[nss-pam-ldapd] - make sure that we have enough space to parse any valid GID value when parsing a user's primary GID

Nalin Dahyabhai nalin at fedoraproject.org
Thu Jul 14 20:46:47 UTC 2011 

commit 1100272972b0a1fcf953efbc8473929dcd4b50ad
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date:   Thu Jul 14 15:33:08 2011 -0400

    - make sure that we have enough space to parse any valid GID value when parsing a user's primary GID (#716822)

 nss-pam-ldapd-0.7.x-buffers.patch |   29 +++++++++++++++++++++++++++++
 nss-pam-ldapd.spec                |    4 ++++
 2 files changed, 33 insertions(+), 0 deletions(-)
---
diff --git a/nss-pam-ldapd-0.7.x-buffers.patch b/nss-pam-ldapd-0.7.x-buffers.patch
new file mode 100644
index 0000000..d838e86
--- /dev/null
+++ b/nss-pam-ldapd-0.7.x-buffers.patch
@@ -0,0 +1,29 @@
+Parts of r1476 -- leave enough room for GID values above a billion and
+unusually large pwdLastSet values.
+
+diff --git a/nslcd/passwd.c b/nslcd/passwd.c
+index 15124fe..a649322 100644
+--- a/nslcd/passwd.c
++++ b/nslcd/passwd.c
+@@ -390,7 +390,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
+   const char *passwd;
+   uid_t uids[MAXUIDS_PER_ENTRY];
+   int numuids;
+-  char gidbuf[10];
++  char gidbuf[32];
+   gid_t gid;
+   char gecos[100];
+   char homedir[100];
+diff --git a/nslcd/shadow.c b/nslcd/shadow.c
+index 6de372b..5d6dae7 100644
+--- a/nslcd/shadow.c
++++ b/nslcd/shadow.c
+@@ -112,7 +112,7 @@ void shadow_init(void)
+ 
+ static long to_date(const char *date,const char *attr)
+ {
+-  char buffer[8];
++  char buffer[32];
+   long value;
+   char *tmp;
+   size_t l;
diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec
index f87f5d5..06726b4 100644
--- a/nss-pam-ldapd.spec
+++ b/nss-pam-ldapd.spec
@@ -24,6 +24,7 @@ Source1:	http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz.s
 Source2:	nslcd.init
 Source3:	nslcd.tmpfiles
 Source4:	nslcd.service
+Patch0:		nss-pam-ldapd-0.7.x-buffers.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	openldap-devel, krb5-devel
 Obsoletes:	nss-ldapd < 0.7
@@ -55,6 +56,7 @@ nsswitch module.
 
 %prep
 %setup -q
+%patch0 -p1 -b .buffers
 
 %build
 %configure --libdir=/%{_lib} --disable-pam
@@ -253,6 +255,8 @@ exit 0
 * Thu Jul 14 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-7
 - switch to only munging the contents of /etc/nslcd.conf on the very first
   install (#706454)
+- make sure that we have enough space to parse any valid GID value when
+  parsing a user's primary GID (#716822)
 
 * Wed Jul 13 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-6
 - convert to systemd-native startup (#716997)

More information about the scm-commits mailing list