nss_compat: internal_end*ent may clobber errno, hiding ERANGE [BZ #25976]

During cleanup, before returning from get*_r functions, the end*ent calls must not change errno. Otherwise, an ERANGE error from the underlying implementation can be hidden, causing unexpected lookup failures. This commit introduces an internal_end*ent_noerror function which saves and restore errno, and marks the original internal_end*ent function as warn_unused_result, so that it is used only in contexts were errors from it can be handled explicitly. Reviewed-by: DJ Delorie <dj@redhat.com>
2024-11-21 20:40:05 +00:00 · 2020-05-19 14:09:38 +02:00 · 2020-05-19 14:09:38 +02:00 · 790b8dda44
commit 790b8dda44
parent 765de945ef
4 changed files with 46 additions and 11 deletions
--- a/nss/nss_compat/compat-grp.c
+++ b/nss/nss_compat/compat-grp.c
@ -144,7 +144,7 @@ _nss_compat_setgrent (int stayopen)
 }


-static enum nss_status
+static enum nss_status __attribute_warn_unused_result__
 internal_endgrent (ent_t *ent)
 {
  if (ent->stream != NULL)
@ -165,6 +165,15 @@ internal_endgrent (ent_t *ent)
  return NSS_STATUS_SUCCESS;
 }

+/* Like internal_endgrent, but preserve errno in all cases.  */
+static void
+internal_endgrent_noerror (ent_t *ent)
+{
+  int saved_errno = errno;
+  enum nss_status unused __attribute__ ((unused)) = internal_endgrent (ent);
+  __set_errno (saved_errno);
+}
+
 enum nss_status
 _nss_compat_endgrent (void)
 {
@ -485,7 +494,7 @@ _nss_compat_getgrnam_r (const char *name, struct group *grp,
  if (result == NSS_STATUS_SUCCESS)
    result = internal_getgrnam_r (name, grp, &ent, buffer, buflen, errnop);

-  internal_endgrent (&ent);
+  internal_endgrent_noerror (&ent);

  return result;
 }
@ -614,7 +623,7 @@ _nss_compat_getgrgid_r (gid_t gid, struct group *grp,
  if (result == NSS_STATUS_SUCCESS)
    result = internal_getgrgid_r (gid, grp, &ent, buffer, buflen, errnop);

-  internal_endgrent (&ent);
+  internal_endgrent_noerror (&ent);

  return result;
 }
--- a/nss/nss_compat/compat-initgroups.c
+++ b/nss/nss_compat/compat-initgroups.c
@ -134,7 +134,7 @@ internal_setgrent (ent_t *ent)
 }


-static enum nss_status
+static enum nss_status __attribute_warn_unused_result__
 internal_endgrent (ent_t *ent)
 {
  if (ent->stream != NULL)
@ -158,6 +158,15 @@ internal_endgrent (ent_t *ent)
  return NSS_STATUS_SUCCESS;
 }

+/* Like internal_endgrent, but preserve errno in all cases.  */
+static void
+internal_endgrent_noerror (ent_t *ent)
+{
+  int saved_errno = errno;
+  enum nss_status unused __attribute__ ((unused)) = internal_endgrent (ent);
+  __set_errno (saved_errno);
+}
+
 /* Add new group record.  */
 static void
 add_group (long int *start, long int *size, gid_t **groupsp, long int limit,
@ -502,7 +511,7 @@ _nss_compat_initgroups_dyn (const char *user, gid_t group, long int *start,
 done:
  scratch_buffer_free (&tmpbuf);

-  internal_endgrent (&intern);
+  internal_endgrent_noerror (&intern);

  return status;
 }
--- a/nss/nss_compat/compat-pwd.c
+++ b/nss/nss_compat/compat-pwd.c
@ -261,7 +261,7 @@ _nss_compat_setpwent (int stayopen)
 }


-static enum nss_status
+static enum nss_status __attribute_warn_unused_result__
 internal_endpwent (ent_t *ent)
 {
  if (ent->stream != NULL)
@ -289,6 +289,15 @@ internal_endpwent (ent_t *ent)
  return NSS_STATUS_SUCCESS;
 }

+/* Like internal_endpwent, but preserve errno in all cases.  */
+static void
+internal_endpwent_noerror (ent_t *ent)
+{
+  int saved_errno = errno;
+  enum nss_status unused __attribute__ ((unused)) = internal_endpwent (ent);
+  __set_errno (saved_errno);
+}
+
 enum nss_status
 _nss_compat_endpwent (void)
 {
@ -824,7 +833,7 @@ _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
  if (result == NSS_STATUS_SUCCESS)
    result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop);

-  internal_endpwent (&ent);
+  internal_endpwent_noerror (&ent);

  return result;
 }
@ -1063,7 +1072,7 @@ _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
  if (result == NSS_STATUS_SUCCESS)
    result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop);

-  internal_endpwent (&ent);
+  internal_endpwent_noerror (&ent);

  return result;
 }
--- a/nss/nss_compat/compat-spwd.c
+++ b/nss/nss_compat/compat-spwd.c
@ -217,7 +217,7 @@ _nss_compat_setspent (int stayopen)
 }


-static enum nss_status
+static enum nss_status __attribute_warn_unused_result__
 internal_endspent (ent_t *ent)
 {
  if (ent->stream != NULL)
@ -246,6 +246,15 @@ internal_endspent (ent_t *ent)
  return NSS_STATUS_SUCCESS;
 }

+/* Like internal_endspent, but preserve errno in all cases.  */
+static void
+internal_endspent_noerror (ent_t *ent)
+{
+  int saved_errno = errno;
+  enum nss_status unused __attribute__ ((unused)) = internal_endspent (ent);
+  __set_errno (saved_errno);
+}
+
 enum nss_status
 _nss_compat_endspent (void)
 {
@ -263,7 +272,6 @@ _nss_compat_endspent (void)
  return result;
 }

-
 static enum nss_status
 getspent_next_nss_netgr (const char *name, struct spwd *result, ent_t *ent,
 			 char *group, char *buffer, size_t buflen,
@ -788,7 +796,7 @@ _nss_compat_getspnam_r (const char *name, struct spwd *pwd,
  if (result == NSS_STATUS_SUCCESS)
    result = internal_getspnam_r (name, pwd, &ent, buffer, buflen, errnop);

-  internal_endspent (&ent);
+  internal_endspent_noerror (&ent);

  return result;
 }