NSS: Validate input string lengths

Also fixes a return value bug where we were returning errno error
codes instead of nss_status codes.

Fixes https://fedorahosted.org/sssd/ticket/1135

1 files changed, 1 insertions, 3 deletions

diff --git a/src/sss_client/nss_netgroup.c b/src/sss_client/nss_netgroup.c
index 2d1acc5d..f63b1135 100644
--- a/src/sss_client/nss_netgroup.c
+++ b/src/sss_client/nss_netgroup.c
@@ -33,8 +33,6 @@
 #include "sss_cli.h"
 #include "nss_compat.h"
 
-#define MAX_NETGR_NAME_LENGTH 2048
-
 #define CLEAR_NETGRENT_DATA(netgrent) do { \
         free(netgrent->data); \
         netgrent->data = NULL; \
@@ -201,7 +199,7 @@ enum nss_status _nss_sss_setnetgrent(const char *netgroup,
     /* make sure we do not have leftovers, and release memory */
     CLEAR_NETGRENT_DATA(result);
 
-    ret = sss_strnlen(netgroup, MAX_NETGR_NAME_LENGTH, &name_len);
+    ret = sss_strnlen(netgroup, SSS_NAME_MAX, &name_len);
     if (ret != 0) {
         nret = NSS_STATUS_NOTFOUND;
         goto out;