Bug 15553 - limits on xdr_ requests are too restrictive
Summary: limits on xdr_ requests are too restrictive
Status: RESOLVED FIXED
Alias: None
Product: glibc
Classification: Unclassified
Component: nis (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-05-30 20:18 UTC by Patsy Franklin
Modified: 2014-06-13 17:34 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Patsy Franklin 2013-05-30 20:18:02 UTC 

    


    


      



        
          Comment 1
        

        
          Patsy Franklin

        

        
        

        
          2013-05-30 20:25:56 UTC
        

      






A recent patch to set reasonable limits on xdr requests proved to be too
restictive for some users, potentially causing ypcat to give rpc errors.

How reproducible:
Always

Steps to reproduce:

1. add a very long group record into /etc/group (longer than 1024B), e.g.:
foo:x:10000:bar1,bar2,bar3, ... ,bar999

2. add --no-limit-check option to makedbm command in /var/yp/Makefile, since otherwise lines longer than 1024B are ignored, but we need to add them to map file:

-DBLOAD = $(YPBINDIR)/makedbm -c -m `$(YPBINDIR)/yphelper --hostname`
+DBLOAD = $(YPBINDIR)/makedbm --no-limit-check -c -m `$(YPBINDIR)/yphelper --hostname`

3. rebuild maps:
# cd /var/yp
# make

4. # systemctl restart ypserv ypbind (while ypbind is configured to use ypserv running on localhost)

5. # ypcat group.byname

Actual results:
...
yp_all: clnt_call: RPC: Can't decode result
No such map group.byname. Reason: RPC failure on NIS operation

Some groups are returned but the list is cut short with the error message above

Expected results:
All groups are returned.

    


    


      



        
          Comment 2
        

        
          Patsy Franklin

        

        
        

        
          2013-06-02 15:30:02 UTC
        

      






Fixed.
commit eca5920cd90093d8921f27bfbf7bcf54807165bb

    


    


      



        
          Comment 3
        

        
          Patsy Franklin

        

        
        

        
          2013-06-02 15:31:45 UTC
        

      






Resolved/Fixed:

commit eca5920cd90093d8921f27bfbf7bcf54807165bb