Commit Graph

23 Commits

Author SHA1 Message Date
Joseph Myers
bfff8b1bec Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Joseph Myers
f7a9f785e5 Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
Joseph Myers
b168057aaa Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Roland McGrath
c6dfed243e Rework some nscd code not to use variable-length struct types. 2014-10-22 14:28:51 -07:00
Siddhesh Poyarekar
c3ec475c5d Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)
The netgroups nss modules in the glibc tree use NSS_STATUS_UNAVAIL
(with errno as ERANGE) when the supplied buffer does not have
sufficient space for the result.  This is wrong, because the canonical
way to indicate insufficient buffer is to set the errno to ERANGE and
the status to NSS_STATUS_TRYAGAIN, as is used by all other modules.

This fixes nscd behaviour when the nss_ldap module returns
NSS_STATUS_TRYAGAIN to indicate that a netgroup entry is too long to
fit into the supplied buffer.
2014-05-26 11:40:08 +05:30
Siddhesh Poyarekar
1cdeb2372d Consolidate code to initialize nscd dataset header
This patch consolidates the code to initialize the header of a dataset
into a single set of functions (one for positive and another for
negative datasets) primarily to reduce repetition of code.  The
secondary reason is to simplify Patch 2/2 which fixes the problem of
an uninitialized byte in the header by initializing an unused field in
the structure and hence preventing a possible data leak into the cache
file.
2014-04-30 11:57:09 +05:30
Siddhesh Poyarekar
ea7d8b95e2 Avoid overlapping addresses to stpcpy calls in nscd (BZ #16760)
Calls to stpcpy from nscd netgroups code will have overlapping source
and destination when all three values in the returned triplet are
non-NULL and in the expected (host,user,domain) order.  This is seen
in valgrind as:

==3181== Source and destination overlap in stpcpy(0x19973b48, 0x19973b48)
==3181==    at 0x4C2F30A: stpcpy (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3181==    by 0x12567A: addgetnetgrentX (string3.h:111)
==3181==    by 0x12722D: addgetnetgrent (netgroupcache.c:665)
==3181==    by 0x11114C: nscd_run_worker (connections.c:1338)
==3181==    by 0x4E3C102: start_thread (pthread_create.c:309)
==3181==    by 0x59B81AC: clone (clone.S:111)
==3181==

Fix this by using memmove instead of stpcpy.
2014-03-27 19:48:15 +05:30
Siddhesh Poyarekar
fbd6b5a405 Fix nscd lookup for innetgr when netgroup has wildcards (BZ #16758)
nscd works correctly when the request in innetgr is a wildcard,
i.e. when one or more of host, user or domain parameters is NULL.
However, it does not work when the the triplet in the netgroup
definition has a wildcard.  This is easy to reproduce for a triplet
defined as follows:

    foonet (,foo,)

Here, an innetgr call that looks like this:

    innetgr ("foonet", "foohost", "foo", NULL);

should succeed and so should:

    innetgr ("foonet", NULL, "foo", "foodomain");

It does succeed with nscd disabled, but not with nscd enabled.  This
fix adds this additional check for all three parts of the triplet so
that it gives the correct result.

	[BZ #16758]
	* nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has
	blank values.
2014-03-27 07:15:22 +05:30
Siddhesh Poyarekar
c44496df2f Provide correct buffer length to netgroup queries in nscd (BZ #16695)
The buffer to query netgroup entries is allocated sufficient space for
the netgroup entries and the key to be appended at the end, but it
sends in an incorrect available length to the NSS netgroup query
functions, resulting in overflow of the buffer in some special cases.
The fix here is to factor in the key length when sending the available
buffer and buffer length to the query functions.
2014-03-12 17:28:13 +05:30
Ondřej Bílka
a1ffb40e32 Use glibc_likely instead __builtin_expect. 2014-02-10 15:07:12 +01:00
Siddhesh Poyarekar
af37a8a349 Avoid undefined behaviour in netgroupcache
Using a buffer after it has been reallocated is undefined behaviour,
so get offsets of the triplets in the old buffer before reallocating
it.
2014-01-27 11:32:44 +05:30
Siddhesh Poyarekar
5d41dadf31 Adjust pointers to triplets in netgroup query data (BZ #16474)
The _nss_*_getnetgrent_r query populates the netgroup results in the
allocated buffer and then sets the result triplet to point to strings
in the buffer.  This is a problem when the buffer is reallocated since
the pointers to the triplet strings are no longer valid.  The pointers
need to be adjusted so that they now point to strings in the
reallocated buffer.
2014-01-24 13:51:15 +05:30
Siddhesh Poyarekar
980cb5180e Don't use alloca in addgetnetgrentX (BZ #16453)
addgetnetgrentX has a buffer which is grown as per the needs of the
requested size either by using alloca or by falling back to malloc if
the size is larger than 1K.  There are two problems with the alloca
bits: firstly, it doesn't really extend the buffer since it does not
use the return value of the extend_alloca macro, which is the location
of the reallocated buffer.  Due to this the buffer does not actually
extend itself and hence a subsequent write may overwrite stuff on the
stack.

The second problem is more subtle - the buffer growth on the stack is
discontinuous due to block scope local variables.  Combine that with
the fact that unlike realloc, extend_alloca does not copy over old
content and you have a situation where the buffer just has garbage in
the space where it should have had data.

This could have been fixed by adding code to copy over old data
whenever we call extend_alloca, but it seems unnecessarily
complicated.  This code is not exactly a performance hotspot (it's
called when there is a cache miss, so factors like network lookup or
file reads will dominate over memory allocation/reallocation), so this
premature optimization is unnecessary.

Thanks Brad Hubbard <bhubbard@redhat.com> for his help with debugging
the problem.
2014-01-16 10:21:52 +05:30
Siddhesh Poyarekar
9a3c6a6ff6 Fix return code from getent netgroup when the netgroup is not found (bz #16366)
nscd incorrectly returns a success even when the netgroup in question
is not found and adds a positive result in the cache.  this patch
fixes this behaviour by adding a negative lookup entry to cache and
returning an error when the netgroup is not found.
2014-01-02 10:05:27 +05:30
Siddhesh Poyarekar
d41242129b Fix infinite loop in nscd when netgroup is empty (bz #16365)
Currently, when a user looks up a netgroup that does not have any
members, nscd goes into an infinite loop trying to find members in the
group.  This is because it does not handle cases when getnetgrent
returns an NSS_STATUS_NOTFOUND (which is what it does on empty group).
Fixed to handle this in the same way as NSS_STATUS_RETURN, similar to
what getgrent does by itself.
2014-01-02 10:04:21 +05:30
Allan McRae
d4697bc93d Update copyright notices with scripts/update-copyrights 2014-01-01 22:00:23 +10:00
Allan McRae
83e43bf0b7 Fix nesting of ifdefs in netgroupcache.c
Fixes unclosed '{' if HAVE_SENDFILE is defined (BZ #15895).
2013-09-09 20:25:01 +10:00
Andreas Schwab
50fd745b4d Fix handling of netgroup cache in nscd 2013-06-11 11:29:50 +02:00
Joseph Myers
568035b787 Update copyright notices with scripts/update-copyrights. 2013-01-02 19:05:09 +00:00
Thomas Schwinge
37233df9d1 Hurd: #include <kernel-features.h> 2012-05-10 15:57:24 -07:00
Paul Eggert
59ba27a63a Replace FSF snail mail address with URLs. 2012-02-09 23:18:22 +00:00
Ulrich Drepper
97c066e65a Fix nesting of #ifdefs in netgroupcache.c 2011-10-17 10:30:03 -04:00
Ulrich Drepper
684ae51599 Implement caching of nscd 2011-10-07 10:06:31 -04:00