On Tue, 5 Dec 2017 19:17:42 +0100 Aurelien Jarno <aurelien@aurel32.net>
wrote:
> It's not something I can reproduce here, but getpwnam_r can behave very
> differently depending on the nss configuration your system. A small
> reproducer and the content of /etc/nsswitch.conf would definitely help.
>
> That said libc6 version 2.25-3 included security fixes and memory leak
> fixes for the glob function. Can you confirm the version you used, and
> if it's really 2.25-3 try with version 2.25-2 which is still in testing.
Here we have a reproducer (assuming the there is no user 'O' on system).
#include <sys/types.h>
#include <pwd.h>
int main(void)
{
struct passwd *p;
char tmp[1024];
struct passwd pw;
getpwnam_r("O", &pw, tmp, sizeof(tmp), &p);
return 0;
}
Build/compile/reproduce:
gcc -g x.c -o x
valgrind --leak-check=full ./x
Here is a reproducer using glob():
#include <stdio.h>
#include <glob.h>
int main(void)
{
glob_t pglob;
if (glob("~O", GLOB_TILDE, NULL, &pglob) == 0) {
globfree(&pglob);
}
return 0;
}
Build/compile/reproduce:
gcc -g x.c -o x
valgrind --leak-check=full ./x
Regards, Tim
Attachment:
signature.asc
Description: OpenPGP digital signature