diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2015-07-30 10:50:47 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-08-05 11:28:27 +0200 |
commit | ba847347cade817ee927397d82c952b51b0dcb2b (patch) | |
tree | e7e03dc4cd0a31c9bd632c2a95c7a2e531f07f4e /scripts | |
parent | ea7839cec593b4a7c678fab52ab864518db6699b (diff) | |
download | sssd-ba847347cade817ee927397d82c952b51b0dcb2b.tar.gz sssd-ba847347cade817ee927397d82c952b51b0dcb2b.tar.xz sssd-ba847347cade817ee927397d82c952b51b0dcb2b.zip |
sss_client: Update integrity check of records in mmap cache
The function sss_nss_mc_get_record return copy of record from memory
cache in last argument. Because we should not access data directly
to avoid problems with consistency of record.
The function sss_nss_mc_get_record also check whether length of record
is within data area (with macro MC_CHECK_RECORD_LENGTH)
However we also tried to do the same check in functions sss_nss_mc_get{gr, pw}*
Pointer to end of strings in record was compared to pointer to the end
of data table. But these two pointers are not within the same allocated area
and does not make sense to compare them. Sometimes record can be allocated
before mmaped area and sometime after. Sometimes it will return cached data
and other time will fall back to responder.
Resolves:
https://fedorahosted.org/sssd/ticket/2743
Reviewed-by: Michal Židek <mzidek@redhat.com>
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions