X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fgssd%2Fsvcgssd_proc.c;h=79f5f50d3c5a603bcdfa1475d055a112df19dd84;hp=14b7f17c61bd0ded02a0885f8c14230bebbadc22;hb=refs%2Ftags%2Fdebian%2F1%251.0.8%2B1.0.9pre1-1;hpb=cddf69516911d84fcbcbe3cdc225b5e56cd7e012

diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c
index 14b7f17..79f5f50 100644
--- a/utils/gssd/svcgssd_proc.c
+++ b/utils/gssd/svcgssd_proc.c
@@ -200,7 +200,8 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred)
 			maj_stat, min_stat, mech);
 		goto out;
 	}
-	if (!(sname = calloc(name.length + 1, 1))) {
+	if (name.length >= 0xffff || /* be certain name.length+1 doesn't overflow */
+	    !(sname = calloc(name.length + 1, 1))) {
 		printerr(0, "WARNING: get_ids: error allocating %d bytes "
 			"for sname\n", name.length + 1);
 		gss_release_buffer(&min_stat, &name);
@@ -219,8 +220,21 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred)
 	nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
 	res = nfs4_gss_princ_to_ids(secname, sname, &uid, &gid);
 	if (res < 0) {
-		printerr(0, "WARNING: get_ids: unable to map "
-			"name '%s' to a uid\n", sname);
+		printerr(0, "WARNING: get_ids: failed to map name '%s' "
+			"to uid/gid: %s\n", sname, strerror(-res));
+		/*
+		 * -ENOENT means there was no mapping, any other error
+		 * value means there was an error trying to do the
+		 * mapping.
+		 */
+		if (res == -ENOENT) {
+			cred->cr_uid = 65534;      /* XXX */
+			cred->cr_gid = 65534;      /* XXX */
+			cred->cr_groups[0] = 65534;/* XXX */
+			cred->cr_ngroups = 1;
+			res = 0;
+			goto out_free;
+		}
 		goto out_free;
 	}
 	cred->cr_uid = uid;