Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 May 2013 00:52:08 +0000 (UTC)
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org
Subject:   svn commit: r250689 - stable/9/usr.sbin/gssd
Message-ID:  <201305160052.r4G0q8EW083220@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: rmacklem
Date: Thu May 16 00:52:08 2013
New Revision: 250689
URL: http://svnweb.freebsd.org/changeset/base/250689

Log:
  MFC: r250176
  Fix the getpwuid_r() call in the gssd daemon so that it handles
  the ERANGE error return case. Without this fix, authentication
  of users for certain system setups could fail unexpectedly.

Modified:
  stable/9/usr.sbin/gssd/gssd.c
Directory Properties:
  stable/9/usr.sbin/gssd/   (props changed)

Modified: stable/9/usr.sbin/gssd/gssd.c
==============================================================================
--- stable/9/usr.sbin/gssd/gssd.c	Thu May 16 00:18:25 2013	(r250688)
+++ stable/9/usr.sbin/gssd/gssd.c	Thu May 16 00:52:08 2013	(r250689)
@@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$");
 #include <ctype.h>
 #include <dirent.h>
 #include <err.h>
+#include <errno.h>
 #ifndef WITHOUT_KERBEROS
 #include <krb5.h>
 #endif
@@ -557,8 +558,11 @@ gssd_pname_to_uid_1_svc(pname_to_uid_arg
 {
 	gss_name_t name = gssd_find_resource(argp->pname);
 	uid_t uid;
-	char buf[128];
+	char buf[1024], *bufp;
 	struct passwd pwd, *pw;
+	size_t buflen;
+	int error;
+	static size_t buflen_hint = 1024;
 
 	memset(result, 0, sizeof(*result));
 	if (name) {
@@ -567,7 +571,24 @@ gssd_pname_to_uid_1_svc(pname_to_uid_arg
 			    name, argp->mech, &uid);
 		if (result->major_status == GSS_S_COMPLETE) {
 			result->uid = uid;
-			getpwuid_r(uid, &pwd, buf, sizeof(buf), &pw);
+			buflen = buflen_hint;
+			for (;;) {
+				pw = NULL;
+				bufp = buf;
+				if (buflen > sizeof(buf))
+					bufp = malloc(buflen);
+				if (bufp == NULL)
+					break;
+				error = getpwuid_r(uid, &pwd, bufp, buflen,
+				    &pw);
+				if (error != ERANGE)
+					break;
+				if (buflen > sizeof(buf))
+					free(bufp);
+				buflen += 1024;
+				if (buflen > buflen_hint)
+					buflen_hint = buflen;
+			}
 			if (pw) {
 				int len = NGRPS;
 				int groups[NGRPS];
@@ -584,6 +605,8 @@ gssd_pname_to_uid_1_svc(pname_to_uid_arg
 				result->gidlist.gidlist_len = 0;
 				result->gidlist.gidlist_val = NULL;
 			}
+			if (bufp != NULL && buflen > sizeof(buf))
+				free(bufp);
 		}
 	} else {
 		result->major_status = GSS_S_BAD_NAME;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201305160052.r4G0q8EW083220>