]> andersk Git - nss_nonlocal.git/blobdiff - nonlocal-group.c
andersk / nss_nonlocal.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Enlarge buffer sizes beyond _SC_GET{PW,GR}_R_SIZE_MAX if necessary.
[nss_nonlocal.git] / nonlocal-group.c
diff --git a/nonlocal-group.c b/nonlocal-group.c
index c8e8d7b2dbe4315b59824556e9b28014ea163d3a..085fafdb35a373255a002e9094d7ecb510fe2b67 100644 (file)
--- a/nonlocal-group.c
+++ b/nonlocal-group.c
@@ -97,12 +97,22 @@ check_nonlocal_gid(const char *user, gid_t gid, int *errnop)
     nip = startp;
     fct.ptr = fct_start;
     do {
+    morebuf:
        if (fct.l == _nss_nonlocal_getgrgid_r)
            status = NSS_STATUS_NOTFOUND;
        else
            status = DL_CALL_FCT(fct.l, (gid, &gbuf, buf, buflen, errnop));
-       if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE)
-           break;
+       if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) {
+           free(buf);
+           buflen *= 2;
+           buf = malloc(buflen);
+           if (buf == NULL) {
+               *errnop = ENOMEM;
+               errno = old_errno;
+               return NSS_STATUS_TRYAGAIN;
+           }
+           goto morebuf;
+       }
     } while (__nss_next(&nip, fct_name, &fct.ptr, status, 0) == 0);
 
     if (status == NSS_STATUS_SUCCESS) {
@@ -149,46 +159,57 @@ get_local_group(const char *name, struct group *grp, char *buffer, size_t buflen
     nip = startp;
     fct.ptr = fct_start;
     do {
+    morebuf:
        if (fct.l == _nss_nonlocal_getgrnam_r)
            status = NSS_STATUS_NOTFOUND;
        else
-           status = DL_CALL_FCT(fct.l, (name, &gbuf, buf, buflen, errnop));
-       if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE)
-           break;
+           status = DL_CALL_FCT(fct.l, (name, &gbuf, buf, len, errnop));
+       if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) {
+           free(buf);
+           len *= 2;
+           buf = malloc(len);
+           if (buf == NULL) {
+               *errnop = ENOMEM;
+               errno = old_errno;
+               return NSS_STATUS_TRYAGAIN;
+           }
+           goto morebuf;
+       }
     } while (__nss_next(&nip, fct_name, &fct.ptr, status, 0) == 0);
 
-    if (status == NSS_STATUS_SUCCESS) {
-       n = snprintf(buffer, buflen, "%s", gbuf.gr_name);
-       if (n < 0 || n >= buflen) {
-           *errnop = ERANGE;
-           status = NSS_STATUS_TRYAGAIN;
-           goto get_local_group_done;
-       }
-       grp->gr_name = buffer;
-       buffer += n;
-       buflen -= n;
-
-       n = snprintf(buffer, buflen, "%s", gbuf.gr_passwd);
-       if (n < 0 || n >= buflen) {
-           *errnop = ERANGE;
-           status = NSS_STATUS_TRYAGAIN;
-           goto get_local_group_done;
-       }
-       grp->gr_passwd = buffer;
-       buffer += n;
-       buflen -= n;
+    if (status != NSS_STATUS_SUCCESS)
+       goto get_local_group_done;
 
-       grp->gr_gid = gbuf.gr_gid;
+    n = snprintf(buffer, buflen, "%s", gbuf.gr_name);
+    if (n < 0 || n >= buflen) {
+       *errnop = ERANGE;
+       status = NSS_STATUS_TRYAGAIN;
+       goto get_local_group_done;
+    }
+    grp->gr_name = buffer;
+    buffer += n;
+    buflen -= n;
+
+    n = snprintf(buffer, buflen, "%s", gbuf.gr_passwd);
+    if (n < 0 || n >= buflen) {
+       *errnop = ERANGE;
+       status = NSS_STATUS_TRYAGAIN;
+       goto get_local_group_done;
+    }
+    grp->gr_passwd = buffer;
+    buffer += n;
+    buflen -= n;
 
-       if (buflen < sizeof(void *)) {
-           *errnop = ERANGE;
-           status = NSS_STATUS_TRYAGAIN;
-           goto get_local_group_done;
-       }
-       *(void **)buffer = NULL;
-       buffer += sizeof(void *);
-       buflen -= sizeof(void *);
+    grp->gr_gid = gbuf.gr_gid;
+
+    if (buflen < sizeof(void *)) {
+       *errnop = ERANGE;
+       status = NSS_STATUS_TRYAGAIN;
+       goto get_local_group_done;
     }
+    *(void **)buffer = NULL;
+    buffer += sizeof(void *);
+    buflen -= sizeof(void *);
 
  get_local_group_done:
     free(buf);
@@ -472,7 +493,7 @@ _nss_nonlocal_initgroups_dyn(const char *user, gid_t group, long int *start,
                    if (newsize > limit)
                        newsize = limit;
                }
-               newgroups = realloc(*groupsp, *size * sizeof((*groupsp)[0]));
+               newgroups = realloc(*groupsp, newsize * sizeof((*groupsp)[0]));
                if (newgroups == NULL) {
                    *errnop = ENOMEM;
                    errno = old_errno;
nss_nonlocal, an nsswitch proxy module to prevent local account spoofing
This page took 0.05333 seconds and 4 git commands to generate.