Bug#763896: schroot: infinite allocation on uid/gid entry errors.

[Daniel Serpell]

Package: schroot
Version: 1.6.10-1+b1
Severity: important
Tags: upstream patch

Hi!

The attached patch fixes an infinite allocation loop inside the
passwd::query_name, passwd::query_uid, group::query_gid and
group::query_name functions.

Current code simply fails with std::bad_alloc on any error,
because it always retries with a bigger buffer.


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (150, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages schroot depends on:
ii  libboost-filesystem1.55.0       1.55.0+dfsg-3
ii  libboost-iostreams1.55.0        1.55.0+dfsg-3
ii  libboost-program-options1.55.0  1.55.0+dfsg-3
ii  libboost-regex1.55.0            1.55.0+dfsg-3
ii  libboost-system1.55.0           1.55.0+dfsg-3
ii  libc6                           2.19-11
ii  libgcc1                         1:4.9.1-16
ii  libpam0g                        1.1.8-3.1
ii  libstdc++6                      4.9.1-16
ii  libuuid1                        2.20.1-5.9
ii  schroot-common                  1.6.10-1

schroot recommends no packages.

Versions of packages schroot suggests:
pn  aufs-modules | unionfs-modules  <none>
pn  btrfs-tools                     <none>
ii  debootstrap                     1.0.63
ii  lvm2                            2.02.111-2
ii  qemu-user-static                2.1+dfsg-5

-- Configuration Files:
/etc/default/schroot changed [not included]
/etc/schroot/default/fstab changed [not included]
/etc/schroot/schroot.conf changed [not included]

-- no debconf information

Description: Fixes infinite allocation on error in name queries
 Don't retry with a bigger buffer if there is an error from name query
 calls is.
 This fixes error reporting in name queries.
Author: Daniel Serpell <daniel.serp...@aplik.cl>

--- schroot-1.6.10.orig/sbuild/sbuild-util.cc
+++ schroot-1.6.10/sbuild/sbuild-util.cc
@@ -632,7 +632,7 @@ sbuild::passwd::query_uid (uid_t uid)
 
   while ((error = getpwuid_r(uid, this,
                              &buffer[0], buffer.capacity(),
-                             &pwd_result)))
+                             &pwd_result)) == ERANGE)
     {
       size <<= 1;
       buffer.reserve(size);
@@ -655,7 +655,7 @@ sbuild::passwd::query_name (const char *
 
   while ((error = getpwnam_r(name, this,
                              &buffer[0], buffer.capacity(),
-                             &pwd_result)))
+                             &pwd_result)) == ERANGE)
     {
       size <<= 1;
       buffer.reserve(size);
@@ -741,7 +741,7 @@ sbuild::group::query_gid (gid_t gid)
 
   while ((error = getgrgid_r(gid, this,
                              &buffer[0], buffer.capacity(),
-                             &grp_result)))
+                             &grp_result)) == ERANGE)
     {
       size <<= 1;
       buffer.reserve(size);
@@ -764,7 +764,7 @@ sbuild::group::query_name (const char *n
 
   while ((error = getgrnam_r(name, this,
                              &buffer[0], buffer.capacity(),
-                             &grp_result)))
+                             &grp_result)) == ERANGE)
     {
       size <<= 1;
       buffer.reserve(size);