From: Anders Kaseorg <andersk@mit.edu>
Date: Fri, 23 Oct 2009 20:02:59 +0000 (-0400)
Subject: Check that a nonlocal lookup by id returns the right id.
X-Git-Tag: 1.11~3
X-Git-Url: http://andersk.mit.edu/gitweb/nss_nonlocal.git/commitdiff_plain/8027fdc430e1fbf94278adca0b58711d93fc4272

Check that a nonlocal lookup by id returns the right id.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
---

diff --git a/nonlocal-group.c b/nonlocal-group.c
index 074fc4e..6c3173a 100644
--- a/nonlocal-group.c
+++ b/nonlocal-group.c
@@ -391,6 +391,11 @@ _nss_nonlocal_getgrgid_r(gid_t gid, struct group *grp,
     if (status != NSS_STATUS_SUCCESS)
 	return status;
 
+    if (gid != grp->gr_gid) {
+	syslog(LOG_ERR, "nss_nonlocal: discarding gid %d from lookup for gid %d\n", grp->gr_gid, gid);
+	return NSS_STATUS_NOTFOUND;
+    }
+
     return check_nonlocal_group(grp->gr_name, grp, errnop);
 }
 
diff --git a/nonlocal-passwd.c b/nonlocal-passwd.c
index 0d71fe3..00763ed 100644
--- a/nonlocal-passwd.c
+++ b/nonlocal-passwd.c
@@ -399,6 +399,11 @@ _nss_nonlocal_getpwuid_r(uid_t uid, struct passwd *pwd,
     if (status != NSS_STATUS_SUCCESS)
 	return status;
 
+    if (uid != pwd->pw_uid) {
+	syslog(LOG_ERR, "nss_nonlocal: discarding uid %d from lookup for uid %d\n", pwd->pw_uid, uid);
+	return NSS_STATUS_NOTFOUND;
+    }
+
     status = check_nonlocal_passwd(pwd->pw_name, pwd, errnop);
     if (status != NSS_STATUS_SUCCESS)
 	return status;