Hello community, here is the log from the commit of package nss_ldap for openSUSE:Factory checked in at 2011-10-28 19:38:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nss_ldap (Old) and /work/SRC/openSUSE:Factory/.nss_ldap.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "nss_ldap", Maintainer is "rhafer@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/nss_ldap/nss_ldap.changes 2011-09-23 02:14:49.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nss_ldap.new/nss_ldap.changes 2011-10-28 19:59:32.000000000 +0200 @@ -1,0 +2,6 @@ +Fri Oct 28 10:19:49 UTC 2011 - rhafer@suse.de + +- Entries with invalid (or too large) uidNumber/gidNumber attributes + could crash nss_ldap (bnc#726393) + +------------------------------------------------------------------- New: ---- nss_ldap-getent-skip-invalid-uidgidnumber.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nss_ldap.spec ++++++ --- /var/tmp/diff_new_pack.Z5SO5G/_old 2011-10-28 19:59:55.000000000 +0200 +++ /var/tmp/diff_new_pack.Z5SO5G/_new 2011-10-28 19:59:55.000000000 +0200 @@ -40,6 +40,7 @@ Patch1: group-utf8.dif Patch2: nss_ldap-ldapconn-leak-bug418.dif Patch3: nss_ldap-getent-retry.dif +Patch4: nss_ldap-getent-skip-invalid-uidgidnumber.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -60,6 +61,7 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 cp -v %{S:1} . %build ++++++ nss_ldap-getent-skip-invalid-uidgidnumber.dif ++++++ Index: nss_ldap-265/ldap-pwd.c =================================================================== --- nss_ldap-265.orig/ldap-pwd.c +++ nss_ldap-265/ldap-pwd.c @@ -121,7 +121,17 @@ _nss_ldap_parse_pw (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (uidNumber), &uid, &tmp, &tmplen); if (stat != NSS_SUCCESS) - return stat; + { + /* + * uidNumber is to large to fit into the fixed size tmpbuf buffer, + * handle this as if it was a Schema violation to skip this entry, + * such large ids aren't valid + */ + if ( stat == NSS_TRYAGAIN ) + stat = NSS_NOTFOUND; + return stat; + } + if (*uid == '\0') pw->pw_uid = UID_NOBODY; else @@ -138,7 +148,16 @@ _nss_ldap_parse_pw (LDAPMessage * e, _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, gidNumber), &gid, &tmp, &tmplen); if (stat != NSS_SUCCESS) - return stat; + { + /* + * gidNumber is to large to fit into the fixed size tmpbuf buffer, + * handle this as if it was a Schema violation to skip this entry, + * such large ids aren't valid + */ + if ( stat == NSS_TRYAGAIN ) + stat = NSS_NOTFOUND; + return stat; + } if (*gid == '\0') pw->pw_gid = GID_NOBODY; else -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org