Date: Tue, 3 Sep 2019 01:30:45 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Konstantin Belousov <kib@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-stable@freebsd.org" <svn-src-stable@freebsd.org>, "svn-src-stable-12@freebsd.org" <svn-src-stable-12@freebsd.org> Subject: Re: svn commit: r351691 - in stable/12: include/rpcsvc lib/libc/net lib/libc/rpc usr.sbin/rpc.yppasswdd usr.sbin/rpc.ypupdated usr.sbin/ypldap usr.sbin/yppush usr.sbin/ypserv Message-ID: <YT1PR01MB290708C5DF9554498B8E6C66DDB90@YT1PR01MB2907.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <201909020820.x828K2D0074193@repo.freebsd.org> References: <201909020820.x828K2D0074193@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Konstantin Belousov wrote: > >Author: kib >Date: Mon Sep 2 08:20:02 2019 >New Revision: 351691 >URL: https://svnweb.freebsd.org/changeset/base/351691 > >Log: > MFC r350957: > Increase YPMAXRECORD to 16M to be compatible with Linux. I am not familiar with the userland RPC libraries, but for the krpc, the si= ze of an RPC message is limited by the maximum sockbuf size allowed, as set by soreserve() and limited by kern.maxsockbuf. You might want to look to see if the userland RPC library does the setsocko= pt() { or whatever it is? } that does the soreserve()/sbreserve() for the socket= in the kernel, to see how large it gets set. I think you can get to about 2M by default? To be honest, I'm surprised (but maybe not amazed) that people still use NIS/YP. Just in case it matters, rick Sponsored by: Mellanox Technologies Modified: stable/12/include/rpcsvc/yp.x stable/12/include/rpcsvc/yp_prot.h stable/12/include/rpcsvc/ypxfrd.x stable/12/lib/libc/net/gethostbynis.c stable/12/lib/libc/net/getnetbynis.c stable/12/lib/libc/net/getservent.c stable/12/lib/libc/rpc/getrpcent.c stable/12/usr.sbin/rpc.yppasswdd/yppasswdd_server.c stable/12/usr.sbin/rpc.ypupdated/yp_dbupdate.c stable/12/usr.sbin/ypldap/yp.c stable/12/usr.sbin/yppush/yppush_main.c stable/12/usr.sbin/ypserv/yp_server.c Directory Properties: stable/12/ (props changed) Modified: stable/12/include/rpcsvc/yp.x =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/include/rpcsvc/yp.x Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/include/rpcsvc/yp.x Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -40,7 +40,7 @@ %__FBSDID("$FreeBSD$"); #endif -const YPMAXRECORD =3D 1024; +const YPMAXRECORD =3D 16777216; const YPMAXDOMAIN =3D 64; const YPMAXMAP =3D 64; const YPMAXPEER =3D 64; Modified: stable/12/include/rpcsvc/yp_prot.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/include/rpcsvc/yp_prot.h Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/include/rpcsvc/yp_prot.h Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -79,7 +79,7 @@ typedef u_int bool; #define YPPROG ((u_long)100004) #define YPVERS ((u_long)2) #define YPVERS_ORIG ((u_long)1) -#define YPMAXRECORD ((u_long)1024) +#define YPMAXRECORD ((u_long)16 * 1024 * 1024) #define YPMAXDOMAIN ((u_long)64) #define YPMAXMAP ((u_long)64) #define YPMAXPEER ((u_long)256) Modified: stable/12/include/rpcsvc/ypxfrd.x =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/include/rpcsvc/ypxfrd.x Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/include/rpcsvc/ypxfrd.x Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -70,7 +70,7 @@ #endif /* XXX cribbed from yp.x */ -const _YPMAXRECORD =3D 1024; +const _YPMAXRECORD =3D 16777216; const _YPMAXDOMAIN =3D 64; const _YPMAXMAP =3D 64; const _YPMAXPEER =3D 64; Modified: stable/12/lib/libc/net/gethostbynis.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/lib/libc/net/gethostbynis.c Mon Sep 2 08:03:29 2019 = (r351690) +++ stable/12/lib/libc/net/gethostbynis.c Mon Sep 2 08:20:02 2019 = (r351691) @@ -58,7 +58,7 @@ _gethostbynis(const char *name, char *map, int af, str char *cp, **q; char *result; int resultlen, size, addrok =3D 0; - char ypbuf[YPMAXRECORD + 2]; + char *ypbuf; res_state statp; statp =3D __res_state(); @@ -88,10 +88,11 @@ _gethostbynis(const char *name, char *map, int af, str } /* avoid potential memory leak */ - bcopy((char *)result, (char *)&ypbuf, resultlen); + ypbuf =3D alloca(resultlen + 2); + bcopy(result, ypbuf, resultlen); ypbuf[resultlen] =3D '\0'; free(result); - result =3D (char *)&ypbuf; + result =3D ypbuf; if ((cp =3D strchr(result, '\n'))) *cp =3D '\0'; Modified: stable/12/lib/libc/net/getnetbynis.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/lib/libc/net/getnetbynis.c Mon Sep 2 08:03:29 2019 = (r351690) +++ stable/12/lib/libc/net/getnetbynis.c Mon Sep 2 08:20:02 2019 = (r351691) @@ -58,7 +58,7 @@ _getnetbynis(const char *name, char *map, int af, stru char *cp, **q; char *result; int resultlen, len; - char ypbuf[YPMAXRECORD + 2]; + char *ypbuf; switch(af) { case AF_INET: @@ -77,10 +77,11 @@ _getnetbynis(const char *name, char *map, int af, stru &resultlen)) return (-1); - bcopy((char *)result, (char *)&ypbuf, resultlen); + ypbuf =3D alloca(resultlen + 2); + bcopy(result, ypbuf, resultlen); ypbuf[resultlen] =3D '\0'; free(result); - result =3D (char *)&ypbuf; + result =3D ypbuf; if ((cp =3D strchr(result, '\n'))) *cp =3D '\0'; Modified: stable/12/lib/libc/net/getservent.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/lib/libc/net/getservent.c Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/lib/libc/net/getservent.c Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -664,7 +664,7 @@ nis_servent(void *retval, void *mdata, va_list ap) { char *resultbuf, *lastkey; int resultbuflen; - char buf[YPMAXRECORD + 2]; + char *buf; struct nis_state *st; int rv; @@ -681,6 +681,7 @@ nis_servent(void *retval, void *mdata, va_list ap) name =3D NULL; proto =3D NULL; + buf =3D NULL; how =3D (enum nss_lookup_type)mdata; switch (how) { case nss_lt_name: @@ -716,7 +717,10 @@ nis_servent(void *retval, void *mdata, va_list ap) do { switch (how) { case nss_lt_name: - snprintf(buf, sizeof(buf), "%s/%s", name, proto); + free(buf); + asprintf(&buf, "%s/%s", name, proto); + if (buf =3D=3D NULL) + return (NS_TRYAGAIN); if (yp_match(st->yp_domain, "services.byname", buf, strlen(buf), &resultbuf, &resultbuflen)) { rv =3D NS_NOTFOUND; @@ -724,8 +728,10 @@ nis_servent(void *retval, void *mdata, va_list ap) } break; case nss_lt_id: - snprintf(buf, sizeof(buf), "%d/%s", ntohs(port), - proto); + free(buf); + asprintf(&buf, "%d/%s", ntohs(port), proto); + if (buf =3D=3D NULL) + return (NS_TRYAGAIN); /* * We have to be a little flexible @@ -791,6 +797,7 @@ nis_servent(void *retval, void *mdata, va_list ap) } while (!(rv & NS_TERMINATE) && how =3D=3D nss_lt_all); fin: + free(buf); if (rv =3D=3D NS_SUCCESS && retval !=3D NULL) *(struct servent **)retval =3D serv; Modified: stable/12/lib/libc/rpc/getrpcent.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/lib/libc/rpc/getrpcent.c Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/lib/libc/rpc/getrpcent.c Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -400,7 +400,7 @@ nis_rpcent(void *retval, void *mdata, va_list ap) char *lastkey; char *resultbuf; int resultbuflen; - char buf[YPMAXRECORD + 2]; + char *buf; struct nis_state *st; int rv; @@ -422,6 +422,7 @@ nis_rpcent(void *retval, void *mdata, va_list ap) return (NS_NOTFOUND); } + buf =3D NULL; rpc =3D va_arg(ap, struct rpcent *); buffer =3D va_arg(ap, char *); bufsize =3D va_arg(ap, size_t); @@ -445,7 +446,10 @@ nis_rpcent(void *retval, void *mdata, va_list ap) case nss_lt_name: if (!st->no_name_map) { - snprintf(buf, sizeof buf, "%s", name); + free(buf); + asprintf(&buf, "%s", name); + if (buf =3D=3D NULL) + return (NS_TRYAGAIN); rv =3D yp_match(st->domain, "rpc.byname", b= uf, strlen(buf), &resultbuf, &resultbuf= len); @@ -473,7 +477,10 @@ nis_rpcent(void *retval, void *mdata, va_list ap) } break; case nss_lt_id: - snprintf(buf, sizeof buf, "%d", number); + free(buf); + asprintf(&buf, "%d", number); + if (buf =3D=3D NULL) + return (NS_TRYAGAIN); if (yp_match(st->domain, "rpc.bynumber", buf, strlen(buf), &resultbuf, &resultbuflen)) { rv =3D NS_NOTFOUND; @@ -560,6 +567,7 @@ done: } while (!(rv & NS_TERMINATE) && (how =3D=3D nss_lt_all)); fin: + free(buf); if ((rv =3D=3D NS_SUCCESS) && (retval !=3D NULL)) *((struct rpcent **)retval) =3D rpc; Modified: stable/12/usr.sbin/rpc.yppasswdd/yppasswdd_server.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Mon Sep 2 08:03:29= 2019 (r351690) +++ stable/12/usr.sbin/rpc.yppasswdd/yppasswdd_server.c Mon Sep 2 08:20:02= 2019 (r351691) @@ -323,15 +323,16 @@ update_inplace(struct passwd *pw, char *domain) DB *dbp =3D NULL; DBT key =3D { NULL, 0 }; DBT data =3D { NULL, 0 }; - char pwbuf[YPMAXRECORD]; + char *pwbuf; char keybuf[20]; int i; char *ptr =3D NULL; static char yp_last[] =3D "YP_LAST_MODIFIED"; - char yplastbuf[YPMAXRECORD]; + char yplastbuf[64]; snprintf(yplastbuf, sizeof yplastbuf, "%llu", (unsigned long long)time(NULL)); + pwbuf =3D NULL; for (i =3D 0; i < 4; i++) { @@ -364,12 +365,12 @@ update_inplace(struct passwd *pw, char *domain) if (yp_get_record(domain,maps[i],&key,&data,1) !=3D YP_TRUE= ) { yp_error("couldn't read %s/%s: %s", domain, maps[i], strerror(errno)); - return(1); + goto ret1; } if ((ptr =3D strchr(data.data, ':')) =3D=3D NULL) { yp_error("no colon in passwd record?!"); - return(1); + goto ret1; } /* @@ -393,8 +394,12 @@ with the same UID - continuing"); * We're really being ultra-paranoid here. * This is generally a 'can't happen' condition. */ - snprintf(pwbuf, sizeof pwbuf, ":%d:%d:", pw->pw_uid= , - pw->pw_gi= d); + free(pwbuf); + asprintf(&pwbuf, ":%d:%d:", pw->pw_uid, pw->pw_gid)= ; + if (pwbuf =3D=3D NULL) { + yp_error("no memory"); + goto ret1; + } if (!strstr(data.data, pwbuf)) { yp_error("warning: found entry for user %s = \ in map %s@%s with wrong UID", pw->pw_name, maps[i], domain); @@ -405,24 +410,30 @@ with the same name - continuing"); } if (i < 2) { - snprintf(pwbuf, sizeof pwbuf, formats[i], + free(pwbuf); + asprintf(&pwbuf, formats[i], pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos, pw->pw_dir, pw->pw_shell); } else { - snprintf(pwbuf, sizeof pwbuf, formats[i], + free(pwbuf); + asprintf(&pwbuf, formats[i], pw->pw_name, *(ptr+1) =3D=3D '*' ? "*" : pw->pw_= passwd, pw->pw_uid, pw->pw_gid, pw->pw_gecos, pw->pw_dir= , pw->pw_shell); } + if (pwbuf =3D=3D NULL) { + yp_error("no memory"); + goto ret1; + } #define FLAGS O_RDWR|O_CREAT if ((dbp =3D yp_open_db_rw(domain, maps[i], FLAGS)) =3D=3D = NULL) { yp_error("couldn't open %s/%s r/w: %s",domain, maps[i],strerror(errno)); - return(1); + goto ret1; } data.data =3D pwbuf; @@ -432,7 +443,7 @@ with the same name - continuing"); yp_error("failed to update record in %s/%s", domain= , maps[i]); (void)(dbp->close)(dbp); - return(1); + goto ret1; } key.data =3D yp_last; @@ -444,13 +455,17 @@ with the same name - continuing"); yp_error("failed to update timestamp in %s/%s", dom= ain, maps[i]); (void)(dbp->close)(dbp); - return(1); + goto ret1; } (void)(dbp->close)(dbp); } - return(0); + free(pwbuf); + return (0); +ret1: + free(pwbuf); + return (1); } int * Modified: stable/12/usr.sbin/rpc.ypupdated/yp_dbupdate.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/usr.sbin/rpc.ypupdated/yp_dbupdate.c Mon Sep 2 08:03:29= 2019 (r351690) +++ stable/12/usr.sbin/rpc.ypupdated/yp_dbupdate.c Mon Sep 2 08:20:02= 2019 (r351691) @@ -81,7 +81,7 @@ ypmap_update(char *netname, char *map, unsigned int op DB *dbp; DBT key =3D { NULL, 0 }, data =3D { NULL, 0 }; char *yp_last =3D "YP_LAST_MODIFIED"; - char yplastbuf[YPMAXRECORD]; + char yplastbuf[32]; char *domptr; int rval =3D 0; Modified: stable/12/usr.sbin/ypldap/yp.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/usr.sbin/ypldap/yp.c Mon Sep 2 08:03:29 2019 (r3= 51690) +++ stable/12/usr.sbin/ypldap/yp.c Mon Sep 2 08:20:02 2019 (r3= 51691) @@ -323,7 +323,7 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req static struct ypresp_val res; const char *estr; char *bp, *cp; - char key[YPMAXRECORD+1]; + char *key; log_debug("matching '%.*s' in map %s", arg->key.keydat_len, arg->key.keydat_val, arg->map); @@ -342,7 +342,9 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req log_debug("argument too long"); return (NULL); } - memset(key, 0, sizeof(key)); + key =3D calloc(arg->key.keydat_len + 1, 1); + if (key =3D=3D NULL) + return (NULL); (void)strncpy(key, arg->key.keydat_val, arg->key.keydat_len); if (strcmp(arg->map, "passwd.byname") =3D=3D 0 || @@ -351,23 +353,23 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *re= q if ((ue =3D RB_FIND(user_name_tree, env->sc_user_names, &ukey)) =3D=3D NULL) { res.stat =3D YP_NOKEY; - return (&res); + goto out; } yp_make_val(&res, ue->ue_line, 1); - return (&res); + goto out; } else if (strcmp(arg->map, "passwd.byuid") =3D=3D 0 || strcmp(arg->map, "master.passwd.byuid") =3D=3D 0) { ukey.ue_uid =3D strtonum(key, 0, UID_MAX, &estr); if (estr) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } if ((ue =3D RB_FIND(user_uid_tree, &env->sc_user_uids, &ukey)) =3D=3D NULL) { res.stat =3D YP_NOKEY; - return (&res); + goto out; } yp_make_val(&res, ue->ue_line, 1); @@ -376,12 +378,12 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *re= q gkey.ge_gid =3D strtonum(key, 0, GID_MAX, &estr); if (estr) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } if ((ge =3D RB_FIND(group_gid_tree, &env->sc_group_gids, &gkey)) =3D=3D NULL) { res.stat =3D YP_NOKEY; - return (&res); + goto out; } yp_make_val(&res, ge->ge_line, 1); @@ -391,7 +393,7 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req if ((ge =3D RB_FIND(group_name_tree, env->sc_group_names, &gkey)) =3D=3D NULL) { res.stat =3D YP_NOKEY; - return (&res); + goto out; } yp_make_val(&res, ge->ge_line, 1); @@ -401,46 +403,49 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *re= q if (strncmp(bp, "unix.", strlen("unix.")) !=3D 0) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } bp +=3D strlen("unix."); if (*bp =3D=3D '\0') { res.stat =3D YP_BADARGS; - return (&res); + goto out; } if (!(cp =3D strsep(&bp, "@"))) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } if (strcmp(bp, arg->domain) !=3D 0) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } ukey.ue_uid =3D strtonum(cp, 0, UID_MAX, &estr); if (estr) { res.stat =3D YP_BADARGS; - return (&res); + goto out; } if ((ue =3D RB_FIND(user_uid_tree, &env->sc_user_uids, &ukey)) =3D=3D NULL) { res.stat =3D YP_NOKEY; - return (&res); + goto out; } yp_make_val(&res, ue->ue_netid_line, 0); - return (&res); + goto out; } else { log_debug("unknown map %s", arg->map); res.stat =3D YP_NOMAP; - return (&res); + goto out; } +out: + free(key); + return (&res); } ypresp_key_val * @@ -479,14 +484,19 @@ ypproc_next_2_svc(ypreq_key *arg, struct svc_req *req= ) struct groupent *ge; char *line; static struct ypresp_key_val res; - char key[YPMAXRECORD+1]; + char *key; if (yp_valid_domain(arg->domain, (struct ypresp_val *)&res) =3D=3D = -1) return (&res); + key =3D NULL; if (strcmp(arg->map, "passwd.byname") =3D=3D 0 || strcmp(arg->map, "master.passwd.byname") =3D=3D 0) { - memset(key, 0, sizeof(key)); + key =3D calloc(arg->key.keydat_len + 1, 1); + if (key =3D=3D NULL) { + res.stat =3D YP_YPERR; + return (&res); + } (void)strncpy(key, arg->key.keydat_val, arg->key.keydat_len); ukey.ue_line =3D key; @@ -506,6 +516,7 @@ ypproc_next_2_svc(ypreq_key *arg, struct svc_req *req) RB_REMOVE(user_name_tree, env->sc_user_name= s, &ukey); res.stat =3D YP_NOKEY; + free(key); return (&res); } RB_REMOVE(user_name_tree, env->sc_user_names, &ukey= ); @@ -513,11 +524,16 @@ ypproc_next_2_svc(ypreq_key *arg, struct svc_req *req= ) line =3D ue->ue_line + (strlen(ue->ue_line) + 1); line =3D line + (strlen(line) + 1); yp_make_keyval(&res, line, line); + free(key); return (&res); } else if (strcmp(arg->map, "group.byname") =3D=3D 0) { - memset(key, 0, sizeof(key)); + key =3D calloc(arg->key.keydat_len + 1, 1); + if (key =3D=3D NULL) { + res.stat =3D YP_YPERR; + return (&res); + } (void)strncpy(key, arg->key.keydat_val, arg->key.keydat_len); @@ -533,6 +549,7 @@ ypproc_next_2_svc(ypreq_key *arg, struct svc_req *req) RB_REMOVE(group_name_tree, env->sc_group_na= mes, &gkey); res.stat =3D YP_NOKEY; + free(key); return (&res); } RB_REMOVE(group_name_tree, env->sc_group_names, &gk= ey); @@ -541,6 +558,7 @@ ypproc_next_2_svc(ypreq_key *arg, struct svc_req *req) line =3D ge->ge_line + (strlen(ge->ge_line) + 1); line =3D line + (strlen(line) + 1); yp_make_keyval(&res, line, line); + free(key); return (&res); } else { log_debug("unknown map %s", arg->map); Modified: stable/12/usr.sbin/yppush/yppush_main.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/usr.sbin/yppush/yppush_main.c Mon Sep 2 08:03:29 2019 = (r351690) +++ stable/12/usr.sbin/yppush/yppush_main.c Mon Sep 2 08:20:02 2019 = (r351691) @@ -438,15 +438,26 @@ static int yppush_foreach(int status, char *key, int keylen, char *val, int vallen, char *data) { - char server[YPMAXRECORD + 2]; + char *server; if (status !=3D YP_TRUE) return (status); - snprintf(server, sizeof(server), "%.*s", vallen, val); - if (skip_master && strcasecmp(server, yppush_master) =3D=3D 0) + asprintf(&server, "%.*s", vallen, val); + + /* + * Do not stop the iteration on the allocation failure. We + * cannot usefully react on low memory condition anyway, and + * the failure is more likely due to insane val. + */ + if (server =3D=3D NULL) return (0); + if (skip_master && strcasecmp(server, yppush_master) =3D=3D 0) { + free(server); + return (0); + } + /* * Restrict the number of concurrent jobs: if yppush_jobs number * of jobs have already been dispatched and are still pending, @@ -456,12 +467,15 @@ yppush_foreach(int status, char *key, int keylen, cha= r ; /* Cleared for takeoff: set everything in motion. */ - if (yp_push(server, yppush_mapname, yppush_transid)) + if (yp_push(server, yppush_mapname, yppush_transid)) { + free(server); return(yp_errno); + } /* Bump the job counter and transaction ID. */ yppush_running_jobs++; yppush_transid++; + free(server); return (0); } Modified: stable/12/usr.sbin/ypserv/yp_server.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- stable/12/usr.sbin/ypserv/yp_server.c Mon Sep 2 08:03:29 2019 = (r351690) +++ stable/12/usr.sbin/ypserv/yp_server.c Mon Sep 2 08:20:02 2019 = (r351691) @@ -173,8 +173,9 @@ ypproc_match_2_svc(ypreq_key *argp, struct svc_req *rq if (do_dns && result.stat !=3D YP_TRUE && (strstr(argp->map, "hosts") || strstr(argp->map, "ipnodes"))) { #endif - char nbuf[YPMAXRECORD]; + char *nbuf; + nbuf =3D alloca(argp->key.keydat_len + 1); /* NUL terminate! NUL terminate!! NUL TERMINATE!!! */ bcopy(argp->key.keydat_val, nbuf, argp->key.keydat_len); nbuf[argp->key.keydat_len] =3D '\0';
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YT1PR01MB290708C5DF9554498B8E6C66DDB90>