[Midnightbsd-cvs] src [9392] trunk/usr.sbin/gssd/gssd.c: Fix the getpwuid_r() call in the gssd daemon so that it handles
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sat Mar 4 16:26:28 EST 2017
Revision: 9392
http://svnweb.midnightbsd.org/src/?rev=9392
Author: laffer1
Date: 2017-03-04 16:26:28 -0500 (Sat, 04 Mar 2017)
Log Message:
-----------
Fix the getpwuid_r() call in the gssd daemon so that it handles
the ERANGE error return case. Without this fix, authentication
of users for certain system setups could fail unexpectedly.
Modified Paths:
--------------
trunk/usr.sbin/gssd/gssd.c
Modified: trunk/usr.sbin/gssd/gssd.c
===================================================================
--- trunk/usr.sbin/gssd/gssd.c 2017-03-04 21:26:01 UTC (rev 9391)
+++ trunk/usr.sbin/gssd/gssd.c 2017-03-04 21:26:28 UTC (rev 9392)
@@ -37,6 +37,7 @@
#include <ctype.h>
#include <dirent.h>
#include <err.h>
+#include <errno.h>
#ifndef WITHOUT_KERBEROS
#include <krb5.h>
#endif
@@ -557,8 +558,11 @@
{
gss_name_t name = gssd_find_resource(argp->pname);
uid_t uid;
- char buf[128];
+ char buf[1024], *bufp;
struct passwd pwd, *pw;
+ size_t buflen;
+ int error;
+ static size_t buflen_hint = 1024;
memset(result, 0, sizeof(*result));
if (name) {
@@ -567,7 +571,24 @@
name, argp->mech, &uid);
if (result->major_status == GSS_S_COMPLETE) {
result->uid = uid;
- getpwuid_r(uid, &pwd, buf, sizeof(buf), &pw);
+ buflen = buflen_hint;
+ for (;;) {
+ pw = NULL;
+ bufp = buf;
+ if (buflen > sizeof(buf))
+ bufp = malloc(buflen);
+ if (bufp == NULL)
+ break;
+ error = getpwuid_r(uid, &pwd, bufp, buflen,
+ &pw);
+ if (error != ERANGE)
+ break;
+ if (buflen > sizeof(buf))
+ free(bufp);
+ buflen += 1024;
+ if (buflen > buflen_hint)
+ buflen_hint = buflen;
+ }
if (pw) {
int len = NGRPS;
int groups[NGRPS];
@@ -584,6 +605,8 @@
result->gidlist.gidlist_len = 0;
result->gidlist.gidlist_val = NULL;
}
+ if (bufp != NULL && buflen > sizeof(buf))
+ free(bufp);
}
} else {
result->major_status = GSS_S_BAD_NAME;
More information about the Midnightbsd-cvs
mailing list