I've got a patch against the Secure RPC code which replaces an apparently bogus use of NGROUPS and fixes a bug where the internal identify cache stores uid_t and gid_t data in shorts. It's trivial and it looks like all the surrounding uses do use the correct size and just discard data when passing it through the cache, but I don't have an easy way to test it. Does anyone else?
-- Brooks
Index: lib/libc/rpc/svc_auth_des.c
===================================================================
--- lib/libc/rpc/svc_auth_des.c (revision 201441)
+++ lib/libc/rpc/svc_auth_des.c (working copy)
@@ -449,10 +449,10 @@
#define INVALID -1 /* grouplen, if cache entry is invalid
*/
struct bsdcred {
- short uid; /* cached uid */
- short gid; /* cached gid */
- short grouplen; /* length of cached groups */
- short groups[NGROUPS]; /* cached groups */
+ uid_t uid; /* cached uid */
+ gid_t gid; /* cached gid */
+ int grouplen; /* length of cached groups */
+ gid_t groups[NGRPS]; /* cached groups */
};
/*
pgpULpECiRFud.pgp
Description: PGP signature
