On Wed, Aug 19, 2015 at 11:15:16PM +0200, Jakub Hrozek wrote:
On Thu, Aug 13, 2015 at 07:41:02AM +0200, Lukas Slebodnik wrote:
> On (12/08/15 14:17), Jakub Hrozek wrote:
> >On Mon, Aug 10, 2015 at 06:38:29AM +0200, Lukas Slebodnik wrote:
> >> ehlo,
> >> Use after free can happed if there are two domains and user is not found
> >> in the first one.
> >> LS
> >Would it be possible to write a testcase in the NSS responder test?
> It requires multi domain setup.
> So I created different test.
> My intention was to cover most test cases and not just initgroups,
> But attached ins a POC patch which prove there is a use after free.
> make check passes; you need to test with valgrind.
> libtool --mode=execute valgrind -v ./nss-srv-multi-tests
> Would you prefer to use current version of patch and add othter test cases
> later? (it will take some time) or current version is enought for fix?
Ideally I think we should have only one NSS responder test, otherwise we
would end up adding some testcases to one test and not the other...but I
haven't tried, so I don't know how easy or hard that is.
ACK to your crash patch, I'll push it and apply to downstream.
Sorry, I forgot to send push-mail: