Re: [Pkg-shadow-devel] Bug#483645: Bug with UID=4294967296 on Alpha-Arch. (lenny/sid)

To: 483645@bugs.debian.org
Cc: oliver.morais@akhwien.at, glibc@packages.debian.org
Subject: Re: [Pkg-shadow-devel] Bug#483645: Bug with UID=4294967296 on Alpha-Arch. (lenny/sid)
From: xrgtn <xrgtn@yandex.ru>
Date: Mon, 02 Jun 2008 11:58:26 +0400
Message-id: <[🔎] 326301212393506@webmail49.yandex.ru>
In-reply-to: 9090000000070956749
References: <B49165D54A7A664BA4A2F122E2E7F4E4DF6552@C01XMS01E1.routine.akhwien.at> <24501212158587@webmail24.yandex.ru> 9090000000070956749

Hello, Nicolas,

31.05.08, 17:55, "Nicolas François" <nicolas.francois@centraliens.net>:
> reassign 483645 glibc
>
> On Fri, May 30, 2008 at 06:43:07PM +0400, xrgtn@yandex.ru wrote:
> > 30.05.08, 13:28, "Nicolas François" <nicolas.francois@centraliens.net>:
> > > On Fri, May 30, 2008 at 09:10:29AM +0200, oliver.morais@akhwien.at wrote:
> > > > Creating an user-account and changing the UID via vipw to "4294967296"
> > > > (Which is 2^32) results in an overflow and the user gets the UID=0,
> > > > an UID of "4294967297" leads to an UID=1 and so on.
> > 
> > Maybe this is a platform limit (passwd.pw_uid is of uid_t type).
> > For example, on 64-bit HP Tru64 I see the next:
>
> It looks like a glibc bug to me.

I don't know all the details that you refer to,
just wanted to add another 2c: I've checked
sizeof(uid_t) on SPARC Solaris 9 (SunOS 5.9
Generic_122300-05 sun4u sparc SUNW,Sun-Fire)
and HP-UX 11 (B.11.11 U 9000/800).

On both of these (64bit) systems size of the uid_t
is 4 (32 bit), same as on Tru64 UNIX. I think that
uid_t size is 4 on almost every UNIX platform
(this can be checked for at build time using
autoconf).

> At least, INT_FIELD should check for ERANGE after calling strtoul
> (in nss/nss_files/files-parse.c)
> On i386, all UIDs >= 4294967296 are silently converted to 4294967295.
> (when IMHO, an error should be returned by getpwnam)
> Also, the glibc should check if the UID returned by strtoul fits in the
> range of allowed UIDs.

I can't comment on glibc behaviour, but
regarding the vipw/pwck/grpck, it could check
that uid/gid are within the valid range.

E.g. useradd/groupadd do check uid/gid against
ranges (actually, whether it is a valid number
or not at first):

root@xrgtn-w4000:~# groupadd -g 4294967296 g32
groupadd: invalid numeric argument '4294967296'
root@xrgtn-w4000:~# useradd  -u 4294967296 u32
useradd: invalid numeric argument '4294967296'

But if I add uid 4294967296 manually (
root@xrgtn-w4000:~# echo 'u32:x:4294967296:100::/root:/bin/bash' >> /etc/passwd
root@xrgtn-w4000:~# echo 'u32::14000:0:99999:7:::' >> /etc/shadow
), pwck does not complain. ;)

After this, I can "su" to the 4294967296 user,
but it looks like glibc cuts his uid to smth.
like UID_MAX (this is for _i386_):

root@xrgtn-w4000:~# su - u32
u32@xrgtn-w4000:~$ id
uid=4294967295(u32) gid=100(users) groups=100(users)

I think that Debian/GNU on Alpha must exhibit the same
behaviour.

-- 
With best regards,
xrgtn (+380501102966/ICQ:381730053/xrgtn@jabber.kiev.ua)

Reply to:

Prev by Date: Bug#483917: [INTL:it] debconf translation for Italian
Next by Date: Possible problems in your Debian packages
Previous by thread: Bug#484048: Acknowledgement (gettimeofday() crashes if given a timezone on amd64)
Next by thread: Possible problems in your Debian packages
Index(es):
- Date
- Thread