From owner-freebsd-hackers@FreeBSD.ORG Mon Jan 4 18:51:35 2010 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2E4FF106566B for ; Mon, 4 Jan 2010 18:51:35 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (lor.one-eyed-alien.net [69.66.77.232]) by mx1.freebsd.org (Postfix) with ESMTP id DD9F58FC18 for ; Mon, 4 Jan 2010 18:51:34 +0000 (UTC) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.14.3/8.14.3) with ESMTP id o04IbKuc016498 for ; Mon, 4 Jan 2010 12:37:20 -0600 (CST) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.14.3/8.14.3/Submit) id o04IbKb8016497 for freebsd-hackers@freebsd.org; Mon, 4 Jan 2010 12:37:20 -0600 (CST) (envelope-from brooks) Date: Mon, 4 Jan 2010 12:37:19 -0600 From: Brooks Davis To: freebsd-hackers@freebsd.org Message-ID: <20100104183719.GA16422@lor.one-eyed-alien.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="zYM0uCDKw75PZbzx" Content-Disposition: inline User-Agent: Mutt/1.5.17 (2007-11-01) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (lor.one-eyed-alien.net [127.0.0.1]); Mon, 04 Jan 2010 12:37:20 -0600 (CST) Subject: testing needed: Secure RPC X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jan 2010 18:51:35 -0000 --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I've got a patch against the Secure RPC code which replaces an apparently bogus use of NGROUPS and fixes a bug where the internal identify cache stores uid_t and gid_t data in shorts. It's trivial and it looks like all the surrounding uses do use the correct size and just discard data when passing it through the cache, but I don't have an easy way to test it. Does anyone else? -- Brooks Index: lib/libc/rpc/svc_auth_des.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- lib/libc/rpc/svc_auth_des.c (revision 201441) +++ lib/libc/rpc/svc_auth_des.c (working copy) @@ -449,10 +449,10 @@ #define INVALID -1 /* grouplen, if cache entry is invalid */ =20 struct bsdcred { - short uid; /* cached uid */ - short gid; /* cached gid */ - short grouplen; /* length of cached groups */ - short groups[NGROUPS]; /* cached groups */ + uid_t uid; /* cached uid */ + gid_t gid; /* cached gid */ + int grouplen; /* length of cached groups */ + gid_t groups[NGRPS]; /* cached groups */ }; =20 /* --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFLQjVfXY6L6fI4GtQRAvoDAKCQVyzET+tUZVTm4lgNPGugdJhmoACeJbAy aOm02jIw+xVyhugOQWfSu2w= =oSRg -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx--