diff options
author | Jerry Jelinek <jerry.jelinek@joyent.com> | 2017-07-31 13:00:21 +0000 |
---|---|---|
committer | Jerry Jelinek <jerry.jelinek@joyent.com> | 2017-07-31 13:00:21 +0000 |
commit | a43f1df58a9e20639c60ab24da9193c2ff8e074e (patch) | |
tree | 2c782258c5ed0ceff90367f775728dc5cb1e9a12 /usr/src/lib/nsswitch | |
parent | 2b6211c70cd9e899b15e259d53790f01e46bb88a (diff) | |
parent | d65dfb0a6855414a1ff916b896e8be0fbe0d212a (diff) | |
download | illumos-joyent-a43f1df58a9e20639c60ab24da9193c2ff8e074e.tar.gz |
[illumos-gate merge]
commit d65dfb0a6855414a1ff916b896e8be0fbe0d212a
8499 ficl: this statement may fall through
commit e07d85f87c3920e032adb855fdc500e4616c7718
7875 libcurses: multiple misleading-indentation errors
commit f1cdbd3731f01314c1d46f05280ad63f1770fdc6
8546 want recallocarray(3C) and freezero(3C)
commit 0b905b49d460a57773d88d714cd880ffe0182b7c
5980 in-kernel inet_ntop should format IPv4 addresses like userland one
commit 3facafd61791b16f112797f1b07dde00ab6b9a59
8487 cfgadm_plugins/shp: memory leak in cfga_get_condition()
commit a3bcc60de108dc761615b2b9561d6dc76971f471
8543 nss_ldap crashes handling a group with no gidnumber attribute
commit b2ce6e4ebc262a57e5c5d0224b2577526261a0e4
8463 common/acl: 'resultcount' may be used uninitialized in this function
commit 83e86541459022f059e0bf50ebbc33fc8ec2d62e
8486 libdiskmgt: memory leak in slice_get_stats()
commit 7f6d142fc0001e76967b1f047b6df5bc4c5d9082
8399 sun_fc: in C++11 destructors default to noexcept
commit 3dde7c95de085cfe31f989eff6cefb775563eeb8
8528 Want Chelsio T6 support
Diffstat (limited to 'usr/src/lib/nsswitch')
-rw-r--r-- | usr/src/lib/nsswitch/ldap/common/getgrent.c | 70 |
1 files changed, 40 insertions, 30 deletions
diff --git a/usr/src/lib/nsswitch/ldap/common/getgrent.c b/usr/src/lib/nsswitch/ldap/common/getgrent.c index 2682e6e2f8..291d16dbc6 100644 --- a/usr/src/lib/nsswitch/ldap/common/getgrent.c +++ b/usr/src/lib/nsswitch/ldap/common/getgrent.c @@ -21,6 +21,8 @@ /* * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * + * Copyright 2017 Nexenta Systems, Inc. All rights reserved. */ #include <grp.h> @@ -353,42 +355,50 @@ getbymember(ldap_backend_ptr be, void *a) username = (char *)argp->username; result = (ns_ldap_result_t *)be->result; curEntry = (ns_ldap_entry_t *)result->entry; - for (i = 0; i < result->entries_count; i++) { + for (i = 0; i < result->entries_count && curEntry != NULL; i++) { membervalue = __ns_ldap_getAttr(curEntry, "memberUid"); - if (membervalue) { - for (j = 0; membervalue[j]; j++) { - /* - * If we find an '=' in the member attribute - * value, treat it as a DN, otherwise as a - * username. - */ - if (member_str = strchr(membervalue[j], '=')) { - member_str++; /* skip over the '=' */ - member_str = strtok_r(member_str, ",", - &strtok_state); - } else { - member_str = membervalue[j]; + if (membervalue == NULL) { + curEntry = curEntry->next; + continue; + } + for (j = 0; membervalue[j]; j++) { + /* + * If we find an '=' in the member attribute + * value, treat it as a DN, otherwise as a + * username. + */ + if (member_str = strchr(membervalue[j], '=')) { + member_str++; /* skip over the '=' */ + member_str = strtok_r(member_str, ",", + &strtok_state); + } else { + member_str = membervalue[j]; + } + if (member_str != NULL && + strcmp(member_str, username) == 0) { + groupvalue = __ns_ldap_getAttr(curEntry, + "gidnumber"); + if (groupvalue == NULL || + groupvalue[0] == NULL) { + /* Drop this group from the list */ + break; } - if (member_str && - strcmp(member_str, username) == NULL) { - groupvalue = __ns_ldap_getAttr(curEntry, - "gidnumber"); - gid = (gid_t)strtol(groupvalue[0], - (char **)NULL, 10); - if (argp->numgids < argp->maxgids) { - for (k = 0; k < argp->numgids; - k++) { - if (argp->gid_array[k] - == gid) - /* already exists */ - break; + errno = 0; + gid = (gid_t)strtol(groupvalue[0], + (char **)NULL, 10); + + if (errno == 0 && + argp->numgids < argp->maxgids) { + for (k = 0; k < argp->numgids; k++) { + if (argp->gid_array[k] == gid) + /* already exists */ + break; } if (k == argp->numgids) argp->gid_array[argp->numgids++] = gid; - } - break; } + break; } } curEntry = curEntry->next; @@ -421,7 +431,7 @@ static ldap_backend_op_t gr_ops[] = { /*ARGSUSED0*/ nss_backend_t * _nss_ldap_group_constr(const char *dummy1, const char *dummy2, - const char *dummy3) + const char *dummy3) { return ((nss_backend_t *)_nss_ldap_constr(gr_ops, |