check errno after calls to strtol() to ensure that numbers that are too large for type will be reported (thanks Jakub Hrozek)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1523 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2011-08-27 22:57:18 +0200
committer: Arthur de Jong <arthur@arthurdejong.org> 2011-08-27 22:57:18 +0200
commit: db932574059069ddb8b3fe2b8c06ca854fff7342 (patch)
tree: 72bca1bd856625e672d908a39d6ea19baae18c52 /nslcd/passwd.c
parent: b098356bae29e30f3bc81e8af06c1e9e16ad7db2 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/nslcd/passwd.c b/nslcd/passwd.c
index 035d0e8..d20531d 100644
--- a/nslcd/passwd.c
+++ b/nslcd/passwd.c
@@ -194,6 +194,7 @@ static int entry_has_valid_uid(MYLDAP_ENTRY *entry)
       uid=(uid_t)binsid2id(values[i]);
     else
     {
+      errno=0;
       uid=(uid_t)strtol(values[i],&tmp,0);
       if ((*(values[i])=='\0')||(*tmp!='\0'))
       {
@@ -201,6 +202,12 @@ static int entry_has_valid_uid(MYLDAP_ENTRY *entry)
                             myldap_get_dn(entry),attmap_passwd_uidNumber);
         continue;
       }
+      else if (errno!=0)
+      {
+        log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+                            myldap_get_dn(entry),attmap_passwd_uidNumber);
+        continue;
+      }
     }
     if (uid>=nslcd_cfg->ldc_nss_min_uid)
       return 1;
@@ -481,6 +488,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
         uids[numuids]=(uid_t)binsid2id(tmpvalues[numuids]);
       else
       {
+        errno=0;
         uids[numuids]=(uid_t)strtol(tmpvalues[numuids],&tmp,0);
         if ((*(tmpvalues[numuids])=='\0')||(*tmp!='\0'))
         {
@@ -488,6 +496,12 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
                               myldap_get_dn(entry),attmap_passwd_uidNumber);
           return 0;
         }
+        else if (errno!=0)
+        {
+          log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+                              myldap_get_dn(entry),attmap_passwd_uidNumber);
+          return 0;
+        }
       }
     }
   }
@@ -512,6 +526,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
+    errno=0;
     gid=(gid_t)strtol(gidbuf,&tmp,0);
     if ((gidbuf[0]=='\0')||(*tmp!='\0'))
     {
@@ -519,6 +534,12 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
+    else if (errno!=0)
+    {
+      log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+                          myldap_get_dn(entry),attmap_passwd_gidNumber);
+      return 0;
+    }
   }
   /* get the gecos for this entry */
   attmap_get_value(entry,attmap_passwd_gecos,gecos,sizeof(gecos));
author	Arthur de Jong <arthur@arthurdejong.org>	2011-08-27 22:57:18 +0200
committer	Arthur de Jong <arthur@arthurdejong.org>	2011-08-27 22:57:18 +0200
commit	db932574059069ddb8b3fe2b8c06ca854fff7342 (patch)
tree	72bca1bd856625e672d908a39d6ea19baae18c52 /nslcd/passwd.c
parent	b098356bae29e30f3bc81e8af06c1e9e16ad7db2 (diff)