Bug 43125 - Huge group members patch for shadow-utils doesn't work.
Huge group members patch for shadow-utils doesn't work.
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils (Show other bugs)
7.0
All Linux
medium Severity high
: ---
: ---
Assigned To: Eido Inoue
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-05-31 22:34 EDT by Wood Chen
Modified: 2007-04-18 12:33 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-10-27 14:50:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
works patch (1.80 KB, patch)
2001-05-31 22:35 EDT, Wood Chen
no flags Details | Diff

  None (edit)
Description Wood Chen 2001-05-31 22:34:19 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
When add a huge number of user to one group member, the /etc/group file 
crashed. And if the gshadow is enabled, add a huge group members 
with /usr/sbin/useradd will lead to core dump.

How reproducible:
Always

Steps to Reproduce:
1.add a new group 'test'
2. Try following shell script
#!/bin/sh

let num=1
while let 'num<=5000'
do
echo 'Add user test'$num
/usr/sbin/useradd -G test test$num -m -k /dev/null -d /var/tmp/home
let num=$num+1
done


Actual Results:  a broken /etc/group file

Additional info:

I check the shadow-19990827-hugegroups.patch in the SRPM, and find the 
problem, the patch make a mistake in use of fgets(), here is my patch 
which will work with huge group members:
shadow-19990827-hugegroups.patch
// Cut here /////////////////////////////////
--- shadow-19990827/lib/commonio.c.broken	Tue Jul 18 19:58:09 2000
+++ shadow-19990827/lib/commonio.c	Tue Jul 18 20:02:54 2000
@@ -381,13 +381,17 @@
 int
 commonio_open(struct commonio_db *db, int mode)
 {
-	char	buf[8192];
+	char	*buf;
+	char	*tmpbuf;
+	unsigned long buflen=8192;
 	char	*cp;
 	char *line;
 	struct commonio_entry *p;
 	void *entry;
 	int flags = mode;

+	buf=(char *) malloc(buflen);
+
 	mode &= ~O_CREAT;

 	if (db->isopen || (mode != O_RDONLY && mode != O_RDWR)) {
@@ -417,7 +420,15 @@
 		return 0;
 	}

-	while (db->ops->fgets(buf, sizeof buf, db->fp)) {
+	while (db->ops->fgets(buf, buflen, db->fp)) {
+		while(!(cp = strrchr(buf, '\n')) && !feof(db->fp)) {
+			buflen += 8192;
+			tmpbuf=(char *)realloc(buf, buflen);
+			if (tmpbuf == NULL)
+				goto cleanup;
+			buf = tmpbuf;
+			db->ops->fgets(buf+buflen-8192-1, 8192+1, db-
>fp);
+		}
 		if ((cp = strrchr(buf, '\n')))
 			*cp = '\0';

@@ -444,6 +452,7 @@
 	}

 	db->isopen = 1;
+	free(buf);
 	return 1;

 cleanup_entry:
@@ -456,6 +465,7 @@
 	fclose(db->fp);
 	db->fp = NULL;
 	errno = ENOMEM;
+	free(buf);
 	return 0;
 }



--- shadow-19990827/lib/gshadow.c.broken	Thu May 17 11:38:05 2001
+++ shadow-19990827/lib/gshadow.c	Thu May 17 11:38:45 2001
@@ -48,7 +48,7 @@
 static	int	dbmerror;
 #endif
 
-#define	MAXMEM	1024
+#define	MAXMEM	10240
 
 static	FILE	*shadow;
 static	char	sgrbuf[BUFSIZ*4];


--- shadow-19990827/lib/defines.h.broken	Thu May 17 14:23:18 2001
+++ shadow-19990827/lib/defines.h	Thu May 17 14:24:50 2001
@@ -120,12 +120,16 @@
 #include <shadow.h>
 #if defined(SHADOWGRP) && !defined(GSHADOW)
 #include "gshadow_.h"
+#else
+#include <stdio.h>
 #endif
 #else  /* not HAVE_SHADOW_H */
 #include "shadow_.h"
 #ifdef SHADOWGRP
 #include "gshadow_.h"
+# else
+#include <stdio.h>
 #endif
 #endif  /* not HAVE_SHADOW_H */
 #endif  /* SHADOWPWD */
// Cut here ///////////////// 

shadow group must be disable in SPEC file to support huge group members, 
or you must change the MAXMEM in lib/gshadow.c to support number of 
members upto that value.
Comment 1 Wood Chen 2001-05-31 22:35:36 EDT
Created attachment 20052 [details]
works patch

Note You need to log in before you can comment on or make changes to this bug.