#40600 [Opn->Fbk]: [PATCH]:getgrgid_r, getgrnam_r etc functions regression(crash)

Thu, 22 Feb 2007 15:39:28 -0800 

 ID:               40600
 Updated by:       [EMAIL PROTECTED]
 Reported By:      stas at FreeBSD dot org
-Status:           Open
+Status:           Feedback
 Bug Type:         POSIX related
 Operating System: FreeBSD
 PHP Version:      5.2.1
 New Comment:

+       if (grbuflen < 0)
+               grbuflen = 1024;

I definitely agree with this part of the patch.
But other parts look to me as a "workaround" for FreeBSD problems.

-       if (buflen < 1) {
-               RETURN_FALSE;
-       }
+       if (buflen < 0)
+               buflen = 1024;

It might be safe to do it on FreeBSD when you know for sure that this
functionality is missing and it's safe to use 1K buffer, but other
systems might behave differently.


Previous Comments:
------------------------------------------------------------------------

[2007-02-22 23:34:54] stas at FreeBSD dot org

The patch itself:
----------------------------------------------------------------
--- posix.c.orig        Fri Jan 12 04:46:11 2007
+++ posix.c     Thu Feb 22 14:56:56 2007
@@ -837,9 +837,8 @@

 #if defined(ZTS) && defined(HAVE_GETGRNAM_R) &&
defined(_SC_GETGR_R_SIZE_MAX)
        buflen = sysconf(_SC_GETGR_R_SIZE_MAX);
-       if (buflen < 1) {
-               RETURN_FALSE;
-       }
+       if (buflen < 0)
+               buflen = 1024;
        buf = emalloc(buflen);
        g = &gbuf;

@@ -887,6 +886,8 @@
 #ifdef HAVE_GETGRGID_R

        grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
+       if (grbuflen < 0)
+               grbuflen = 1024;
        grbuf = emalloc(grbuflen);

        ret = getgrgid_r(gid, &_g, grbuf, grbuflen, &retgrptr);
@@ -950,9 +951,9 @@

 #if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) &&
defined(HAVE_GETPWNAM_R)
        buflen = sysconf(_SC_GETPW_R_SIZE_MAX);
-       if (buflen < 1) {
-               RETURN_FALSE;
-       }
+       if (buflen < 0)
+               buflen = 1024;
+
        buf = emalloc(buflen);
        pw = &pwbuf;

@@ -999,9 +1000,8 @@
        }
 #if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) &&
defined(HAVE_GETPWUID_R)
        pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
-       if (pwbuflen < 1) {
-               RETURN_FALSE;
-       }
+       if (pwbuflen < 0)
+               pwbuflen = 1024;
        pwbuf = emalloc(pwbuflen);

        ret = getpwuid_r(uid, &_pw, pwbuf, pwbuflen, &retpwptr);
--------------------------------------------------------------

------------------------------------------------------------------------

[2007-02-22 23:32:39] stas at FreeBSD dot org

Description:
------------
This module has problems with functions like getgrgid_r etc. It tries
to find out limits using sysconf, but FreeBSD doesn't have, e.g.
_SC_GETPW_R_SIZE_MAX. Since it does't try to check the return value it
effectively leads to attempt to allocate (size_t)-1 bytes, which
obviously fails, since trying to allocate (size_t)-1 bytes exceeds any
limits.

Reproduce code:
---------------
$groupinfo = posix_getgrgid(0);
print_r($groupinfo);

Expected result:
----------------
something meaningful



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=40600&edit=1

Reply via email to