Subject: pkg/32988: Bug in databases/nss_ldap
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <thesing@cs.uni-sb.de>
List: pkgsrc-bugs
Date: 03/04/2006 12:40:01
>Number:         32988
>Category:       pkg
>Synopsis:       databases/nss_ldap gives wrong results if used in conjunction with `files'
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Mar 04 12:40:01 +0000 2006
>Originator:     Stephan Thesing
>Release:        NetBSD 3.99.15
>Organization:
=  Tel.: +49-681-302-5571      = Universitaet des Saarlandes =
=  Fax.: +49-681-302-3065      = Postfach 15 11 50           =
=  Compiler Research Group     = 66041 Saarbruecken          =
=  FR 6.2 - Informatik         = GERMANY                     =
>Environment:
System: NetBSD gargoyle.cs.uni-sb.de 3.99.15 NetBSD 3.99.15 (Gargoyle (19012006) ST) #2: Tue Feb 14 09:59:13 CET 2006 thesing@gargoyle.cs.uni-sb.de:/local/thesing/netbsd/current/obj/sys/arch/i386/compile.i386/Gargoyle i386
Architecture: i386
Machine: i386
>Description:
the databases/nss_ldap package provides support for using LDAP based account information for
the nsswitch facility.
The NetBSD glue in files/netbsd.c has a bug that returns garbage for group ids if /etc/nsswitch.conf
contains something like `group: files ldap' upon using the "getgroupmembership" functionality.
The nsswitch facility in this case first fetches all groups for a user from /etc/group and then should
_add_ the groups from the LDAP directory to the list.
files/netbsd.c correctly starts to put LDAP groups into the array of gid_t s provided but fails to
copy the already present gid_t's (from files), so garbage is returned in those slots finally.
In addition, netbsd.c always puts the primary gid_t of the user in slot 0, which is wrong.
>How-To-Repeat:
 add `group: files ldap' to your nsswitch.conf, have a user in one of the groups in /etc/group
  and in LDAP based groups and see garbage returned from e.g. `groups user' for the groups in
  /etc/group
>Fix:
The attached patch to files/netbsd.c copies the gid_t's already passed in into the temporary array
 allocated and thus all groups are returned correctly.

Index: files/netbsd.c
===================================================================
RCS file: /cvsroot/pkgsrc/databases/nss_ldap/files/netbsd.c,v
retrieving revision 1.4
diff -b -u -r1.4 netbsd.c
--- files/netbsd.c	19 Sep 2005 15:54:42 -0000	1.4
+++ files/netbsd.c	3 Mar 2006 11:01:47 -0000
@@ -454,13 +454,23 @@
 	gid_t *tmpgroups;
 	long int lstart, lsize;
 	int origsize = *size;
+        int i;
 
 	tmpgroups = malloc(limit * sizeof(gid_t));
 	if (!tmpgroups)
 		return NS_TRYAGAIN;
-	/* insert primary membership */
-	if (*size < limit) {
-		tmpgroups[0] = group;
+
+	/* copy initial members */
+        if (*size>0)
+           memcpy(tmpgroups, groups, (*size)*sizeof(gid_t));
+
+	/* insert primary membership, if not already in there */
+        for (i=0; i<(*size); i++) 
+           if (tmpgroups[i]==group)
+             break;
+
+	if (*size < limit && i==(*size)) {
+		tmpgroups[*size] = group;
 		(*size)++;
 	}
 	lstart = *size;