Hi! The following post was send to the shadow maintainer/and SuSE support last week. No response from SuSE yet - perhaps someone here is interested and may psuh things a little :-) Bug was confirmed by maintainer and already made it into CVS version. (More: ftp://ftp.pld.org.pl/software/shadow/README) Ciao, Marcel --------------------- Hi there! I tried to add an awful lot of users to one group today using "useradd" from the shadow package. After some odd error messages I had a look at my /etc/group and the line containing my group/users was trashed. After some testing I had a look at the sources and tried the latest shadow release 20001016 - same problem. So I did some debugging and found the source of the problems. Due to a big buffer size in lib/commonio.c this error does only appear if a line gets longer than 4096 bytes - so I guess there are very few people stumbling across this. Anyway I fixed it - patches are included (the second one is only needed to make it compile on my system). I tried my code with a buffer size of only 32 bytes and it worked - so I guess 4096 should be fine too :-) Hope there'll be a correct version soon. I also had a look at the CVS version of the shadow utils - but the concerned files are unchanged since 20001016. Test script: #!/bin/sh typeset -i NUM NUM=0 groupadd demogroup while [ $NUM -le 1000 ]; do useradd -g demogroup -G demogroup -p "NONE" user$NUM NUM=$NUM+1 done # don't forget to have a look at /etc/group if you ran it Ciao, Marcel Ritter -- Linux-Betreuer Regionales Rechenzentrum Erlangen diff -Nur shadow-20001016.orig/lib/commonio.c shadow-20001016/lib/commonio.c --- shadow-20001016.orig/lib/commonio.c Sat Sep 2 20:40:42 2000 +++ shadow-20001016/lib/commonio.c Thu Sep 6 21:36:56 2001 @@ -470,12 +470,15 @@ while (db->ops->fgets(buf, buflen, db->fp)) { while (!(cp = strrchr(buf, '\n')) && !feof(db->fp)) { + int len; + buflen += BUFLEN; cp = (char *) realloc(buf, buflen); if (!cp) goto cleanup_buf; buf = cp; - db->ops->fgets(buf + buflen - BUFLEN, BUFLEN, db->fp); + len = strlen(buf); + db->ops->fgets(buf + len, buflen - len, db->fp); } if ((cp = strrchr(buf, '\n'))) *cp = '\0'; diff -Nur shadow-20001016.orig/src/useradd.c shadow-20001016/src/useradd.c --- shadow-20001016.orig/src/useradd.c Mon Oct 9 22:03:12 2000 +++ shadow-20001016/src/useradd.c Thu Sep 6 21:40:35 2001 @@ -1765,7 +1765,7 @@ * to that group, use useradd -g username username. * --bero */ - if (! (nflg || gflg)) { + if (! gflg) { if (getgrnam(user_name)) { fprintf(stderr, _("%s: group %s exists - if you want to add this user to that group, use -g.\n"), Prog, user_name); exit(E_NAME_IN_USE);
Hi!
The following post was send to the shadow maintainer/and SuSE support last week. No response from SuSE yet - perhaps someone here is interested and may psuh things a little :-)
Bug was confirmed by maintainer and already made it into CVS version. (More: ftp://ftp.pld.org.pl/software/shadow/README)
Ciao, Marcel
It really depends on where you sent it. feedback@suse.de is being read, but shows a huge backlog sometimes. It's in the nature of feedback email addresses that they are overcrowded with email. There are specific aspects of bugs that require an extremely fast response. Security is one of them. Since this bug is not security-related, it does not belong to suse-security@suse.de (this list) or security@suse.de. We are looking into this now. It could very well happen that more than 4096 bytes in a grouo line entry is beyond the standard (for example, 1024 is the limit for NIS!). You'd have to think about something else in this case. In the case that this is a bug (!), it will be fixed in a future distribution, if time permits. Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
participants (2)
-
Marcel Ritter -
Roman Drahtmueller