Date: Tue, 19 Feb 2013 17:35:50 +0800 From: =?ISO-8859-1?Q?Elias_M=E5rtenson?= <lokedhs@gmail.com> To: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> Cc: Rick Macklem <rmacklem@uoguelph.ca>, Benjamin Kaduk <kaduk@mit.edu>, freebsd-current@freebsd.org Subject: Re: Possible bug in NFSv4 with krb5p security? Message-ID: <CADtN0W%2Bd_PMftDokq0jDvgmZ_Vzt6oy3V_qTq0j5jcdPccH-pA@mail.gmail.com> In-Reply-To: <20130219093142.GA1459@pm513-1.comsys.ntu-kpi.kiev.ua> References: <CADtN0WLs%2B=EtM4VnHcvxdihbKx4kjaoMQZK61F%2BnKx%2BDpAqrfg@mail.gmail.com> <477291850.3084864.1361113135205.JavaMail.root@erie.cs.uoguelph.ca> <CADtN0WKVzbKxhaLQw8y2KLhhRJC9n4ht9wyPmGQ%2BpHqSjQkVNw@mail.gmail.com> <20130219093142.GA1459@pm513-1.comsys.ntu-kpi.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19 February 2013 17:31, Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>wrote:
It can require bigger buffer, since root can get the pw_password field
> in the struct passwd{}.
>
> Since sysconf(_SC_GETPW_R_SIZE_MAX) does not work on FreeBSD, the buffer
> for getpwnam_r() call should have at least (2 * MAXLOGNAME + 2 *
> MAXPATHLEN +
> _PASSWORD_LEN + 1) bytes (it is unclear how much is required for pw_gecos).
>
> This buffer can be dynamically reallocated until getpwnam_r() is not
> return ERANGE error (the following code has not been compiled and
> verified):
>
Is this really a better solution than to aim high right away? A series of
malloc() calls should certainly have much higher overhead than the previous
stack-allocated solution.
A better compromise would be to do the lookup in a separate function, that
allocates the buffer using alloca() instead, yes?
Regards,
Elias
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADtN0W%2Bd_PMftDokq0jDvgmZ_Vzt6oy3V_qTq0j5jcdPccH-pA>