alloca in compat-initgroups

[Thorsten Kukuk <kukuk at suse dot de>]

Hi,

getgrent_next_nss() from compat-initgroups allocates a temporary
buffer with alloca. The size is NGROUPS_MAX * sizeof (gid_t).

While this was no problem with NGROUPS_MAX = 32, it is a problem
with multithreaded applications and kernel >= 2.6.5 (NGROUPS_MAX=65536).

I would suggest to use malloc instead:

2004-07-19  Thorsten Kukuk  <kukuk@suse.de>

	* nis/nss_compat/compat-initgroups.c(getgrent_next_nss): Don't
	allocate memory for large temporary variables with alloca.

--- nis/nss_compat/compat-initgroups.c	28 Jun 2003 07:49:23 -0000	1.13
+++ nis/nss_compat/compat-initgroups.c	19 Jul 2004 11:13:17 -0000
@@ -1,4 +1,4 @@
-/* Copyright (C) 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc.
+/* Copyright (C) 1998,1999,2000,2001,2002,2003, 2004 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998.
 
@@ -242,7 +241,10 @@
   if (nss_initgroups_dyn && nss_getgrgid_r)
     {
       long int mystart = 0, mysize = limit;
-      gid_t *mygroupsp = __alloca (limit * sizeof (gid_t));
+      gid_t *mygroupsp = malloc (limit * sizeof (gid_t));
+
+      if (mygroupsp == NULL)
+	return NSS_STATUS_UNAVAIL;
 
       /* For every gid in the list we get from the NSS module,
          get the whole group entry. We need to do this, since we
@@ -280,8 +282,11 @@
 		check_and_add_group (user, group, start, size, groupsp,
 				     limit, &grpbuf);
 	    }
+
+	  free (mygroupsp);
 	  return NSS_STATUS_NOTFOUND;
 	}
+      free (mygroupsp);
     }
 
   /* If we come here, the NSS module does not support initgroups_dyn

-- 
Thorsten Kukuk       http://www.suse.de/~kukuk/        kukuk@suse.de
SuSE Linux AG        Maxfeldstr. 5                 D-90409 Nuernberg
--------------------------------------------------------------------    
Key fingerprint = A368 676B 5E1B 3E46 CFCE  2D97 F8FD 4E23 56C6 FB4B