I see a few problems with the source code at this point. Line 231: sizeof (rootpass) on my computer is 4. This is always going to be less than strlen(pw->pw_passwd) So this if statement is redundant. I think this was perhaps meant to say strlen (rootpass) However: rootpass is uninitialized if !HAVE_GETSPNAM && CHECKROOT so strlen would not work. Also: even if strlen(pw->pw_passwd) >= sizeof (rootpass) && strlen(pw->pw_passwd) >= strlen (rootpass), the code then goes on to replace rootpass with enough space to complete the strcpy unconditionally P.S. there is no check to see whether or not the alloca (line 236) has failed. Could CHECKROOT be turned off in the binary rpm until this problem is somehow otherwise resolved?
ypserv-1.3.6.91-1.i386.rpm would segfault with yp-tools-2.2-1 (after sucessfully changing the password). However, it seems to work with yp-tools-2.3-1. This problem that I was experiencing was happening in combination with yp-tools-2.3-1
Thorsten Kukuk <kukuk> wrote me back and said that, indeed, removing that bizarre if statement was the correct patch. 1.3.36 (which is newer than 1.3.36.94) has this fix incorporated.
i misunderstood mr kukuk. 1.3.36 is the latest stable released version, not the latest version. 1.3.36.94 is indeed the latest version, and I guess he has that patch applied in some local sourcetree of his: "No, it is fixed in my sourcetree. I only need patches for the other things in the TODO file."
I believe this problem is fixed in ypserv-1.3.36.94-3. Please reopen this bug if I'm mistaken.