diff --git a/nss-pam-ldapd-0.7.x-buffers.patch b/nss-pam-ldapd-0.7.x-buffers.patch new file mode 100644 index 0000000..d838e86 --- /dev/null +++ b/nss-pam-ldapd-0.7.x-buffers.patch @@ -0,0 +1,29 @@ +Parts of r1476 -- leave enough room for GID values above a billion and +unusually large pwdLastSet values. + +diff --git a/nslcd/passwd.c b/nslcd/passwd.c +index 15124fe..a649322 100644 +--- a/nslcd/passwd.c ++++ b/nslcd/passwd.c +@@ -390,7 +390,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser, + const char *passwd; + uid_t uids[MAXUIDS_PER_ENTRY]; + int numuids; +- char gidbuf[10]; ++ char gidbuf[32]; + gid_t gid; + char gecos[100]; + char homedir[100]; +diff --git a/nslcd/shadow.c b/nslcd/shadow.c +index 6de372b..5d6dae7 100644 +--- a/nslcd/shadow.c ++++ b/nslcd/shadow.c +@@ -112,7 +112,7 @@ void shadow_init(void) + + static long to_date(const char *date,const char *attr) + { +- char buffer[8]; ++ char buffer[32]; + long value; + char *tmp; + size_t l; diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec index f87f5d5..06726b4 100644 --- a/nss-pam-ldapd.spec +++ b/nss-pam-ldapd.spec @@ -24,6 +24,7 @@ Source1: http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz.s Source2: nslcd.init Source3: nslcd.tmpfiles Source4: nslcd.service +Patch0: nss-pam-ldapd-0.7.x-buffers.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openldap-devel, krb5-devel Obsoletes: nss-ldapd < 0.7 @@ -55,6 +56,7 @@ nsswitch module. %prep %setup -q +%patch0 -p1 -b .buffers %build %configure --libdir=/%{_lib} --disable-pam @@ -253,6 +255,8 @@ exit 0 * Thu Jul 14 2011 Nalin Dahyabhai 0.7.13-7 - switch to only munging the contents of /etc/nslcd.conf on the very first install (#706454) +- make sure that we have enough space to parse any valid GID value when + parsing a user's primary GID (#716822) * Wed Jul 13 2011 Nalin Dahyabhai 0.7.13-6 - convert to systemd-native startup (#716997)