diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2017-02-21 22:14:35 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-02-22 13:12:20 +0100 |
| commit | fc91d72f32660712f7c9e872e00deb91f188fea3 (patch) | |
| tree | d8c0b6b3fb35dfe53e73aad1a056ecc3cede36bc /src/providers | |
| parent | 454cf0c3808a9f6a0c9f79e9796e17c58907ee6c (diff) | |
| download | sssd-fc91d72f32660712f7c9e872e00deb91f188fea3.tar.gz sssd-fc91d72f32660712f7c9e872e00deb91f188fea3.tar.xz sssd-fc91d72f32660712f7c9e872e00deb91f188fea3.zip | |
FILES: Fix reallocation logic
There were two bugs in the files provider reallocation logic:
1) the reallocated array was not NULL-terminated properly
2) talloc_get_size was used in place of talloc_array_length
This bug could have resulted in a crash when the passwd or groups file
contained more than FILES_REALLOC_CHUNK entries.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/providers')
| -rw-r--r-- | src/providers/files/files_ops.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/providers/files/files_ops.c b/src/providers/files/files_ops.c index beda47abd..9ebf3b11b 100644 --- a/src/providers/files/files_ops.c +++ b/src/providers/files/files_ops.c @@ -27,6 +27,9 @@ #include "util/inotify.h" #include "util/util.h" +/* When changing this constant, make sure to also adjust the files integration + * test for reallocation branch + */ #define FILES_REALLOC_CHUNK 64 #define PWD_MAXSIZE 1024 @@ -108,7 +111,7 @@ static errno_t enum_files_users(TALLOC_CTX *mem_ctx, users = talloc_realloc(mem_ctx, users, struct passwd *, - talloc_get_size(users) + FILES_REALLOC_CHUNK); + talloc_array_length(users) + FILES_REALLOC_CHUNK); if (users == NULL) { ret = ENOMEM; goto done; @@ -117,6 +120,7 @@ static errno_t enum_files_users(TALLOC_CTX *mem_ctx, } ret = EOK; + users[n_users] = NULL; *_users = users; done: if (ret != EOK) { @@ -211,7 +215,7 @@ static errno_t enum_files_groups(TALLOC_CTX *mem_ctx, groups = talloc_realloc(mem_ctx, groups, struct group *, - talloc_get_size(groups) + FILES_REALLOC_CHUNK); + talloc_array_length(groups) + FILES_REALLOC_CHUNK); if (groups == NULL) { ret = ENOMEM; goto done; @@ -220,6 +224,7 @@ static errno_t enum_files_groups(TALLOC_CTX *mem_ctx, } ret = EOK; + groups[n_groups] = NULL; *_groups = groups; done: if (ret != EOK) { |