Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
nss_db: Propagate ERANGE error if parse_line fails [BZ #19837]
Reproducer (needs to run as root):

perl -e \
  'print "large999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \
  >> /etc/group
cd /var/db
make
getent -s db group

After the fix, the last command should list the "large" group.

The magic number 135 has been chosen so that the line is shorter than
1024 bytes, but the pointers required to encode the member array will
cross the threshold, triggering the bug.
  • Loading branch information
Florian Weimer committed Mar 29, 2016
1 parent 0791f91 commit a603305
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
6 changes: 6 additions & 0 deletions ChangeLog
@@ -1,3 +1,9 @@
2016-03-29 Florian Weimer <fweimer@redhat.com>

[BZ #19837]
* nss/nss_db/db-XXX.c (_nss_db_getENTNAME_r): Propagate ERANGE
error if parse_line fails.

2016-03-28 H.J. Lu <hongjiu.lu@intel.com>

* sysdeps/x86/cpu-features.h (bit_cpu_ERMS): New.
Expand Down
4 changes: 2 additions & 2 deletions nss/nss_db/db-XXX.c
Expand Up @@ -288,8 +288,8 @@ CONCAT(_nss_db_get,ENTNAME_r) (struct STRUCTURE *result, char *buffer,
}
if (err < 0)
{
H_ERRNO_SET (HOST_NOT_FOUND);
status = NSS_STATUS_NOTFOUND;
H_ERRNO_SET (NETDB_INTERNAL);
status = NSS_STATUS_TRYAGAIN;
break;
}

Expand Down

0 comments on commit a603305

Please sign in to comment.