diff options
| author | Lukas Slebodnik <lslebodn@redhat.com> | 2013-08-19 07:24:46 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-28 16:48:58 +0200 |
| commit | b1d8725d43e1abce8f90b9efe8ff400f546e939d (patch) | |
| tree | cec7cbf0bc9d20690eeb9515f322b3a63f7915bd | |
| parent | f6b311b08c4a2a0306b4d5aeca8a0d8a1dfe817a (diff) | |
| download | sssd-b1d8725d43e1abce8f90b9efe8ff400f546e939d.tar.gz sssd-b1d8725d43e1abce8f90b9efe8ff400f546e939d.tar.xz sssd-b1d8725d43e1abce8f90b9efe8ff400f546e939d.zip | |
mmap_cache: Use stricter check for hash keys.
ht_size is size of hash_table in bytes, but hash keys have type uint32_t
| -rw-r--r-- | src/responder/nss/nsssrv_mmap_cache.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c index 66afe6fdf..84570ac20 100644 --- a/src/responder/nss/nsssrv_mmap_cache.c +++ b/src/responder/nss/nsssrv_mmap_cache.c @@ -177,7 +177,7 @@ static void sss_mc_add_rec_to_chain(struct sss_mc_ctx *mcc, struct sss_mc_rec *cur; uint32_t slot; - if (hash > mcc->ht_size) { + if (hash > MC_HT_ELEMS(mcc->ht_size)) { /* Invalid hash. This should never happen, but better * return than trying to access out of bounds memory */ return; @@ -234,9 +234,11 @@ static void sss_mc_rm_rec_from_chain(struct sss_mc_ctx *mcc, struct sss_mc_rec *cur = NULL; uint32_t slot; - if (hash > mcc->ht_size) { - /* Invalid hash. This should never happen, but better - * return than trying to access out of bounds memory */ + if (hash > MC_HT_ELEMS(mcc->ht_size)) { + /* It can happen if rec->hash1 and rec->hash2 was the same. + * or it is invalid hash. It is better to return + * than trying to access out of bounds memory + */ return; } |