Re: pkg/36625: nss-ldap miscalculates pw_change

To: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost, ef%math.uni-bonn.de@localhost
Subject: Re: pkg/36625: nss-ldap miscalculates pw_change
From: Matthias Drochner <M.Drochner%fz-juelich.de@localhost>
Date: Thu, 9 Aug 2007 17:55:02 +0000 (UTC)

The following reply was made to PR pkg/36625; it has been noted by GNATS.

From: Matthias Drochner <M.Drochner%fz-juelich.de@localhost>
To: ef%math.uni-bonn.de@localhost
Cc: gnats-bugs%NetBSD.org@localhost
Subject: Re: pkg/36625: nss-ldap miscalculates pw_change
Date: Thu, 09 Aug 2007 19:51:47 +0200

 Your fix is obviously correct. Looking at that code I'm
 getting the impression however that there is some potential
 for integer overflow which might be worth looking at:
 It seems to be common (according to google hits) to set
 shadowMax or shadowExpire to "99999" to express "unused".
 On 32-bit systems, this would already overflow an int/long
 if multiplied with secs/day.
 Do you think it is safe to treat everything larger
 than 24855 as 0?

 best regards
 Matthias

 Forschungszentrum Juelich GmbH
 52425 Juelich

 Sitz der Gesellschaft: Juelich
 Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
 Vorsitzende des Aufsichtsrats: MinDirig'in Baerbel Brumme-Bothe
 Vorstand: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. 
 Vorsitzender)

Prev by Date: Re: pkg/36754 ("pkg_install-20070808" doesn't work under Mac OS X)
Next by Date: Re: pkg/36757: print/ghostscript: fails to build on linux
Previous by Thread: pkg/36625: nss-ldap miscalculates pw_change
Next by Thread: Re: pkg/36625: nss-ldap miscalculates pw_change
Indexes:

Home | Main Index | Thread Index | Old Index