From 8c7661bcd362416493b3088ddf176578b225fb18 Mon Sep 17 00:00:00 2001
From: Ulrich Drepper <drepper@redhat.com>
Date: Sat, 6 Oct 2007 18:47:56 +0000
Subject: * nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.

---
 ChangeLog          | 2 ++
 nscd/nscd_helper.c | 7 ++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 3c8b95d07d..65c96fe8a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 2007-10-06  Ulrich Drepper  <drepper@redhat.com>
 
+	* nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.
+
 	[BZ #4407]
 	* sysdeps/ieee754/dbl-64/e_lgamma_r.c: Fix *signgamp for -0.0.
 	* sysdeps/ieee754/flt-32/e_lgammaf_r.c: Likewise.
diff --git a/nscd/nscd_helper.c b/nscd/nscd_helper.c
index 5f3d54efcf..2e6d5f76b8 100644
--- a/nscd/nscd_helper.c
+++ b/nscd/nscd_helper.c
@@ -416,7 +416,8 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
   unsigned long int hash = __nis_hash (key, keylen) % mapped->head->module;
   size_t datasize = mapped->datasize;
 
-  ref_t work = mapped->head->array[hash];
+  ref_t first = mapped->head->array[hash];
+  ref_t work = first;
   while (work != ENDREF && work + sizeof (struct hashentry) <= datasize)
     {
       struct hashentry *here = (struct hashentry *) (mapped->data + work);
@@ -454,6 +455,10 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
 	}
 
       work = here->next;
+      /* Prevent endless loops.  This should never happen but perhaps
+	 the database got corrupted, accidentally or deliberately.  */
+      if (work == first)
+	break;
     }
 
   return NULL;
-- 
cgit v1.2.3