From: Ulrich Drepper <drepper@redhat.com>
Date: Sat, 6 Oct 2007 18:47:56 +0000 (+0000)
Subject: * nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.
X-Git-Tag: cvs/fedora-glibc-20071010T2047~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8c7661bcd362416493b3088ddf176578b225fb18;p=thirdparty%2Fglibc.git

* nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.
---

diff --git a/ChangeLog b/ChangeLog
index 3c8b95d07d7..65c96fe8a66 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 2007-10-06  Ulrich Drepper  <drepper@redhat.com>
 
+	* nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.
+
 	[BZ #4407]
 	* sysdeps/ieee754/dbl-64/e_lgamma_r.c: Fix *signgamp for -0.0.
 	* sysdeps/ieee754/flt-32/e_lgammaf_r.c: Likewise.
diff --git a/nscd/nscd_helper.c b/nscd/nscd_helper.c
index 5f3d54efcf5..2e6d5f76b87 100644
--- a/nscd/nscd_helper.c
+++ b/nscd/nscd_helper.c
@@ -416,7 +416,8 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
   unsigned long int hash = __nis_hash (key, keylen) % mapped->head->module;
   size_t datasize = mapped->datasize;
 
-  ref_t work = mapped->head->array[hash];
+  ref_t first = mapped->head->array[hash];
+  ref_t work = first;
   while (work != ENDREF && work + sizeof (struct hashentry) <= datasize)
     {
       struct hashentry *here = (struct hashentry *) (mapped->data + work);
@@ -454,6 +455,10 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
 	}
 
       work = here->next;
+      /* Prevent endless loops.  This should never happen but perhaps
+	 the database got corrupted, accidentally or deliberately.  */
+      if (work == first)
+	break;
     }
 
   return NULL;