From patchwork Wed Mar 12 09:08:59 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 45 Return-Path: X-Original-To: siddhesh@wilcox.dreamhost.com Delivered-To: siddhesh@wilcox.dreamhost.com Received: from homiemail-mx23.g.dreamhost.com (caibbdcaabja.dreamhost.com [208.113.200.190]) by wilcox.dreamhost.com (Postfix) with ESMTP id 3BD6736008E for ; Wed, 12 Mar 2014 02:08:45 -0700 (PDT) Received: by homiemail-mx23.g.dreamhost.com (Postfix, from userid 14307373) id E0D1C62FFB654; Wed, 12 Mar 2014 02:08:44 -0700 (PDT) X-Original-To: glibc@patchwork.siddhesh.in Delivered-To: x14307373@homiemail-mx23.g.dreamhost.com Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by homiemail-mx23.g.dreamhost.com (Postfix) with ESMTPS id BF7BD62FFB64E for ; Wed, 12 Mar 2014 02:08:44 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; q=dns; s=default; b=djaxVHC/OdCZBGlHmeSLwxc0olYVt HAemj3ylQOvYjrwQdbpY43JaAcH4A5RyLUC5TqHHjgskoBaVy+mGDD4bmV+PzgPo 7hdLW5Rd+ouA/CXEJRSo+KDAanJ0uLDVuMENTzvSc3pAfpyvqlejc9fuwjMltOGq PHp4ivfQqfMtF4= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:mime-version :content-type; s=default; bh=0HHvKeQZ7mwkinDmjmqL1Gwl+bA=; b=qmH J3O2BfRrXKs6PnKEAIG7Qv2gLyFgIyaWrL1FYXtBrd7DTuCR3oRjMzwr6iGZP6kO niRLWCTyzxT7zF9onVJ5k1hja970xwIJOUjEQ+i8jL1jAJn6qb0+eM4pTAED53I4 v+Bhz/RWyFR9zmU3z/jIgg5Cbqz+yNdICx22ZnM0= Received: (qmail 14799 invoked by alias); 12 Mar 2014 09:08:42 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 14788 invoked by uid 89); 12 Mar 2014 09:08:41 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.8 required=5.0 tests=AWL, BAYES_00, SPF_HELO_PASS, SPF_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Date: Wed, 12 Mar 2014 14:38:59 +0530 From: Siddhesh Poyarekar To: libc-alpha@sourceware.org Subject: [PATCH] Provide correct buffer length to netgroup queries in nscd (BZ #16695) Message-ID: <20140312090859.GA887@spoyarek.pnq.redhat.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.22.1-rc1 (2013-10-16) X-DH-Original-To: glibc@patchwork.siddhesh.in The buffer to query netgroup entries is allocated sufficient space for the netgroup entries and the key to be appended at the end, but it sends in an incorrect available length to the NSS netgroup query functions, resulting in overflow of the buffer in some special cases. The fix here is to factor in the key length when sending the available buffer and buffer length to the query functions. Tested on x86_64. OK to commit? Siddhesh [BZ #16695] * nscd/netgroupcache.c (addgetnetgrentX): Factor in space for key in the buffer. --- nscd/netgroupcache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c index 426d3c5..5ba1e1f 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -202,7 +202,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, { int e; status = getfct.f (&data, buffer + buffilled, - buflen - buffilled, &e); + buflen - buffilled - req->key_len, &e); if (status == NSS_STATUS_RETURN || status == NSS_STATUS_NOTFOUND) /* This was either the last one for this group or the