summary refs log tree commit diff
path: root/nis/nss_compat
diff options
context:
space:
mode:
Diffstat (limited to 'nis/nss_compat')
-rw-r--r--nis/nss_compat/compat-grp.c94
-rw-r--r--nis/nss_compat/compat-pwd.c123
-rw-r--r--nis/nss_compat/compat-spwd.c104
3 files changed, 275 insertions, 46 deletions
diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c
index 59165ea590..9726784b2d 100644
--- a/nis/nss_compat/compat-grp.c
+++ b/nis/nss_compat/compat-grp.c
@@ -218,6 +218,10 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
 
   do
     {
+      char *save_oldkey;
+      int save_oldlen;
+      bool_t save_nis_first;
+
       if (ent->nis_first)
 	{
 	  if (yp_first (domain, "group.byname", &outkey, &outkeylen,
@@ -226,7 +230,9 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
 	      ent->nis = 0;
 	      return NSS_STATUS_UNAVAIL;
 	    }
-
+	  save_oldkey = ent->oldkey;
+	  save_oldlen = ent->oldkeylen;
+	  save_nis_first = TRUE;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	  ent->nis_first = FALSE;
@@ -241,7 +247,9 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
 	      return NSS_STATUS_NOTFOUND;
 	    }
 
-	  free (ent->oldkey);
+	  save_oldkey = ent->oldkey;
+	  save_oldlen = ent->oldkeylen;
+	  save_nis_first = FALSE;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	}
@@ -255,8 +263,21 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
       while (isspace (*p))
 	++p;
 
-      parse_res = _nss_files_parse_grent (p, result, data, buflen);
-
+      if ((parse_res = _nss_files_parse_grent (p, result, data, buflen)) == -1)
+	{
+	  free (ent->oldkey);
+	  ent->oldkey = save_oldkey;
+	  ent->oldkeylen = save_oldlen;
+	  ent->nis_first = save_nis_first;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!save_nis_first)
+	    free (save_oldkey);
+	}
+      
       if (parse_res &&
 	  in_blacklist (result->gr_name, strlen (result->gr_name), ent))
 	parse_res = 0; /* if result->gr_name in blacklist,search next entry */
@@ -274,8 +295,13 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer,
 
   do
     {
+      nis_result *save_oldres;
+      bool_t save_nis_first;
+      
       if (ent->nis_first)
         {
+	  save_oldres = ent->result;
+	  save_nis_first = TRUE;
           ent->result = nis_first_entry(grptable);
           if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
             {
@@ -288,8 +314,9 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer,
         {
           nis_result *res;
 
+	  save_oldres = ent->result;
+	  save_nis_first = FALSE;
           res = nis_next_entry(grptable, &ent->result->cookie);
-          nis_freeresult (ent->result);
           ent->result = res;
           if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
             {
@@ -297,8 +324,21 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer,
 	      return niserr2nss (ent->result->status);
             }
         }
-      parse_res = _nss_nisplus_parse_grent (ent->result, 0, result, buffer,
-                                            buflen);
+      if ((parse_res = _nss_nisplus_parse_grent (ent->result, 0, result, 
+						 buffer, buflen)) == -1)
+	{
+	  nis_freeresult (ent->result);
+	  ent->result = save_oldres;
+	  ent->nis_first = save_nis_first;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!save_nis_first)
+	    nis_freeresult (save_oldres);
+	}
+
       if (parse_res &&
           in_blacklist (result->gr_name, strlen (result->gr_name), ent))
         parse_res = 0; /* if result->gr_name in blacklist,search next entry */
@@ -330,7 +370,13 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer,
           nis_freeresult (res);
           return status;
         }
-      parse_res = _nss_nisplus_parse_grent (res, 0, result, buffer, buflen);
+      if ((parse_res = _nss_nisplus_parse_grent (res, 0, result, buffer, 
+						 buflen)) == -1)
+	{
+	  __set_errno (ERANGE);
+	  nis_freeresult (res);
+	  return NSS_STATUS_TRYAGAIN;
+	}
       nis_freeresult (res);
     }
   else /* Use NIS */
@@ -350,7 +396,11 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer,
       free (outval);
       while (isspace (*p))
         p++;
-      parse_res = _nss_files_parse_grent (p, result, data, buflen);
+      if ((parse_res = _nss_files_parse_grent (p, result, data, buflen)) == -1)
+	{
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
     }
 
   if (parse_res)
@@ -368,13 +418,24 @@ getgrent_next_file (struct group *result, ent_t *ent,
   struct parser_data *data = (void *) buffer;
   while (1)
     {
+      fpos_t pos;
+      int parse_res = 0;
       char *p;
 
       do
 	{
+	  fgetpos (ent->stream, &pos);
 	  p = fgets (buffer, buflen, ent->stream);
 	  if (p == NULL)
-	    return NSS_STATUS_NOTFOUND;
+	    {
+	      if (feof (ent->stream))
+		return NSS_STATUS_NOTFOUND;
+	      else
+		{
+		  __set_errno (ERANGE);
+		  return NSS_STATUS_TRYAGAIN;
+		}
+	    }
 
 	  /* Terminate the line for any case.  */
 	  buffer[buflen - 1] = '\0';
@@ -383,11 +444,18 @@ getgrent_next_file (struct group *result, ent_t *ent,
 	  while (isspace (*p))
 	    ++p;
 	}
-      /* Ignore empty and comment lines.  */
-      while (*p == '\0' || *p == '#' ||
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
       /* Parse the line.  If it is invalid, loop to
          get the next line of the file to parse.  */
-	     !_nss_files_parse_grent (p, result, data, buflen));
+	     !(parse_res = _nss_files_parse_grent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
 
       if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
 	/* This is a real entry.  */
diff --git a/nis/nss_compat/compat-pwd.c b/nis/nss_compat/compat-pwd.c
index 0d0f2a6c33..af1267922c 100644
--- a/nis/nss_compat/compat-pwd.c
+++ b/nis/nss_compat/compat-pwd.c
@@ -272,6 +272,9 @@ internal_endpwent (ent_t *ent)
       ent->stream = NULL;
     }
 
+  if (ent->netgroup)
+    __internal_endnetgrent (&ent->netgrdata);
+  
   ent->nis = ent->first = ent->netgroup = 0;
 
   if (ent->oldkey != NULL)
@@ -303,9 +306,6 @@ _nss_compat_endpwent (void)
 
   __libc_lock_lock (lock);
 
-  if (ext_ent.netgroup)
-    __internal_endnetgrent (&ext_ent.netgrdata);
-
   result = internal_endpwent (&ext_ent);
 
   __libc_lock_unlock (lock);
@@ -339,6 +339,10 @@ getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
 
   while (1)
     {
+      char *saved_cursor;
+      int parse_res;
+
+      saved_cursor = ent->netgrdata.cursor;
       status = __internal_getnetgrent_r (&host, &user, &domain,
 					 &ent->netgrdata, buffer, buflen);
       if (status != 1)
@@ -372,7 +376,13 @@ getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
       while (isspace (*p))
 	p++;
       free (outval);
-      if (_nss_files_parse_pwent (p, result, data, buflen))
+      if ((parse_res = _nss_files_parse_pwent (p, result, data, buflen)) == -1)
+	{
+	  ent->netgrdata.cursor = saved_cursor;
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      if (parse_res)
 	{
 	  copy_pwd_changes (result, &ent->pwd, p2, p2len);
 	  break;
@@ -410,6 +420,9 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
 
   while (1)
     {
+      char *saved_cursor;
+
+      saved_cursor = ent->netgrdata.cursor;
       status = __internal_getnetgrent_r (&host, &user, &domain,
 					 &ent->netgrdata, buffer, buflen);
       if (status != 1)
@@ -419,13 +432,13 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
 	  give_pwd_free (&ent->pwd);
 	  return NSS_STATUS_RETURN;
 	}
-
+      
       if (user == NULL || user[0] == '-')
 	continue;
-
+      
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
 	continue;
-
+      
       p2len = pwd_need_buflen (&ent->pwd);
       if (p2len > buflen)
 	{
@@ -444,7 +457,13 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
 	  nis_freeresult (nisres);
 	  continue;
 	}
-      parse_res = _nss_nisplus_parse_pwent (nisres, result, buffer, buflen);
+      if ((parse_res = _nss_nisplus_parse_pwent (nisres, result, buffer, 
+						 buflen)) == -1)
+	{
+	  nis_freeresult (nisres);
+	  ent->netgrdata.cursor = saved_cursor;
+	  return NSS_STATUS_TRYAGAIN;
+	}
       nis_freeresult (nisres);
 
       if (parse_res)
@@ -485,8 +504,14 @@ getpwent_next_nisplus (struct passwd *result, ent_t *ent, char *buffer,
   buflen -= p2len;
   do
     {
+      bool_t saved_first;
+      nis_result *saved_res;
+
       if (ent->first)
 	{
+	  saved_first = TRUE;
+	  saved_res = ent->result;
+
 	  ent->result = nis_first_entry(pwdtable);
           if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
 	    {
@@ -501,17 +526,32 @@ getpwent_next_nisplus (struct passwd *result, ent_t *ent, char *buffer,
 	  nis_result *res;
 
 	  res = nis_next_entry(pwdtable, &ent->result->cookie);
-	  nis_freeresult (ent->result);
+	  saved_res = ent->result;
+	  saved_first = FALSE;
 	  ent->result = res;
 	  if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
 	    {
 	      ent->nis = 0;
+	      nis_freeresult (saved_res);
 	      give_pwd_free (&ent->pwd);
 	      return niserr2nss (ent->result->status);
 	    }
 	}
-      parse_res = _nss_nisplus_parse_pwent (ent->result, result, buffer,
-					    buflen);
+      if ((parse_res = _nss_nisplus_parse_pwent (ent->result, result, buffer,
+						 buflen)) == -1)
+	{
+	  nis_freeresult (ent->result);
+	  ent->result = saved_res;
+	  ent->first = saved_first;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!saved_first)
+	    nis_freeresult (saved_res);
+	}
+      
       if (parse_res &&
 	  in_blacklist (result->pw_name, strlen (result->pw_name), ent))
 	parse_res = 0; /* if result->pw_name in blacklist,search next entry */
@@ -549,6 +589,10 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer,
   buflen -= p2len;
   do
     {
+      bool_t saved_first;
+      char *saved_oldkey;
+      int saved_oldlen;
+      
       if (ent->first)
 	{
 	  if (yp_first (domain, "passwd.byname", &outkey, &outkeylen,
@@ -558,7 +602,10 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer,
 	      give_pwd_free (&ent->pwd);
 	      return NSS_STATUS_UNAVAIL;
 	    }
-
+	  
+	  saved_first = TRUE;
+	  saved_oldkey = ent->oldkey;
+	  saved_oldlen = ent->oldkeylen;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	  ent->first = FALSE;
@@ -574,7 +621,9 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer,
 	      return NSS_STATUS_NOTFOUND;
 	    }
 
-	  free (ent->oldkey);
+	  saved_first = FALSE;
+	  saved_oldkey = ent->oldkey;
+	  saved_oldlen = ent->oldkeylen;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	}
@@ -587,7 +636,20 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer,
 
       while (isspace (*p))
 	++p;
-      parse_res = _nss_files_parse_pwent (p, result, data, buflen);
+      if ((parse_res = _nss_files_parse_pwent (p, result, data, buflen)) == -1)
+	{
+	  free (ent->oldkey);
+	  ent->oldkey = saved_oldkey;
+	  ent->oldkeylen = saved_oldlen;
+	  ent->first = saved_first;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!saved_first)
+	    free (saved_oldkey);
+	}
       if (parse_res &&
 	  in_blacklist (result->pw_name, strlen (result->pw_name), ent))
 	parse_res = 0;
@@ -637,7 +699,13 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer,
 	  nis_freeresult (res);
 	  return status;
 	}
-      parse_res = _nss_nisplus_parse_pwent (res, result, buffer, buflen);
+      if ((parse_res = _nss_nisplus_parse_pwent (res, result, buffer, 
+						 buflen)) == -1)
+	{
+	  nis_freeresult (res);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
       nis_freeresult (res);
     }
   else /* Use NIS */
@@ -645,10 +713,10 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer,
       char *domain;
       char *outval;
       int outvallen;
-
+      
       if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
 	return NSS_STATUS_TRYAGAIN;
-
+      
       if (yp_match (domain, "passwd.byname", &result->pw_name[1],
 		    strlen (result->pw_name) - 1, &outval, &outvallen)
 	  != YPERR_SUCCESS)
@@ -658,10 +726,14 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer,
       free (outval);
       while (isspace (*p))
 	p++;
-      parse_res = _nss_files_parse_pwent (p, result, data, buflen);
+      if ((parse_res = _nss_files_parse_pwent (p, result, data, buflen)) == -1)
+	{
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
     }
 
-  if (parse_res)
+  if (parse_res > 0)
     {
       copy_pwd_changes (result, &pwd, p, plen);
       give_pwd_free (&pwd);
@@ -684,10 +756,13 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
   struct parser_data *data = (void *) buffer;
   while (1)
     {
+      fpos_t pos;
       char *p;
+      int parse_res;
 
       do
 	{
+	  fgetpos (ent->stream, &pos);
 	  p = fgets (buffer, buflen, ent->stream);
 	  if (p == NULL)
 	    return NSS_STATUS_NOTFOUND;
@@ -702,7 +777,15 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
       while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines.  */
       /* Parse the line.  If it is invalid, loop to
          get the next line of the file to parse.  */
-	     !_nss_files_parse_pwent (p, result, data, buflen));
+	     !(parse_res = _nss_files_parse_pwent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
 
       if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
 	/* This is a real entry.  */
diff --git a/nis/nss_compat/compat-spwd.c b/nis/nss_compat/compat-spwd.c
index 4199baf202..61a703c1ea 100644
--- a/nis/nss_compat/compat-spwd.c
+++ b/nis/nss_compat/compat-spwd.c
@@ -292,6 +292,10 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
 
   while (1)
     {
+      char *saved_cursor;
+      int parse_res;
+
+      saved_cursor = ent->netgrdata.cursor;
       status = __internal_getnetgrent_r (&host, &user, &domain,
 					 &ent->netgrdata, buffer, buflen);
       if (status != 1)
@@ -301,10 +305,10 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
 	  give_spwd_free (&ent->pwd);
 	  return NSS_STATUS_RETURN;
 	}
-
+      
       if (user == NULL || user[0] == '-')
 	continue;
-
+      
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
 	continue;
 
@@ -325,7 +329,13 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
       while (isspace (*p))
 	p++;
       free (outval);
-      if (_nss_files_parse_spent (p, result, data, buflen))
+      if ((parse_res = _nss_files_parse_spent (p, result, data, buflen)) == -1)
+	{
+	  ent->netgrdata.cursor = saved_cursor;
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      if (parse_res)
 	{
 	  copy_spwd_changes (result, &ent->pwd, p2, p2len);
 	  break;
@@ -363,6 +373,9 @@ getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
 
   while (1)
     {
+      char *saved_cursor;
+
+      saved_cursor = ent->netgrdata.cursor;
       status = __internal_getnetgrent_r (&host, &user, &domain,
                                          &ent->netgrdata, buffer, buflen);
       if (status != 1)
@@ -397,7 +410,12 @@ getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
           nis_freeresult (nisres);
           continue;
         }
-      parse_res = _nss_nisplus_parse_spent (nisres, result, buffer, buflen);
+      if ((parse_res = _nss_nisplus_parse_spent (nisres, result, buffer,
+						 buflen)) == -1)
+	{
+	  nis_freeresult (nisres);
+	  return NSS_STATUS_TRYAGAIN;
+	}
       nis_freeresult (nisres);
 
       if (parse_res)
@@ -438,8 +456,14 @@ getspent_next_nisplus (struct spwd *result, ent_t *ent, char *buffer,
   buflen -= p2len;
   do
     {
+      bool_t saved_first;
+      nis_result *saved_res;
+
       if (ent->first)
         {
+	  saved_first = TRUE;
+	  saved_res = ent->result;
+
           ent->result = nis_first_entry(pwdtable);
           if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
             {
@@ -453,18 +477,33 @@ getspent_next_nisplus (struct spwd *result, ent_t *ent, char *buffer,
         {
           nis_result *res;
 
+	  saved_first = FALSE;
+	  saved_res = ent->result;
+
           res = nis_next_entry(pwdtable, &ent->result->cookie);
-          nis_freeresult (ent->result);
           ent->result = res;
           if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
             {
+	      nis_freeresult (saved_res);
 	      ent->nis = 0;
 	      give_spwd_free (&ent->pwd);
 	      return niserr2nss (ent->result->status);
             }
         }
-      parse_res = _nss_nisplus_parse_spent (ent->result, result, buffer,
-                                            buflen);
+      if ((parse_res = _nss_nisplus_parse_spent (ent->result, result, buffer,
+						 buflen)) == -1)
+	{
+	  ent->first = saved_first;
+	  nis_freeresult (ent->result);
+	  ent->result = saved_res;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!saved_first)
+	    nis_freeresult (saved_res);
+	}
       if (parse_res &&
           in_blacklist (result->sp_namp, strlen (result->sp_namp), ent))
         parse_res = 0; /* if result->pw_name in blacklist,search next entry */
@@ -503,6 +542,10 @@ getspent_next_nis (struct spwd *result, ent_t *ent,
   buflen -= p2len;
   do
     {
+      bool_t saved_first;
+      char *saved_oldkey;
+      int saved_oldlen;
+
       if (ent->first)
 	{
 	  if (yp_first (domain, "shadow.byname", &outkey, &outkeylen,
@@ -512,7 +555,9 @@ getspent_next_nis (struct spwd *result, ent_t *ent,
 	      give_spwd_free (&ent->pwd);
 	      return NSS_STATUS_UNAVAIL;
 	    }
-
+	  saved_first = TRUE;
+	  saved_oldkey = ent->oldkey;
+	  saved_oldlen = ent->oldkeylen;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	  ent->first = FALSE;
@@ -528,7 +573,9 @@ getspent_next_nis (struct spwd *result, ent_t *ent,
 	      return NSS_STATUS_NOTFOUND;
 	    }
 
-	  free (ent->oldkey);
+	  saved_first = FALSE;
+	  saved_oldkey = ent->oldkey;
+	  saved_oldlen = ent->oldkeylen;
 	  ent->oldkey = outkey;
 	  ent->oldkeylen = outkeylen;
 	}
@@ -541,7 +588,20 @@ getspent_next_nis (struct spwd *result, ent_t *ent,
 
       while (isspace (*p))
 	++p;
-      parse_res = _nss_files_parse_spent (p, result, data, buflen);
+      if ((parse_res = _nss_files_parse_spent (p, result, data, buflen)) == -1)
+	{
+	  free (ent->oldkey);
+	  ent->oldkey = saved_oldkey;
+	  ent->oldkeylen = saved_oldlen;
+	  ent->first = saved_first;
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      else
+	{
+	  if (!saved_first)
+	    free (saved_oldkey);
+	}
       if (parse_res &&
           in_blacklist (result->sp_namp, strlen (result->sp_namp), ent))
         parse_res = 0;
@@ -591,7 +651,12 @@ getspent_next_file_plususer (struct spwd *result, char *buffer,
           nis_freeresult (res);
           return status;
         }
-      parse_res = _nss_nisplus_parse_spent (res, result, buffer, buflen);
+      if ((parse_res = _nss_nisplus_parse_spent (res, result, buffer, 
+						 buflen)) == -1)
+	{
+	  nis_freeresult (res);
+	  return NSS_STATUS_TRYAGAIN;
+	}
       nis_freeresult (res);
     }
   else /* Use NIS */
@@ -612,7 +677,8 @@ getspent_next_file_plususer (struct spwd *result, char *buffer,
       free (outval);
       while (isspace (*p))
         p++;
-      parse_res = _nss_files_parse_spent (p, result, data, buflen);
+      if ((parse_res = _nss_files_parse_spent (p, result, data, buflen)) == -1)
+	return NSS_STATUS_TRYAGAIN;
     }
 
   if (parse_res)
@@ -638,10 +704,13 @@ getspent_next_file (struct spwd *result, ent_t *ent,
   struct parser_data *data = (void *) buffer;
   while (1)
     {
+      fpos_t pos;
+      int parse_res = 0;
       char *p;
 
       do
 	{
+	  fgetpos (ent->stream, &pos);
 	  p = fgets (buffer, buflen, ent->stream);
 	  if (p == NULL)
 	    return NSS_STATUS_NOTFOUND;
@@ -656,8 +725,17 @@ getspent_next_file (struct spwd *result, ent_t *ent,
       while (*p == '\0' || *p == '#'	/* Ignore empty and comment lines.  */
       /* Parse the line.  If it is invalid, loop to
          get the next line of the file to parse.  */
-	     || !_nss_files_parse_spent (p, result, data, buflen));
+	     || !(parse_res = _nss_files_parse_spent (p, result, data,
+						      buflen)));
 
+      if (parse_res == -1)
+        {
+          /* The parser ran out of space.  */
+          fsetpos (ent->stream, &pos);
+          __set_errno (ERANGE);
+          return NSS_STATUS_TRYAGAIN;
+        }
+      
       if (result->sp_namp[0] != '+' && result->sp_namp[0] != '-')
 	/* This is a real entry.  */
 	break;