sssd/0035-nss-idmap-do-not-set-a-limit.patch
Fabiano Fidêncio 209701ef7f Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound?
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00

35 lines
1.3 KiB
Diff

From b489dcc998fc305f3a0a43b6484c042065320001 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Wed, 18 Apr 2018 10:20:06 +0200
Subject: [PATCH] nss-idmap: do not set a limit
If the limit is set the needed size to return all groups cannot be
returned.
Related to https://pagure.io/SSSD/sssd/issue/3715
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 46a4c265629d9b725c41f22849741ce7342bdd85)
---
src/sss_client/idmap/sss_nss_ex.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/sss_client/idmap/sss_nss_ex.c b/src/sss_client/idmap/sss_nss_ex.c
index c00e64cc4..b87b5e3b2 100644
--- a/src/sss_client/idmap/sss_nss_ex.c
+++ b/src/sss_client/idmap/sss_nss_ex.c
@@ -96,7 +96,9 @@ errno_t sss_nss_mc_get(struct nss_input *inp)
inp->result.initgrrep.start,
inp->result.initgrrep.ngroups,
&(inp->result.initgrrep.groups),
- *(inp->result.initgrrep.ngroups));
+ /* no limit so that needed size can
+ * be returned properly */
+ -1);
break;
default:
return EINVAL;
--
2.14.3