diff options
| author | Simo Sorce <idra@samba.org> | 2009-02-20 17:56:29 -0500 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2009-02-20 18:09:29 -0500 |
| commit | 2d151b22408e78e4b556000125cfc5abe068c846 (patch) | |
| tree | f15edd35cf060a342e1bde0eb4c40cdc82d723a4 | |
| parent | 9317122ff7de070361f6a4862ccffbbcd4b13924 (diff) | |
| download | sssd-2d151b22408e78e4b556000125cfc5abe068c846.tar.gz sssd-2d151b22408e78e4b556000125cfc5abe068c846.tar.bz2 sssd-2d151b22408e78e4b556000125cfc5abe068c846.zip | |
Fix segfault bugs, and incorrect detection of ENOMEM when filling
up users.
| -rw-r--r-- | nss_client/group.c | 31 | ||||
| -rw-r--r-- | nss_client/sss_nss.h | 4 |
2 files changed, 18 insertions, 17 deletions
diff --git a/nss_client/group.c b/nss_client/group.c index df3abac2..74cc7394 100644 --- a/nss_client/group.c +++ b/nss_client/group.c @@ -76,7 +76,8 @@ struct sss_nss_gr_rep { static int sss_nss_getgr_readrep(struct sss_nss_gr_rep *pr, uint8_t *buf, size_t *len) { - size_t i, l, slen, dlen, ptmem; + size_t i, l, slen, ptmem; + ssize_t dlen; char *sbuf; uint32_t mem_num; int err; @@ -94,33 +95,33 @@ static int sss_nss_getgr_readrep(struct sss_nss_gr_rep *pr, pr->result->gr_name = &(pr->buffer[0]); i = 0; - while (i < slen && 0 < dlen) { + while (slen > i && dlen > 0) { pr->buffer[i] = sbuf[i]; if (pr->buffer[i] == '\0') break; i++; dlen--; } - if (i >= slen) { /* premature end of buf */ + if (slen <= i) { /* premature end of buf */ return EBADMSG; } - if (0 >= dlen) { /* not enough memory */ - return ENOMEM; + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ } i++; dlen--; pr->result->gr_passwd = &(pr->buffer[i]); - while (i < slen && 0 < dlen) { + while (slen > i && dlen > 0) { pr->buffer[i] = sbuf[i]; if (pr->buffer[i] == '\0') break; i++; dlen--; } - if (i >= slen) { /* premature end of buf */ + if (slen <= i) { /* premature end of buf */ return EBADMSG; } - if (0 >= dlen) { /* not enough memory */ - return ENOMEM; + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ } i++; dlen--; @@ -130,26 +131,26 @@ static int sss_nss_getgr_readrep(struct sss_nss_gr_rep *pr, ptmem = sizeof(char *) * (mem_num + 1); dlen -= ptmem; if (0 > dlen) { /* not enough mem in buffer */ - return ENOMEM; + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ } ptmem += i; pr->result->gr_mem[mem_num] = NULL; /* terminate array */ for (l = 0; l < mem_num; l++) { pr->result->gr_mem[l] = &(pr->buffer[ptmem]); - while ((i < slen) && (0 < dlen)) { + while ((slen > i) && (dlen > 0)) { pr->buffer[ptmem] = sbuf[i]; i++; - dlen --; + dlen--; if (pr->buffer[ptmem] == '\0') break; ptmem++; } if (pr->buffer[ptmem] != '\0') { - if (i > slen) { /* premature end of buf */ + if (slen <= i) { /* premature end of buf */ return EBADMSG; } - if (0 > dlen) { /* not enough memory */ - return ENOMEM; + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ } } ptmem++; diff --git a/nss_client/sss_nss.h b/nss_client/sss_nss.h index d4136810..b5a92162 100644 --- a/nss_client/sss_nss.h +++ b/nss_client/sss_nss.h @@ -127,8 +127,8 @@ struct sss_nss_req_data { const void *data; }; -/* this is in milliseconds, wait up to 30 seconds */ -#define SSS_NSS_SOCKET_TIMEOUT 30000 +/* this is in milliseconds, wait up to 300 seconds */ +#define SSS_NSS_SOCKET_TIMEOUT 300000 enum nss_status sss_nss_make_request(enum sss_nss_command cmd, |