diff options
| author | Lukas Slebodnik <lslebodn@redhat.com> | 2013-08-19 07:24:46 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-09-03 16:23:33 +0200 |
| commit | b77cf09d36615127b682bc886d3c3ca92f5ce698 (patch) | |
| tree | 230bb10ebfe0cf27a4d2be8cd94e575748fe4da1 | |
| parent | cccbd818312fb50575df0b39f35dc334ce699e97 (diff) | |
| download | sssd-b77cf09d36615127b682bc886d3c3ca92f5ce698.tar.gz sssd-b77cf09d36615127b682bc886d3c3ca92f5ce698.tar.xz sssd-b77cf09d36615127b682bc886d3c3ca92f5ce698.zip | |
mmap_cache: Use stricter check for hash keys.
ht_size is size of hash_table in bytes, but hash keys have type uint32_t
| -rw-r--r-- | src/responder/nss/nsssrv_mmap_cache.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c index f0d8c2518..673ab1a5a 100644 --- a/src/responder/nss/nsssrv_mmap_cache.c +++ b/src/responder/nss/nsssrv_mmap_cache.c @@ -168,7 +168,7 @@ static void sss_mc_add_rec_to_chain(struct sss_mc_ctx *mcc, struct sss_mc_rec *cur; uint32_t slot; - if (hash > mcc->ht_size) { + if (hash > MC_HT_ELEMS(mcc->ht_size)) { /* Invalid hash. This should never happen, but better * return than trying to access out of bounds memory */ return; @@ -225,9 +225,11 @@ static void sss_mc_rm_rec_from_chain(struct sss_mc_ctx *mcc, struct sss_mc_rec *cur = NULL; uint32_t slot; - if (hash > mcc->ht_size) { - /* Invalid hash. This should never happen, but better - * return than trying to access out of bounds memory */ + if (hash > MC_HT_ELEMS(mcc->ht_size)) { + /* It can happen if rec->hash1 and rec->hash2 was the same. + * or it is invalid hash. It is better to return + * than trying to access out of bounds memory + */ return; } |