riscv
/
musl
mirror of https://git.musl-libc.org/git/musl
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

avoid sending huge names as nscd passwd/group queries 

overly long user/group names are potentially a DoS vector and source
of other problems like partial writes by sendmsg, and not useful.
master
Rich Felker 11 years ago
parent
49d1e7f931
commit
4b5ca13fb1
1 changed files with 3 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      src/passwd/nscd_query.c

5
src/passwd/nscd_query.c
View File

@ -4,6 +4,7 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <limits.h>
#include "nscd.h" #include "nscd.h"
static const struct { static const struct {
@ -22,7 +23,7 @@ FILE *__nscd_query(int32_t req, const char *key, int32_t *buf, size_t len, int *
int32_t req_buf[REQ_LEN] = { int32_t req_buf[REQ_LEN] = {
NSCDVERSION, NSCDVERSION,
req, req,
strlen(key)+1 strnlen(key,LOGIN_NAME_MAX)+1
}; };
struct msghdr msg = { struct msghdr msg = {
.msg_iov = (struct iovec[]){ .msg_iov = (struct iovec[]){
@ -45,7 +46,7 @@ retry:
return 0; return 0;
} }
if (strlen(key) > INT32_MAX - 1) if (req_buf[2] > LOGIN_NAME_MAX)
return f; return f;
if (connect(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) { if (connect(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {

Write Preview
Loading…
Cancel
Save