nss_db: fix endent wrt NULL mappings [BZ #24695] [BZ #24696]

nss_db allows for getpwent et al to be called without a set*ent,
but it only works once.  After the last get*ent a set*ent is
required to restart, because the end*ent did not properly reset
the module.  Resetting it to NULL allows for a proper restart.

If the database doesn't exist, however, end*ent erroniously called
munmap which set errno.

The test case runs "makedb" inside the testroot, so needs selinux
DSOs installed.
This commit is contained in:
DJ Delorie 2019-06-28 18:30:00 -05:00
parent 30ba037546
commit 99135114ba
11 changed files with 189 additions and 2 deletions

View File

@ -1,3 +1,19 @@
2019-07-10 DJ Delorie <dj@redhat.com>
Sergei Trofimovich <slyfox@inbox.ru>
[BZ #24696]
[BZ #24695]
* nss/nss_db/db-open.c (internal_endent): Protect against NULL
mappings.
* nss/tst-nss-db-endgrent.c: New.
* nss/tst-nss-db-endgrent.root: New.
* nss/tst-nss-db-endpwent.c: New.
* nss/tst-nss-db-endpwent.root: New.
* nss/Makefile: Add new tests.
* support/links-dso-program-c.c: Add selinux dependency.
* support/links-dso-program.cc: Add selinux dependency.
* support/Makefile: Build those with -lselinux if enabled.
2019-07-10 Szabolcs Nagy <szabolcs.nagy@arm.com> 2019-07-10 Szabolcs Nagy <szabolcs.nagy@arm.com>
* sysdeps/aarch64/dl-machine.h (elf_machine_runtime_setup): Remove the * sysdeps/aarch64/dl-machine.h (elf_machine_runtime_setup): Remove the

View File

@ -61,7 +61,9 @@ xtests = bug-erange
tests-container = \ tests-container = \
tst-nss-test3 \ tst-nss-test3 \
tst-nss-files-hosts-long tst-nss-files-hosts-long \
tst-nss-db-endpwent \
tst-nss-db-endgrent
# Tests which need libdl # Tests which need libdl
ifeq (yes,$(build-shared)) ifeq (yes,$(build-shared))

View File

@ -63,5 +63,9 @@ internal_setent (const char *file, struct nss_db_map *mapping)
void void
internal_endent (struct nss_db_map *mapping) internal_endent (struct nss_db_map *mapping)
{ {
munmap (mapping->header, mapping->len); if (mapping->header != NULL)
{
munmap (mapping->header, mapping->len);
mapping->header = NULL;
}
} }

54
nss/tst-nss-db-endgrent.c Normal file
View File

@ -0,0 +1,54 @@
/* Test for endgrent changing errno for BZ #24696
Copyright (C) 2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <sys/types.h>
#include <grp.h>
#include <unistd.h>
#include <errno.h>
#include <support/check.h>
#include <support/support.h>
/* The following test verifies that if the db NSS Service is initialized
with no database (getgrent), that a subsequent closure (endgrent) does
not set errno. In the case of the db service it is not an error to close
the service and so it should not set errno. */
static int
do_test (void)
{
/* Just make sure it's not there, although usually it won't be. */
unlink ("/var/db/group.db");
/* This, in conjunction with the testroot's nsswitch.conf, causes
the nss_db module to be "connected" and initialized - but the
testroot has no group.db, so no mapping will be created. */
getgrent ();
errno = 0;
/* Before the fix, this would call munmap (NULL) and set errno. */
endgrent ();
if (errno != 0)
FAIL_EXIT1 ("endgrent set errno to %d\n", errno);
return 0;
}
#include <support/test-driver.c>

View File

@ -0,0 +1 @@
group : db files

66
nss/tst-nss-db-endpwent.c Normal file
View File

@ -0,0 +1,66 @@
/* Test for endpwent->getpwent crash for BZ #24695
Copyright (C) 2019 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <pwd.h>
#include <support/support.h>
#include <support/check.h>
/* It is entirely allowed to start with a getpwent call without
resetting the state of the service via a call to setpwent.
You can also call getpwent more times than you have entries in
the service, and it should not fail. This test iteratates the
database once, gets to the end, and then attempts a second
iteration to look for crashes. */
static void
try_it (void)
{
struct passwd *pw;
/* setpwent is intentionally omitted here. The first call to
getpwent detects that it's first and initializes. The second
time try_it is called, this "first call" was not detected before
the fix, and getpwent would crash. */
while ((pw = getpwent ()) != NULL)
;
/* We only care if this segfaults or not. */
endpwent ();
}
static int
do_test (void)
{
char *cmd;
cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in",
support_bindir_prefix);
system (cmd);
free (cmd);
try_it ();
try_it ();
return 0;
}
#include <support/test-driver.c>

View File

@ -0,0 +1 @@
passwd: db

View File

@ -0,0 +1,4 @@
.root root:x:0:0:root:/root:/bin/bash
=0 root:x:0:0:root:/root:/bin/bash
.bin bin:x:1:1:bin:/bin:/sbin/nologin
=1 bin:x:1:1:bin:/bin:/sbin/nologin

View File

@ -191,6 +191,11 @@ LINKS_DSO_PROGRAM = links-dso-program
LDLIBS-links-dso-program = -lstdc++ -lgcc -lgcc_s $(libunwind) LDLIBS-links-dso-program = -lstdc++ -lgcc -lgcc_s $(libunwind)
endif endif
ifeq (yes,$(have-selinux))
LDLIBS-$(LINKS_DSO_PROGRAM) += -lselinux
endif
LDLIBS-test-container = $(libsupport) LDLIBS-test-container = $(libsupport)
others += test-container others += test-container

View File

@ -1,9 +1,26 @@
#include <stdio.h> #include <stdio.h>
/* makedb needs selinux dso's. */
#ifdef HAVE_SELINUX
# include <selinux/selinux.h>
#endif
/* The purpose of this file is to indicate to the build system which
shared objects need to be copied into the testroot, such as gcc or
selinux support libraries. This program is never executed, only
scanned for dependencies on shared objects, so the code below may
seem weird - it's written to survive gcc optimization and force
such dependencies.
*/
int int
main (int argc, char **argv) main (int argc, char **argv)
{ {
/* Complexity to keep gcc from optimizing this away. */ /* Complexity to keep gcc from optimizing this away. */
printf ("This is a test %s.\n", argc > 1 ? argv[1] : "null"); printf ("This is a test %s.\n", argc > 1 ? argv[1] : "null");
#ifdef HAVE_SELINUX
/* This exists to force libselinux.so to be required. */
printf ("selinux %d\n", is_selinux_enabled ());
#endif
return 0; return 0;
} }

View File

@ -1,11 +1,28 @@
#include <iostream> #include <iostream>
/* makedb needs selinux dso's. */
#ifdef HAVE_SELINUX
# include <selinux/selinux.h>
#endif
using namespace std; using namespace std;
/* The purpose of this file is to indicate to the build system which
shared objects need to be copied into the testroot, such as gcc or
selinux support libraries. This program is never executed, only
scanned for dependencies on shared objects, so the code below may
seem weird - it's written to survive gcc optimization and force
such dependencies.
*/
int int
main (int argc, char **argv) main (int argc, char **argv)
{ {
/* Complexity to keep gcc from optimizing this away. */ /* Complexity to keep gcc from optimizing this away. */
cout << (argc > 1 ? argv[1] : "null"); cout << (argc > 1 ? argv[1] : "null");
#ifdef HAVE_SELINUX
/* This exists to force libselinux.so to be required. */
cout << "selinux " << is_selinux_enabled ();
#endif
return 0; return 0;
} }