On Wed, 2012-09-19 at 21:12 +0200, Philipp Kern wrote: > Hence you can go ahead and prepare a debdiff for the final ACK. Thanks. Attached is the debdiff from 0.7.15+squeeze1 to 0.7.15+squeeze2. > Thanks and sorry for the long waiting period No problem. Thanks for reviewing. -- -- arthur - adejong@debian.org - http://people.debian.org/~adejong --
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/AUTHORS nss-pam-ldapd-0.7.15+squeeze2/AUTHORS
--- nss-pam-ldapd-0.7.15+squeeze1/AUTHORS 2012-01-15 09:27:35.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/AUTHORS 2012-09-20 20:36:13.000000000 +0200
@@ -79,3 +79,4 @@
Jan Schampera <jan.schampera@web.de>
Nalin Dahyabhai <nalin@redhat.com>
Daniel Dehennin <daniel.dehennin@baby-gnu.org>
+Jakub Hrozek <jhrozek@redhat.com>
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/config.h.in nss-pam-ldapd-0.7.15+squeeze2/config.h.in
--- nss-pam-ldapd-0.7.15+squeeze1/config.h.in 2012-01-20 11:25:50.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/config.h.in 2012-09-20 20:38:39.000000000 +0200
@@ -318,6 +318,12 @@
/* Define to 1 if you have the `strtol' function. */
#undef HAVE_STRTOL
+/* Define to 1 if you have the `strtoul' function. */
+#undef HAVE_STRTOUL
+
+/* Define to 1 if you have the `strtoull' function. */
+#undef HAVE_STRTOULL
+
/* Define to 1 if the system has the type `struct aliasent'. */
#undef HAVE_STRUCT_ALIASENT
@@ -427,6 +433,21 @@
your system. */
#undef PTHREAD_CREATE_JOINABLE
+/* The size of `gid_t', as computed by sizeof. */
+#undef SIZEOF_GID_T
+
+/* The size of `uid_t', as computed by sizeof. */
+#undef SIZEOF_UID_T
+
+/* The size of `unsigned int', as computed by sizeof. */
+#undef SIZEOF_UNSIGNED_INT
+
+/* The size of `unsigned long int', as computed by sizeof. */
+#undef SIZEOF_UNSIGNED_LONG_INT
+
+/* The size of `unsigned long long int', as computed by sizeof. */
+#undef SIZEOF_UNSIGNED_LONG_LONG_INT
+
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/configure nss-pam-ldapd-0.7.15+squeeze2/configure
--- nss-pam-ldapd-0.7.15+squeeze1/configure 2012-01-20 11:25:56.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/configure 2012-09-20 20:38:13.000000000 +0200
@@ -2041,6 +2041,184 @@
eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
} # ac_fn_c_find_uintX_t
+
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if test "$cross_compiling" = yes; then
+ # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_lo=0 ac_mid=0
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=$ac_mid; break
+else
+ as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+ if test $ac_lo -le $ac_mid; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=-1 ac_mid=-1
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_lo=$ac_mid; break
+else
+ as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+ if test $ac_mid -le $ac_hi; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+ as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=$ac_mid
+else
+ as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+ else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+ FILE *f = fopen ("conftest.val", "w");
+ if (! f)
+ return 1;
+ if (($2) < 0)
+ {
+ long int i = longval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%ld", i);
+ }
+ else
+ {
+ unsigned long int i = ulongval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%lu", i);
+ }
+ /* Do not output a trailing newline, as this causes \r\n confusion
+ on some platforms. */
+ return ferror (f) || fclose (f) != 0;
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+ echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else
+ ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+ fi
+ eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_compute_int
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
@@ -5272,7 +5450,7 @@
fi
-for ac_func in strcasecmp strncasecmp strchr strcspn strspn strtol
+for ac_func in strcasecmp strncasecmp strchr strcspn strspn strtol strtoul strtoull
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -5636,6 +5814,171 @@
;;
esac
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned int" >&5
+$as_echo_n "checking size of unsigned int... " >&6; }
+if test "${ac_cv_sizeof_unsigned_int+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned int))" "ac_cv_sizeof_unsigned_int" "$ac_includes_default"; then :
+
+else
+ if test "$ac_cv_type_unsigned_int" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (unsigned int)
+See \`config.log' for more details" "$LINENO" 5 ; }
+ else
+ ac_cv_sizeof_unsigned_int=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_int" >&5
+$as_echo "$ac_cv_sizeof_unsigned_int" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UNSIGNED_INT $ac_cv_sizeof_unsigned_int
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long int" >&5
+$as_echo_n "checking size of unsigned long int... " >&6; }
+if test "${ac_cv_sizeof_unsigned_long_int+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long int))" "ac_cv_sizeof_unsigned_long_int" "$ac_includes_default"; then :
+
+else
+ if test "$ac_cv_type_unsigned_long_int" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (unsigned long int)
+See \`config.log' for more details" "$LINENO" 5 ; }
+ else
+ ac_cv_sizeof_unsigned_long_int=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long_int" >&5
+$as_echo "$ac_cv_sizeof_unsigned_long_int" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UNSIGNED_LONG_INT $ac_cv_sizeof_unsigned_long_int
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long long int" >&5
+$as_echo_n "checking size of unsigned long long int... " >&6; }
+if test "${ac_cv_sizeof_unsigned_long_long_int+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long long int))" "ac_cv_sizeof_unsigned_long_long_int" "$ac_includes_default"; then :
+
+else
+ if test "$ac_cv_type_unsigned_long_long_int" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (unsigned long long int)
+See \`config.log' for more details" "$LINENO" 5 ; }
+ else
+ ac_cv_sizeof_unsigned_long_long_int=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long_long_int" >&5
+$as_echo "$ac_cv_sizeof_unsigned_long_long_int" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UNSIGNED_LONG_LONG_INT $ac_cv_sizeof_unsigned_long_long_int
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of uid_t" >&5
+$as_echo_n "checking size of uid_t... " >&6; }
+if test "${ac_cv_sizeof_uid_t+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (uid_t))" "ac_cv_sizeof_uid_t" "$ac_includes_default"; then :
+
+else
+ if test "$ac_cv_type_uid_t" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (uid_t)
+See \`config.log' for more details" "$LINENO" 5 ; }
+ else
+ ac_cv_sizeof_uid_t=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_uid_t" >&5
+$as_echo "$ac_cv_sizeof_uid_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_UID_T $ac_cv_sizeof_uid_t
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of gid_t" >&5
+$as_echo_n "checking size of gid_t... " >&6; }
+if test "${ac_cv_sizeof_gid_t+set}" = set; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (gid_t))" "ac_cv_sizeof_gid_t" "$ac_includes_default"; then :
+
+else
+ if test "$ac_cv_type_gid_t" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (gid_t)
+See \`config.log' for more details" "$LINENO" 5 ; }
+ else
+ ac_cv_sizeof_gid_t=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_gid_t" >&5
+$as_echo "$ac_cv_sizeof_gid_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_GID_T $ac_cv_sizeof_gid_t
+_ACEOF
+
+
# check for support for the __thread keyword
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports '__thread'" >&5
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/configure.ac nss-pam-ldapd-0.7.15+squeeze2/configure.ac
--- nss-pam-ldapd-0.7.15+squeeze1/configure.ac 2012-01-15 09:27:35.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/configure.ac 2012-09-20 20:36:13.000000000 +0200
@@ -222,7 +222,7 @@
AC_CHECK_FUNCS([sigaction snprintf])
AC_CHECK_FUNCS(gethostbyname)
AC_SEARCH_LIBS(socket,socket)
-AC_CHECK_FUNCS([strcasecmp strncasecmp strchr strcspn strspn strtol])
+AC_CHECK_FUNCS([strcasecmp strncasecmp strchr strcspn strspn strtol strtoul strtoull])
AC_CHECK_FUNCS([malloc realloc])
AC_FUNC_FORK
@@ -235,6 +235,11 @@
AC_TYPE_UINT8_T
AC_TYPE_UINT16_T
AC_TYPE_UINT32_T
+AC_CHECK_SIZEOF(unsigned int)
+AC_CHECK_SIZEOF(unsigned long int)
+AC_CHECK_SIZEOF(unsigned long long int)
+AC_CHECK_SIZEOF(uid_t)
+AC_CHECK_SIZEOF(gid_t)
# check for support for the __thread keyword
AC_CACHE_CHECK([whether $CC supports '__thread'], [mn_cv_c___thread_supported],
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/debian/changelog nss-pam-ldapd-0.7.15+squeeze2/debian/changelog
--- nss-pam-ldapd-0.7.15+squeeze1/debian/changelog 2012-01-20 15:35:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/debian/changelog 2012-09-20 20:38:08.000000000 +0200
@@ -1,3 +1,16 @@
+nss-pam-ldapd (0.7.15+squeeze2) stable; urgency=low
+
+ * support larger gecos values (closes: #640781) (backported from 0.7.17)
+ * fix two possible NULL pointer dereferences (backported from 0.7.17)
+ * increase buffer used for pam_authz_search as suggested by Chris J Arges
+ (backported from 0.7.16)
+ * fix logging of invalid pam_authz_search value (LP: #951343) (backported
+ from 0.7.16)
+ * implement proper range checking of numeric values returned from LDAP
+ (thanks Jakub Hrozek) (backported from 0.7.16)
+
+ -- Arthur de Jong <adejong@debian.org> Thu, 20 Sep 2012 20:00:00 +0200
+
nss-pam-ldapd (0.7.15+squeeze1) stable; urgency=low
* fix an issue where changes in /etc/nsswitch.conf were not correctly
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/cfg.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/cfg.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/cfg.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/cfg.c 2012-09-20 20:36:13.000000000 +0200
@@ -442,8 +442,9 @@
char *tmp;
check_argumentcount(filename,lnr,keyword,get_token(line,token,sizeof(token))!=NULL);
/* check if it is a valid numerical uid */
- *var=(uid_t)strtol(token,&tmp,0);
- if ((*token!='\0')&&(*tmp=='\0'))
+ errno=0;
+ *var=strtouid(token,&tmp,0);
+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
return;
/* find by name */
pwent=getpwnam(token);
@@ -467,8 +468,9 @@
char *tmp;
check_argumentcount(filename,lnr,keyword,get_token(line,token,sizeof(token))!=NULL);
/* check if it is a valid numerical gid */
- *var=(gid_t)strtol(token,&tmp,0);
- if ((*token!='\0')&&(*tmp=='\0'))
+ errno=0;
+ *var=strtogid(token,&tmp,0);
+ if ((*token!='\0')&&(*tmp=='\0')&&(errno==0))
return;
/* find by name */
grent=getgrnam(token);
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/common.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/common.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/common.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/common.c 2012-09-20 20:36:13.000000000 +0200
@@ -3,7 +3,7 @@
This file is part of the nss-pam-ldapd library.
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2011 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -176,3 +176,20 @@
/* we're done */
return 0;
}
+
+#ifdef WANT_STRTOUI
+/* provide a strtoui() implementation, similar to strtoul() but returning
+ an range-checked unsigned int instead */
+unsigned int strtoui(const char *nptr,char **endptr,int base)
+{
+ unsigned long val;
+ val=strtoul(nptr,endptr,base);
+ if (val>UINT_MAX)
+ {
+ errno=ERANGE;
+ return UINT_MAX;
+ }
+ /* If errno was set by strtoull, we'll pass it back as-is */
+ return (unsigned int)val;
+}
+#endif /* WANT_STRTOUI */
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/common.h nss-pam-ldapd-0.7.15+squeeze2/nslcd/common.h
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/common.h 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/common.h 2012-09-20 20:36:13.000000000 +0200
@@ -3,7 +3,7 @@
This file is part of the nss-pam-ldapd library.
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2008, 2009, 2010 Arthur de Jong
+ Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -94,6 +94,37 @@
/* transforms the uid into a DN by doing an LDAP lookup */
MUST_USE char *uid2dn(MYLDAP_SESSION *session,const char *uid,char *buf,size_t buflen);
+/* provide strtouid() function alias */
+#if SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_INT
+#define strtouid (uid_t)strtoul
+#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_LONG_LONG_INT
+#define strtouid (uid_t)strtoull
+#elif SIZEOF_UID_T == SIZEOF_UNSIGNED_INT
+#define WANT_STRTOUI 1
+#define strtouid (uid_t)strtoui
+#else
+#error unable to find implementation for strtouid()
+#endif
+
+/* provide strtouid() function alias */
+#if SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_INT
+#define strtogid (gid_t)strtoul
+#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_LONG_LONG_INT
+#define strtogid (gid_t)strtoull
+#elif SIZEOF_GID_T == SIZEOF_UNSIGNED_INT
+#ifndef WANT_STRTOUI
+#define WANT_STRTOUI 1
+#endif
+#define strtogid (uid_t)strtoui
+#else
+#error unable to find implementation for strtogid()
+#endif
+
+#ifdef WANT_STRTOUI
+/* provide a strtoui() if it is needed */
+unsigned int strtoui(const char *nptr,char **endptr,int base);
+#endif /* WANT_STRTOUI */
+
/* these are the functions for initialising the database specific
modules */
void alias_init(void);
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/group.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/group.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/group.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/group.c 2012-09-20 20:36:13.000000000 +0200
@@ -251,13 +251,20 @@
}
for (numgids=0;(gidvalues[numgids]!=NULL)&&(numgids<MAXGIDS_PER_ENTRY);numgids++)
{
- gids[numgids]=(gid_t)strtol(gidvalues[numgids],&tmp,0);
+ errno=0;
+ gids[numgids]=strtogid(gidvalues[numgids],&tmp,0);
if ((*(gidvalues[numgids])=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"group entry %s contains non-numeric %s value",
myldap_get_dn(entry),attmap_group_gidNumber);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"group entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_group_gidNumber);
+ return 0;
+ }
}
}
/* get group passwd (userPassword) (use only first entry) */
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/netgroup.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/netgroup.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/netgroup.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/netgroup.c 2012-09-08 15:09:12.000000000 +0200
@@ -209,6 +209,12 @@
const char **members;
/* get the netgroup name */
names=myldap_get_values(entry,attmap_netgroup_cn);
+ if ((names==NULL)||(names[0]==NULL))
+ {
+ log_log(LOG_WARNING,"%s: %s: missing",
+ myldap_get_dn(entry),attmap_netgroup_cn);
+ return 0;
+ }
for (i=0;(names[i]!=NULL)&&(strcmp(reqname,names[i])!=0);i++)
/* nothing here */ ;
if (names[i]==NULL)
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/network.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/network.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/network.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/network.c 2012-09-08 15:05:31.000000000 +0200
@@ -65,7 +65,7 @@
static int mkfilter_network_byname(const char *name,
char *buffer,size_t buflen)
{
- char safename[1024];
+ char safename[300];
/* escape attribute */
if (myldap_escape(name,safename,sizeof(safename)))
return -1;
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/pam.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/pam.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/pam.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/pam.c 2012-09-20 20:36:13.000000000 +0200
@@ -2,7 +2,7 @@
pam.c - pam processing routines
Copyright (C) 2009 Howard Chu
- Copyright (C) 2009, 2010 Arthur de Jong
+ Copyright (C) 2009, 2010, 2012 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -107,8 +107,11 @@
/* get the username from the uid attribute */
values=myldap_get_values(entry,attmap_passwd_uid);
if ((values==NULL)||(values[0]==NULL))
+ {
log_log(LOG_WARNING,"\"%s\": DN %s is missing a %s attribute",
username,userdn,attmap_passwd_uid);
+ return -1;
+ }
value=values[0];
}
/* check the username */
@@ -230,7 +233,7 @@
static int try_autzsearch(MYLDAP_SESSION *session,DICT *dict,const char *searchfilter)
{
- char filter_buffer[1024];
+ char filter_buffer[4096];
MYLDAP_SEARCH *search;
MYLDAP_ENTRY *entry;
static const char *attrs[2];
@@ -239,7 +242,7 @@
if (expr_parse(searchfilter,filter_buffer,sizeof(filter_buffer),
autzsearch_var_get,(void *)dict)==NULL)
{
- log_log(LOG_ERR,"pam_authz_search \"%s\" is invalid",searchfilter);
+ log_log(LOG_ERR,"invalid pam_authz_search \"%s\"",searchfilter);
return -1;
}
log_log(LOG_DEBUG,"trying pam_authz_search \"%s\"",filter_buffer);
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/passwd.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/passwd.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/passwd.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/passwd.c 2012-09-20 20:36:13.000000000 +0200
@@ -297,9 +297,9 @@
int numuids;
char gidbuf[32];
gid_t gid;
- char gecos[100];
- char homedir[100];
- char shell[100];
+ char gecos[1024];
+ char homedir[256];
+ char shell[64];
int i,j;
/* get the usernames for this entry */
usernames=myldap_get_values(entry,attmap_passwd_uid);
@@ -338,13 +338,20 @@
}
for (numuids=0;(numuids<MAXUIDS_PER_ENTRY)&&(tmpvalues[numuids]!=NULL);numuids++)
{
- uids[numuids]=(uid_t)strtol(tmpvalues[numuids],&tmp,0);
+ errno=0;
+ uids[numuids]=strtouid(tmpvalues[numuids],&tmp,0);
if ((*(tmpvalues[numuids])=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
myldap_get_dn(entry),attmap_passwd_uidNumber);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_passwd_uidNumber);
+ return 0;
+ }
}
}
/* get the gid for this entry */
@@ -355,13 +362,20 @@
myldap_get_dn(entry),attmap_passwd_gidNumber);
return 0;
}
- gid=(gid_t)strtol(gidbuf,&tmp,0);
+ errno=0;
+ gid=strtogid(gidbuf,&tmp,0);
if ((gidbuf[0]=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
myldap_get_dn(entry),attmap_passwd_gidNumber);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_passwd_gidNumber);
+ return 0;
+ }
/* get the gecos for this entry */
attmap_get_value(entry,attmap_passwd_gecos,gecos,sizeof(gecos));
/* get the home directory for this entry */
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/protocol.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/protocol.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/protocol.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/protocol.c 2012-09-20 20:36:13.000000000 +0200
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -143,6 +143,7 @@
log_log(LOG_WARNING,"protocol entry %s contains multiple %s values",
myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
}
+ errno=0;
proto=(int)strtol(protos[0],&tmp,0);
if ((*(protos[0])=='\0')||(*tmp!='\0'))
{
@@ -150,6 +151,12 @@
myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"protocol entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
+ return 0;
+ }
/* write entry */
WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
WRITE_STRING(fp,name);
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/rpc.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/rpc.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/rpc.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/rpc.c 2012-09-20 20:36:13.000000000 +0200
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -144,6 +144,7 @@
log_log(LOG_WARNING,"rpc entry %s contains multiple %s values",
myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
}
+ errno=0;
number=(int)strtol(numbers[0],&tmp,0);
if ((*(numbers[0])=='\0')||(*tmp!='\0'))
{
@@ -151,6 +152,12 @@
myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"rpc entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
+ return 0;
+ }
/* write the entry */
WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
WRITE_STRING(fp,name);
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/service.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/service.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/service.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/service.c 2012-09-20 20:36:13.000000000 +0200
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+ Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -172,6 +172,7 @@
log_log(LOG_WARNING,"service entry %s contains multiple %s values",
myldap_get_dn(entry),attmap_service_ipServicePort);
}
+ errno=0;
port=(int)strtol(ports[0],&tmp,0);
if ((*(ports[0])=='\0')||(*tmp!='\0'))
{
@@ -179,6 +180,12 @@
myldap_get_dn(entry),attmap_service_ipServicePort);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"service entry %s contains too large %s value",
+ myldap_get_dn(entry),attmap_service_ipServicePort);
+ return 0;
+ }
/* get protocols */
protocols=myldap_get_values(entry,attmap_service_ipServiceProtocol);
if ((protocols==NULL)||(protocols[0]==NULL))
diff -Nru nss-pam-ldapd-0.7.15+squeeze1/nslcd/shadow.c nss-pam-ldapd-0.7.15+squeeze2/nslcd/shadow.c
--- nss-pam-ldapd-0.7.15+squeeze1/nslcd/shadow.c 2012-01-15 09:27:34.000000000 +0100
+++ nss-pam-ldapd-0.7.15+squeeze2/nslcd/shadow.c 2012-09-20 20:36:13.000000000 +0200
@@ -128,22 +128,34 @@
return 0; /* error */
strncpy(buffer,date,l);
buffer[l]='\0';
+ errno=0;
value=strtol(date,&tmp,0);
if ((*date=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"shadow entry contains non-numeric %s value",attr);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"shadow entry contains too large %s value",attr);
+ return -1;
+ }
return value/864-134774;
/* note that AD does not have expiry dates but a lastchangeddate
and some value that needs to be added */
}
+ errno=0;
value=strtol(date,&tmp,0);
if ((*date=='\0')||(*tmp!='\0'))
{
log_log(LOG_WARNING,"shadow entry contains non-numeric %s value",attr);
return 0;
}
+ else if (errno!=0)
+ {
+ log_log(LOG_WARNING,"shadow entry contains too large %s value",attr);
+ return -1;
+ }
return value;
}
@@ -155,12 +167,19 @@
tmpvalue=attmap_get_value(entry,attmap_shadow_##att,buffer,sizeof(buffer)); \
if (tmpvalue==NULL) \
tmpvalue=""; \
+ errno=0; \
var=strtol(tmpvalue,&tmp,0); \
if ((*(tmpvalue)=='\0')||(*tmp!='\0')) \
{ \
log_log(LOG_WARNING,"shadow entry %s contains non-numeric %s value", \
myldap_get_dn(entry),attmap_shadow_##att); \
return 0; \
+ } \
+ else if (errno!=0) \
+ { \
+ log_log(LOG_WARNING,"shadow entry %s contains too large %s value", \
+ myldap_get_dn(entry),attmap_shadow_##att); \
+ return 0; \
}
#define GET_OPTIONAL_DATE(var,att) \
Attachment:
signature.asc
Description: This is a digitally signed message part