@@ -44,6 +44,7 @@
#include <netdb.h>
#include <err.h>
#include <grp.h>
+#include <limits.h>
#include "nfsidmap.h"
#include "nfsidmap_internal.h"
#include "cfg.h"
@@ -171,7 +172,7 @@ static struct passwd *nss_getpwnam(const char *name, const char *domain, int *er
char *localname;
int err = ENOMEM;
- if (buflen < 0)
+ if (buflen > UINT_MAX)
goto err;
buf = malloc(sizeof(*buf) + buflen);
@@ -240,7 +241,7 @@ static int nss_name_to_gid(char *name, gid_t *gid)
goto out;
err = -ENOMEM;
- if (buflen < 0)
+ if (buflen > UINT_MAX)
goto out;
do {
commit e22368f6 introduce a couple checks for negative buffer lengths. The variables are unsigned ints so UINT_MAX should be used. Signed-off-by: Steve Dickson <steved@redhat.com> --- nss.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)