From a171d77f40aa92e240e91aa4bafe5a392a98b5a2 Mon Sep 17 00:00:00 2001 From: Michal Zidek Date: Wed, 21 Aug 2013 17:17:06 +0200 Subject: sss_client: Use SAFEALIGN_COPY_ macros where appropriate. resolves: https://fedorahosted.org/sssd/ticket/1359 --- src/sss_client/autofs/sss_autofs.c | 6 +++++- src/sss_client/common.c | 2 +- src/sss_client/idmap/sss_nss_idmap.c | 6 ++++-- src/sss_client/nss_group.c | 34 +++++++++++++++++++++++++--------- src/sss_client/nss_netgroup.c | 12 ++++++++++-- src/sss_client/nss_passwd.c | 22 +++++++++++++++++----- src/sss_client/nss_services.c | 23 +++++++++++++++++------ src/sss_client/pam_sss.c | 2 +- 8 files changed, 80 insertions(+), 27 deletions(-) (limited to 'src/sss_client') diff --git a/src/sss_client/autofs/sss_autofs.c b/src/sss_client/autofs/sss_autofs.c index 435cafe23..49e130282 100644 --- a/src/sss_client/autofs/sss_autofs.c +++ b/src/sss_client/autofs/sss_autofs.c @@ -64,6 +64,7 @@ _sss_setautomntent(const char *mapname, void **context) struct sss_cli_req_data rd; uint8_t *repbuf = NULL; size_t replen; + uint32_t num_results = 0; if (!mapname) return EINVAL; @@ -96,8 +97,11 @@ _sss_setautomntent(const char *mapname, void **context) goto out; } + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(name); free(repbuf); ret = ENOENT; diff --git a/src/sss_client/common.c b/src/sss_client/common.c index d99086147..6044af072 100644 --- a/src/sss_client/common.c +++ b/src/sss_client/common.c @@ -424,7 +424,7 @@ static bool sss_cli_check_version(const char *socket_name) return false; } - obtained_version = ((uint32_t *)repbuf)[0]; + SAFEALIGN_COPY_UINT32(&obtained_version, repbuf, NULL); free(repbuf); return (obtained_version == expected_version); diff --git a/src/sss_client/idmap/sss_nss_idmap.c b/src/sss_client/idmap/sss_nss_idmap.c index e0faf6e78..adb588975 100644 --- a/src/sss_client/idmap/sss_nss_idmap.c +++ b/src/sss_client/idmap/sss_nss_idmap.c @@ -108,7 +108,7 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd , goto done; } - num_results = ((uint32_t *)repbuf)[0]; + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); if (num_results == 0) { ret = ENOENT; goto done; @@ -117,7 +117,9 @@ static int sss_nss_getyyybyxxx(union input inp, enum sss_cli_command cmd , goto done; } - out->type = ((uint32_t *)repbuf)[2]; + /* Skip first two 32 bit values (number of results and + * reserved padding) */ + SAFEALIGN_COPY_UINT32(&out->type, repbuf + 2 * sizeof(uint32_t), NULL); data_len = replen - DATA_START; diff --git a/src/sss_client/nss_group.c b/src/sss_client/nss_group.c index e6ea54b52..a7fb09375 100644 --- a/src/sss_client/nss_group.c +++ b/src/sss_client/nss_group.c @@ -282,7 +282,7 @@ enum nss_status _nss_sss_initgroups_dyn(const char *user, gid_t group, uint8_t *repbuf; size_t replen; enum nss_status nret; - uint32_t *rbuf; + size_t buf_index = 0; uint32_t num_ret; long int l, max_ret; @@ -298,7 +298,7 @@ enum nss_status _nss_sss_initgroups_dyn(const char *user, gid_t group, } /* no results if not found */ - num_ret = ((uint32_t *)repbuf)[0]; + SAFEALIGN_COPY_UINT32(&num_ret, repbuf, NULL); if (num_ret == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; @@ -328,9 +328,13 @@ enum nss_status _nss_sss_initgroups_dyn(const char *user, gid_t group, *size = newsize; } - rbuf = &((uint32_t *)repbuf)[2]; + /* Skip first two 32 bit values (number of results and + * reserved padding) */ + buf_index = 2 * sizeof(uint32_t); + for (l = 0; l < max_ret; l++) { - (*groups)[*start] = rbuf[l]; + SAFEALIGN_COPY_UINT32(&(*groups)[*start], repbuf + buf_index, + &buf_index); *start += 1; } @@ -350,6 +354,7 @@ enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, struct sss_nss_gr_rep grrep; uint8_t *repbuf; size_t replen, len, name_len; + uint32_t num_results; enum nss_status nret; int ret; @@ -402,15 +407,18 @@ enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, grrep.buffer = buffer; grrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -444,6 +452,7 @@ enum nss_status _nss_sss_getgrgid_r(gid_t gid, struct group *result, struct sss_nss_gr_rep grrep; uint8_t *repbuf; size_t replen, len; + uint32_t num_results; enum nss_status nret; uint32_t group_gid; int ret; @@ -489,15 +498,18 @@ enum nss_status _nss_sss_getgrgid_r(gid_t gid, struct group *result, grrep.buffer = buffer; grrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -552,6 +564,7 @@ static enum nss_status internal_getgrent_r(struct group *result, struct sss_nss_gr_rep grrep; uint8_t *repbuf; size_t replen; + uint32_t num_results; enum nss_status nret; uint32_t num_entries; int ret; @@ -598,8 +611,11 @@ static enum nss_status internal_getgrent_r(struct group *result, return nret; } + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { + if ((num_results == 0) || (replen - 8 == 0)) { free(repbuf); return NSS_STATUS_NOTFOUND; } diff --git a/src/sss_client/nss_netgroup.c b/src/sss_client/nss_netgroup.c index f72d547e8..8594fc460 100644 --- a/src/sss_client/nss_netgroup.c +++ b/src/sss_client/nss_netgroup.c @@ -160,6 +160,7 @@ enum nss_status _nss_sss_setnetgrent(const char *netgroup, { uint8_t *repbuf = NULL; size_t replen; + uint32_t num_results; enum nss_status nret; struct sss_cli_req_data rd; int errnop; @@ -198,8 +199,11 @@ enum nss_status _nss_sss_setnetgrent(const char *netgroup, goto out; } + /* Get number of results from repbuf */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen < NETGR_METADATA_COUNT)) { + if ((num_results == 0) || (replen < NETGR_METADATA_COUNT)) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; @@ -221,6 +225,7 @@ static enum nss_status internal_getnetgrent_r(struct __netgrent *result, struct sss_nss_netgr_rep netgrrep; uint8_t *repbuf; size_t replen; + uint32_t num_results; enum nss_status nret; uint32_t num_entries; int ret; @@ -266,8 +271,11 @@ static enum nss_status internal_getnetgrent_r(struct __netgrent *result, return nret; } + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen <= NETGR_METADATA_COUNT)) { + if ((num_results == 0) || (replen <= NETGR_METADATA_COUNT)) { free(repbuf); return NSS_STATUS_RETURN; } diff --git a/src/sss_client/nss_passwd.c b/src/sss_client/nss_passwd.c index 2b349c9e8..290aed80e 100644 --- a/src/sss_client/nss_passwd.c +++ b/src/sss_client/nss_passwd.c @@ -139,6 +139,7 @@ enum nss_status _nss_sss_getpwnam_r(const char *name, struct passwd *result, struct sss_nss_pw_rep pwrep; uint8_t *repbuf; size_t replen, len, name_len; + uint32_t num_results; enum nss_status nret; int ret; @@ -187,15 +188,18 @@ enum nss_status _nss_sss_getpwnam_r(const char *name, struct passwd *result, pwrep.buffer = buffer; pwrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -225,6 +229,7 @@ enum nss_status _nss_sss_getpwuid_r(uid_t uid, struct passwd *result, struct sss_nss_pw_rep pwrep; uint8_t *repbuf; size_t replen, len; + uint32_t num_results; enum nss_status nret; uint32_t user_uid; int ret; @@ -266,15 +271,18 @@ enum nss_status _nss_sss_getpwuid_r(uid_t uid, struct passwd *result, pwrep.buffer = buffer; pwrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -325,6 +333,7 @@ static enum nss_status internal_getpwent_r(struct passwd *result, struct sss_nss_pw_rep pwrep; uint8_t *repbuf; size_t replen; + uint32_t num_results; enum nss_status nret; uint32_t num_entries; int ret; @@ -369,8 +378,11 @@ static enum nss_status internal_getpwent_r(struct passwd *result, return nret; } + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { + if ((num_results == 0) || (replen - 8 == 0)) { free(repbuf); return NSS_STATUS_NOTFOUND; } diff --git a/src/sss_client/nss_services.c b/src/sss_client/nss_services.c index 5f98d8dc9..b40e1fa94 100644 --- a/src/sss_client/nss_services.c +++ b/src/sss_client/nss_services.c @@ -175,6 +175,7 @@ _nss_sss_getservbyname_r(const char *name, uint8_t *repbuf; uint8_t *data; size_t replen, len; + uint32_t num_results; enum nss_status nret; int ret; @@ -225,15 +226,18 @@ _nss_sss_getservbyname_r(const char *name, svcrep.buffer = buffer; svcrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -272,6 +276,7 @@ _nss_sss_getservbyport_r(int port, const char *protocol, uint8_t *data; size_t p = 0; size_t replen, len; + uint32_t num_results; enum nss_status nret; int ret; @@ -320,15 +325,18 @@ _nss_sss_getservbyport_r(int port, const char *protocol, svcrep.buffer = buffer; svcrep.buflen = buflen; + /* Get number of results from repbuf. */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { + if (num_results == 0) { free(repbuf); nret = NSS_STATUS_NOTFOUND; goto out; } /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { + if (num_results != 1) { *errnop = EBADMSG; free(repbuf); nret = NSS_STATUS_TRYAGAIN; @@ -400,6 +408,7 @@ static enum nss_status internal_getservent_r(struct servent *result, struct sss_nss_svc_rep pwrep; uint8_t *repbuf; size_t replen; + uint32_t num_results; enum nss_status nret; uint32_t num_entries; int ret; @@ -444,9 +453,11 @@ static enum nss_status internal_getservent_r(struct servent *result, return nret; } + /* Get number of results from repbuf */ + SAFEALIGN_COPY_UINT32(&num_results, repbuf, NULL); + /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) - || (replen - SVC_METADATA_COUNT == 0)) { + if ((num_results == 0) || (replen - SVC_METADATA_COUNT == 0)) { free(repbuf); return NSS_STATUS_NOTFOUND; } diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c index 7a14963cb..35cd53cce 100644 --- a/src/sss_client/pam_sss.c +++ b/src/sss_client/pam_sss.c @@ -1108,7 +1108,7 @@ static int send_and_receive(pam_handle_t *pamh, struct pam_items *pi, goto done; } - pam_status = ((int32_t *)repbuf)[0]; + SAFEALIGN_COPY_UINT32(&pam_status, repbuf, NULL); ret = eval_response(pamh, replen, repbuf, pi); if (ret != PAM_SUCCESS) { D(("eval_response failed.")); -- cgit