On Wed, Aug 19, 2015 at 11:15:16PM +0200, Jakub Hrozek wrote: > On Thu, Aug 13, 2015 at 07:41:02AM +0200, Lukas Slebodnik wrote: > > On (12/08/15 14:17), Jakub Hrozek wrote: > > >On Mon, Aug 10, 2015 at 06:38:29AM +0200, Lukas Slebodnik wrote: > > >> ehlo, > > >> > > >> Use after free can happed if there are two domains and user is not found > > >> in the first one. > > >> > > >> LS > > > > > >Would it be possible to write a testcase in the NSS responder test? > > It requires multi domain setup. > > So I created different test. > > My intention was to cover most test cases and not just initgroups, > > But attached ins a POC patch which prove there is a use after free. > > make check passes; you need to test with valgrind. > > libtool --mode=execute valgrind -v ./nss-srv-multi-tests > > > > Would you prefer to use current version of patch and add othter test cases > > later? (it will take some time) or current version is enought for fix? > > Ideally I think we should have only one NSS responder test, otherwise we > would end up adding some testcases to one test and not the other...but I > haven't tried, so I don't know how easy or hard that is. > > ACK to your crash patch, I'll push it and apply to downstream.
Sorry, I forgot to send push-mail: b9901fe3d6cfe05cd75a2440c0f9c7985aea36c6 _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel