util: Realloc buffer size for atomic safe read

Realloc and increase the buffer size when safe read returns more than CHILD_MSG_CHUNK size bytes. This handles multiple passkey mappings returned from the krb5 child in kerberos pre-authentication. Reviewed-by: Alexey Tikhonov <atikhono@redhat.com> Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com>
SSSD · Sep 27, 2023 · 1f4fffd · 1f4fffd
1 parent ae920b9
commit 1f4fffd
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/src/util/atomic_io.c b/src/util/atomic_io.c
@@ -87,7 +87,11 @@ ssize_t sss_atomic_read_safe_s(int fd, void *buf, size_t buf_len, size_t *_len)
     }
 
     if (ulen > buf_len) {
-        return ERANGE;
+        if (_len != NULL) {
+            *_len = ulen;
+        }
+        errno = ERANGE;
+        return -1;
     }
 
     if (_len != NULL) {

diff --git a/src/util/child_common.c b/src/util/child_common.c
@@ -509,7 +509,7 @@ static void _read_pipe_handler(struct tevent_context *ev,
     struct _read_pipe_state *state;
     ssize_t size;
     errno_t err;
-    uint8_t buf[CHILD_MSG_CHUNK];
+    uint8_t *buf;
     size_t len = 0;
 
     state = tevent_req_data(req, struct _read_pipe_state);
@@ -521,8 +521,23 @@ static void _read_pipe_handler(struct tevent_context *ev,
         return;
     }
 
+    buf = talloc_array(state, uint8_t, CHILD_MSG_CHUNK);
+    if (buf == NULL) {
+        tevent_req_error(req, ENOMEM);
+        return;
+    }
+
     if (state->safe) {
         size = sss_atomic_read_safe_s(state->fd, buf, CHILD_MSG_CHUNK, &len);
+        if (size == -1 && errno == ERANGE) {
+            buf = talloc_realloc(state, buf, uint8_t, len);
+            if(!buf) {
+                tevent_req_error(req, ENOMEM);
+                return;
+            }
+
+            size = sss_atomic_read_s(state->fd, buf, len);
+        }
     } else {
         size = sss_atomic_read_s(state->fd, buf, CHILD_MSG_CHUNK);
     }
@@ -532,7 +547,6 @@ static void _read_pipe_handler(struct tevent_context *ev,
               "read failed [%d][%s].\n", err, strerror(err));
         tevent_req_error(req, err);
         return;
-
     } else if (size > 0) {
         state->buf = talloc_realloc(state, state->buf, uint8_t,
                                     state->len + size);