On Thu, Aug 13, 2015 at 07:41:02AM +0200, Lukas Slebodnik wrote:
On (12/08/15 14:17), Jakub Hrozek wrote:
>On Mon, Aug 10, 2015 at 06:38:29AM +0200, Lukas Slebodnik wrote:
>> ehlo,
>>
>> Use after free can happed if there are two domains and user is not found
>> in the first one.
>>
>> LS
>
>Would it be possible to write a testcase in the NSS responder test?
It requires multi domain setup.
So I created different test.
My intention was to cover most test cases and not just initgroups,
But attached ins a POC patch which prove there is a use after free.
make check passes; you need to test with valgrind.
libtool --mode=execute valgrind -v ./nss-srv-multi-tests
Would you prefer to use current version of patch and add othter test cases
later? (it will take some time) or current version is enought for fix?
Ideally I think we should have only one NSS responder test, otherwise we
would end up adding some testcases to one test and not the other...but I
haven't tried, so I don't know how easy or hard that is.
ACK to your crash patch, I'll push it and apply to downstream.