* more NGROUPS hacking
@ 2004-02-26 19:28 Ulrich Drepper
0 siblings, 0 replies; only message in thread
From: Ulrich Drepper @ 2004-02-26 19:28 UTC (permalink / raw)
To: libc-ha >> GNU libc hacker; +Cc: Tim Hockin
I've changed some of the RPC code which made use of NGROUPS. Boy, that
code is screwed. Of more correctly, the users of that code are screwed.
The array passed to authdes_getucred() must be large enough for the
values read from NIS or wherever. But no size argument is available.
So netname2user() will scribble happily over the array boundaries should
the size of the array be too small. Also, the output parameter for the
number of groups is an short. I.e., this is too small even for the
default maximum number the Linux kernel now handles.
Anyway, the libc side should be fine now. If something crashes it's
because the array passed in is too small. Some platforms apparently
document that the netname2user() function never writes more than NGROUPS
values. This might be one way out, but a limiting one.
The best advise is as before: avoid RPC like the plague.
(I wonder if the criminally reckless people who "designed" these
interfaces still work for Sun and can be held responsible...)
--
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA â–
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-02-26 19:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-02-26 19:28 more NGROUPS hacking Ulrich Drepper
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).