85346 – invalid uids cause overflow in getUname

Bug 85346 - invalid uids cause overflow in getUname

Summary: invalid uids cause overflow in getUname

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	rpm-build
Sub Component:
Version:	8.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jeff Johnson
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	84648
TreeView+	depends on / blocked

Reported:	2003-02-28 13:10 UTC by Denys Duchier
Modified:	2007-04-18 16:51 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2003-04-17 15:14:58 UTC
Embargoed:

Attachments	(Terms of Use)

Description Denys Duchier 2003-02-28 13:10:26 UTC

when a source rpm somehow contains a non-portable uid (instead of root), 
getUname is invoked repeatedly, each time increments uid_used, but then 
getpwuid returns a NULL pointer.  The code correctly checks for the NULL 
pointer, but does not redecrement uid_used in that case.  Thus, if there 
are more than 1024 calls to getUname with this same non-portable uid, the 
unames cache overflows eventhough none of its entries are used. 
 
I have no idea how the non-portable uid gets into the src rpm in the first 
place, perhaps this is an issue of login vs non-login root shell when creating 
the src rpm.

Comment 1 Jeff Johnson 2003-04-17 15:14:58 UTC

Ah yes, that was borken. Thanks for the analysis.

Fixed in CVS, will be in rpm-4.3 when built.

Note You need to log in before you can comment on or make changes to this bug.