lists.arthurdejong.org
RSS feed

Re: [PATCH] Do not truncate large UID/GID values on 32bit architectures

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: [PATCH] Do not truncate large UID/GID values on 32bit architectures



On Mon, Aug 29, 2011 at 11:00:49PM +0200, Arthur de Jong wrote:
> On Mon, 2011-08-29 at 18:21 +0200, Jakub Hrozek wrote:
> > On my system (a 64bit Linux machine), SIZEOF_UID_T is 4 but both
> > SIZEOF_UNSIGNED_LONG_INT and SIZEOF_UNSIGNED_LONG_LONG_INT are 8.
> > So none of the #if-s match.
> 
> Drats, I hoped that either of the two should always fit.
> 
> > The reason I originally used uint32 was that on my system, it is defined
> > as:
> >     #define __U32_TYPE              unsigned int
> >     #define __UID_T_TYPE            __U32_TYPE
> > 
> > I would suggest that the equality check is changed to "<=" and perhaps 
> > "unsigned int" is added to the list of data types.
> 
> I've added an unsigned int and a strtoui() (which is basically your
> strtouint32()).
> 
> > So I think the best option is to either check for overflow based on the
> > sizeof(uid_t) value or alternatively just check if the unsigned long
> > overflowed, for example. The latter is less work, but prone to overflows
> > in case ULONG_MAX would be bigger than (hypothetical) UID_MAX.
> 
> Since a strto....() function is now always used that matches the size of
> uid_t the bounds checking should already be OK. Only if uid_t isn't of
> size int, long or long long we have a problem.
> 

Fair enough, I have verified that this is the case on all the architectures
we care about in RHEL. Not sure if it's the case with all the exotic
systems out there, though.
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users