bug found in password caching code in HEAD branch

Tim Potter Tim.Potter at anu.edu.au
Thu Jun 10 23:31:21 GMT 1999


Heh.  This was annoying me for a while - samba was regularly bombing
out trying to free() the pw_passwd entry from the password cache as it
was being replaced by a string not produced by malloc, hence the
crash.  The culprit is the blocks of code in
passdb/pass_check.c:pass_check() that fetch the shadow password #ifdef
GETSPWNAM.  The blocks #ifdef HAVE_GETPRPWNAM || #ifdef OSF1_ENH_SEC
getprpwnam(), and #ifdef ULTRIX_AUTH getauthuid() will also cause a
crash but I don't have access to any machines with manual pages for
these functions.  (-:

I propose to either put a bunch of free() and strdup() functions in
appropriate places in the pass_check() function, or to move all this
stuff into the password caching code.  The former may be confusing as
there is no obvious reason why things should be free()ed, but the
latter may have a big performance hit when refreshing the cache.

I've also made lib/username.c:Get_Pwnam() return a const struct passwd
* so the compiler will flag any attempt by someone changing the values
in the password cache and creating this bug again.  I initially did
this to find any more occurrences of the bug I'm seeing (let the
compiler find the bugs for you!) but I thought it might be a good idea
to leave it in there.  Anyone have any philosophical objections in
general to const?


Tim.

-- 
Tim Potter, System Admin/Programmer, Head Bee Guy
Advanced Computational Systems CRC, RSISE Bldg Australian National University,
Canberra 0200, AUSTRALIA Ph: +61 2 62798813 Fax: +61 2 62798602


More information about the samba-technical mailing list