This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug nis/13761] New: [PATCH] Fix allocation in nss_compat for large number of memberships to a group
- From: "siddhesh at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Mon, 27 Feb 2012 06:09:47 +0000
- Subject: [Bug nis/13761] New: [PATCH] Fix allocation in nss_compat for large number of memberships to a group
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=13761
Bug #: 13761
Summary: [PATCH] Fix allocation in nss_compat for large number
of memberships to a group
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: nis
AssignedTo: unassigned@sourceware.org
ReportedBy: siddhesh@redhat.com
CC: kukuk@suse.de
Classification: Unclassified
nss_compat allocates buffer space on stack using alloca (and
extend_alloca) for initgroup and keeps extending it to fit in larger
lines. This breaks for cases where the number of members in a gorup
are very large, causing the alloca reference to go beyond thread stack
boundary. I have posted a patch on libc-alpha that implements a fallback to
malloc/free if the buffer size needed is beyond __libc_alloca_cutoff:
http://sourceware.org/ml/libc-alpha/2012-02/msg00503.html
How reproducible:
Always
Steps to Reproduce:
1. In /etc/nsswitch.conf:
group: compat
group_compat: files
2. Create a large number of users for a single group
for i in $(seq 1 70000); do
useradd -M -N -s /sbin/nologin -G foo somelongusernameaaaaaaaaaaaa$i
echo Created somelongusername$i
done
3. Start nscd
4. groups somelongusernameaaaaaaaaaaaa100
Actual results:
nscd crashes
Expected results:
nscd does not crash
Additional info:
This is also possible with ldap (the original case is with ldap):
group: files compat
group_compat: ldap
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.