pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/49804
The following reply was made to PR pkg/49804; it has been noted by GNATS.
From: Brett Lymn <blymn%internode.on.net@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc:
Subject: Re: pkg/49804
Date: Tue, 30 May 2023 07:53:23 +0930
--rSIW4owSDXheH2FP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
The getpeercred compat routine is returning pointers to variables on
function stack, this is dangerous.... The attached patch declares a
couple of static variables to prevent stack storage addresses being
returned.
--
Brett Lymn
--
Sent from my NetBSD device.
"We are were wolves",
"You mean werewolves?",
"No we were wolves, now we are something else entirely",
"Oh"
--rSIW4owSDXheH2FP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="getpeercred.c.diff"
--- getpeercred.c 2022-10-11 07:54:45.000000000 +1030
+++ ../../nss-pam-ldapd-master.modified/compat/getpeercred.c 2023-05-30 07:52:10.429723839 +0930
@@ -37,6 +37,11 @@
#include "getpeercred.h"
+#if defined(HAVE_GETPEEREID)
+static uid_t tuid;
+static gid_t tgid;
+#endif
+
/* Note: most of this code is untested, except for the first
implementation (it may even fail to compile) */
@@ -96,19 +101,12 @@
ucred_free(cred);
return 0;
#elif defined(HAVE_GETPEEREID)
- uid_t tuid;
- gid_t tgid;
if (uid == NULL)
uid = &tuid;
if (gid == NULL)
- gid = &tguid;
+ gid = &tgid;
if (getpeereid(sock, uid, gid))
return -1;
- /* return the data */
- if (uid != NULL)
- *uid = cred.uid;
- if (gid != NULL)
- *gid = cred.gid;
if (pid != NULL)
*pid = -1; /* we return a -1 pid because we have no usable pid */
return 0;
--rSIW4owSDXheH2FP--
Home |
Main Index |
Thread Index |
Old Index