++ b/ldap-pwd.c
6@@ -86,10 +86,12 @@ _nss_ldap_parse_pw (LDAPMessage * e,
7   struct passwd *pw = (struct passwd *) result;
8   char *uid, *gid;
9   NSS_STATUS stat;
10-  char tmpbuf[sizeof "-4294967295"];
11+  char tmpbuf[ sizeof( uid_t ) * 8 / 3 + 2 ];
12   size_t tmplen;
13   char *tmp;
14 
15+  tmpbuf[ sizeof(tmpbuf) - 1 ] = '\0';
16+
17   if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS)
18     {
19       /* don't include password for shadowAccount */
20@@ -117,7 +119,7 @@ _nss_ldap_parse_pw (LDAPMessage * e,
21     return stat;
22 
23   tmp = tmpbuf;
24-  tmplen = sizeof (tmpbuf);
25+  tmplen = sizeof (tmpbuf) - 1;
26   stat =
27     _nss_ldap_assign_attrval (e, AT (uidNumber), &uid, &tmp, &tmplen);
28   if (stat != NSS_SUCCESS)
29@@ -133,7 +135,7 @@ _nss_ldap_parse_pw (LDAPMessage * e,
30     }
31 
32   tmp = tmpbuf;
33-  tmplen = sizeof (tmpbuf);
34+  tmplen = sizeof (tmpbuf) - 1;
35   stat =
36     _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, gidNumber), &gid, &tmp,
37                               &tmplen);
Note: See TracBrowser for help on using the repository browser.