diff options
author | wpaul <wpaul@FreeBSD.org> | 1996-05-08 15:57:11 +0000 |
---|---|---|
committer | wpaul <wpaul@FreeBSD.org> | 1996-05-08 15:57:11 +0000 |
commit | 5d89e95ce06f6e161a82c9cf1ded214078b0deb1 (patch) | |
tree | 8838a1e62780a93fe0c26dd8772f60c68e97208a /usr.sbin/rpc.yppasswdd | |
parent | c7cdf98163dcaeecc1d739b6ba95faf1dbef327c (diff) | |
download | FreeBSD-src-5d89e95ce06f6e161a82c9cf1ded214078b0deb1.zip FreeBSD-src-5d89e95ce06f6e161a82c9cf1ded214078b0deb1.tar.gz |
Fix 'multidomain' code. It returns a pointer to memory that it doesn't
really own (and which can end up being mangled later). The manifestation
of this bug is that the first attempt by a user to change their NIS password
succeeds, but all subsequent attempts fail. rpc.yppasswdd also logs
a message about not being able to find a file called
'/var/yp/<some garbage string>/master.passwd.' (Note that for some
bizarre reason, this doesn't happen with the malloc() from FreeBSD 2.1.0.
I suppose this means we can chalk up another victory for phkmalloc. :)
This bug only occurs if you use the -m flag with rpc.yppasswdd.
Fix this by copying the domain name to a static buffer and returning
a pointer to that instead.
Reported by: Jian-Da Li (jdli@csie.nctu.edu.tw)
Diffstat (limited to 'usr.sbin/rpc.yppasswdd')
-rw-r--r-- | usr.sbin/rpc.yppasswdd/yppasswdd_server.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c index 205ca77..e1a9220 100644 --- a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c +++ b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c @@ -29,7 +29,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: yppasswdd_server.c,v 1.11 1996/02/24 21:41:15 wpaul Exp $ + * $Id: yppasswdd_server.c,v 1.2 1996/02/24 22:10:42 wpaul Exp $ */ #include <stdio.h> @@ -60,7 +60,7 @@ struct dom_binding {}; #include "yppasswd_comm.h" #ifndef lint -static const char rcsid[] = "$Id: yppasswdd_server.c,v 1.11 1996/02/24 21:41:15 wpaul Exp $"; +static const char rcsid[] = "$Id: yppasswdd_server.c,v 1.2 1996/02/24 22:10:42 wpaul Exp $"; #endif /* not lint */ char *tempname; @@ -262,7 +262,7 @@ static char *find_domain(pw) struct dirent *dirp; DIR *dird; char yp_mapdir[MAXPATHLEN + 2]; - char *domain = NULL; + static char domain[YPMAXDOMAIN]; char *tmp = NULL; DBT key, data; int hit = 0; @@ -297,7 +297,7 @@ static char *find_domain(pw) if (yp_password.pw_uid == pw->pw_uid && yp_password.pw_gid == pw->pw_gid) { hit++; - domain = tmp; + snprintf(domain, YPMAXDOMAIN, "%s", tmp); } } } @@ -307,7 +307,7 @@ static char *find_domain(pw) yp_error("found same user in two different domains"); return(NULL); } else - return(domain); + return(&domain); } int * @@ -638,15 +638,13 @@ cleaning up and bailing out"); void do_master() { struct master_yppasswd *pw; - int resp; if ((pw = getdat(yp_sock)) == NULL) { return; } yp_error("received update request from superuser on localhost"); - resp = update_master(pw); - sendresp(resp); + sendresp(update_master(pw)); /* Remember to free args. */ xdr_free(xdr_master_yppasswd, (char *)pw); |