c387ac8
Upstream didn't accepted this patch and only replied that user should fix
c387ac8
the configuration. Since we believe that even if configuration is wrong,
c387ac8
program (especially daemon) shouldn't crash with segfault, we rather fix
c387ac8
this on our own to print a nice error when level of recursion exceeds 128.
c387ac8
c387ac8
diff -up ypserv-2.31/revnetgroup/getnetgrent.c.recursive ypserv-2.31/revnetgroup/getnetgrent.c
c387ac8
--- ypserv-2.31/revnetgroup/getnetgrent.c.recursive	2013-05-17 12:37:08.143675080 +0200
c387ac8
+++ ypserv-2.31/revnetgroup/getnetgrent.c	2013-05-17 14:20:49.376566354 +0200
c387ac8
@@ -31,6 +31,8 @@
c387ac8
 
c387ac8
 #include "hash.h"
c387ac8
 
c387ac8
+#define NETGROUPENTRY_RECURSION_LIMIT 128
c387ac8
+
c387ac8
 extern hash_t *input;
c387ac8
 
c387ac8
 void rev_setnetgrent (const char *);
c387ac8
@@ -53,7 +55,7 @@ struct netgrlist
c387ac8
   };
c387ac8
 
c387ac8
 
c387ac8
-static void rev_expand_netgroupentry (const char *, struct netgrlist *);
c387ac8
+static void rev_expand_netgroupentry (const char *, struct netgrlist *, int level);
c387ac8
 static void rev_parse_entry (char *, char *, struct netgrlist *);
c387ac8
 static void rev_netgr_free (struct netgrlist *);
c387ac8
 static struct netgrlist list = {0, 0, NULL};
c387ac8
@@ -83,7 +85,7 @@ rev_setnetgrent (const char *netgr)
c387ac8
     {
c387ac8
       rev_endnetgrent ();
c387ac8
       netgroup = strdup (netgr);
c387ac8
-      rev_expand_netgroupentry (netgr, &list);
c387ac8
+      rev_expand_netgroupentry (netgr, &list, 0);
c387ac8
     }
c387ac8
   first = 1;
c387ac8
 }
c387ac8
@@ -141,7 +143,7 @@ rev_netgr_free (struct netgrlist *list)
c387ac8
 }
c387ac8
 
c387ac8
 static void
c387ac8
-rev_expand_netgroupentry (const char *netgr, struct netgrlist *list)
c387ac8
+rev_expand_netgroupentry (const char *netgr, struct netgrlist *list, int level)
c387ac8
 {
c387ac8
   char *outval = NULL;
c387ac8
   char *outptr = NULL;
c387ac8
@@ -156,6 +158,14 @@ rev_expand_netgroupentry (const char *ne
c387ac8
   if (outptr == NULL)
c387ac8
     return;
c387ac8
 
c387ac8
+  /* check the recursion - return if we exceed the recursion limit */
c387ac8
+  if (level >= NETGROUPENTRY_RECURSION_LIMIT)
c387ac8
+    {
c387ac8
+      fprintf (stderr, "WARNING: level of recursion in netgroup %s reached"
c387ac8
+	       "%d, entry ignored\n", netgr, NETGROUPENTRY_RECURSION_LIMIT);
c387ac8
+      return;
c387ac8
+    }
c387ac8
+
c387ac8
   /* make a copy to work with */
c387ac8
   outval = strdup (outptr);
c387ac8
   if (outval == NULL)
c387ac8
@@ -198,7 +208,7 @@ rev_expand_netgroupentry (const char *ne
c387ac8
 	  *end = '\0';
c387ac8
 
c387ac8
 	  /* recursion */
c387ac8
-	  rev_expand_netgroupentry (start, list);
c387ac8
+	  rev_expand_netgroupentry (start, list, level+1);
c387ac8
 	}
c387ac8
 
c387ac8
       /* skip to the next entry */