diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-08-14 04:52:21 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-08-24 11:03:27 -0400 |
| commit | 3a362d4a95b999f088a12df8dd0abccb66f11ca1 (patch) | |
| tree | ddbb7881e3d281e8100e702a8759e95a14446263 /sss_client | |
| parent | ce0111fe4f1c5ea09a23c2be43fc1fcc1cdbdac8 (diff) | |
| download | sssd-3a362d4a95b999f088a12df8dd0abccb66f11ca1.tar.gz sssd-3a362d4a95b999f088a12df8dd0abccb66f11ca1.tar.xz sssd-3a362d4a95b999f088a12df8dd0abccb66f11ca1.zip | |
Catch possible bad input passed in by glibc
Seen in tests and was leading to a segfault
Diffstat (limited to 'sss_client')
| -rw-r--r-- | sss_client/group.c | 11 | ||||
| -rw-r--r-- | sss_client/passwd.c | 9 |
2 files changed, 20 insertions, 0 deletions
diff --git a/sss_client/group.c b/sss_client/group.c index 61b1e487b..675b8b71e 100644 --- a/sss_client/group.c +++ b/sss_client/group.c @@ -66,6 +66,8 @@ static void sss_nss_getgrent_data_clean(void) { * 0-3: 32bit number gid * 4-7: 32bit unsigned number of members * 8-X: sequence of 0 terminated strings (name, passwd, mem..) + * + * FIXME: do we need to pad so that each result is 32 bit aligned ? */ struct sss_nss_gr_rep { struct group *result; @@ -239,6 +241,9 @@ enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, enum nss_status nret; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + rd.len = strlen(name) + 1; rd.data = name; @@ -286,6 +291,9 @@ enum nss_status _nss_sss_getgrgid_r(gid_t gid, struct group *result, uint32_t group_gid; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + group_gid = gid; rd.len = sizeof(uint32_t); rd.data = &group_gid; @@ -352,6 +360,9 @@ enum nss_status _nss_sss_getgrent_r(struct group *result, uint32_t num_entries; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + /* if there are leftovers return the next one */ if (sss_nss_getgrent_data.data != NULL && sss_nss_getgrent_data.ptr < sss_nss_getgrent_data.len) { diff --git a/sss_client/passwd.c b/sss_client/passwd.c index e999e5dd5..0d70b6843 100644 --- a/sss_client/passwd.c +++ b/sss_client/passwd.c @@ -180,6 +180,9 @@ enum nss_status _nss_sss_getpwnam_r(const char *name, struct passwd *result, enum nss_status nret; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + rd.len = strlen(name) + 1; rd.data = name; @@ -227,6 +230,9 @@ enum nss_status _nss_sss_getpwuid_r(uid_t uid, struct passwd *result, uint32_t user_uid; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + user_uid = uid; rd.len = sizeof(uint32_t); rd.data = &user_uid; @@ -294,6 +300,9 @@ enum nss_status _nss_sss_getpwent_r(struct passwd *result, uint32_t num_entries; int ret; + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + /* if there are leftovers return the next one */ if (sss_nss_getpwent_data.data != NULL && sss_nss_getpwent_data.ptr < sss_nss_getpwent_data.len) { |