Processing an overlong pathname in the sunrpc clnt_create function
results in a stack-based buffer overflow.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
(cherry picked from commit 226b46770c)
Every file that uses libc_hidden_nolink_sunrpc or
libnsl_hidden_nolink_def needs to include shlib-compat.h. Currently,
most of them are getting it via stdio.h, because libio.h refers to
SHLIB_COMPAT when _LIBC is defined, so it includes shlib-compat.h. My
experimental patch to not install libio.h breaks that chain; stdio.h
no longer pulls in libio.h even for internal users.
Accordingly, this patch adds #include <shlib-compat.h> to many files
in sunrpc/ and nis/. There are also a small number of really obvious
fixups to includes that caught my eye while proofreading the patch -
not including headers twice in a row, not worrying about portability
to Ultrix anymore, sort of thing.
* nis/nis_add.c, nis/nis_addmember.c, nis/nis_call.c
* nis/nis_checkpoint.c, nis/nis_clone_dir.c, nis/nis_clone_obj.c
* nis/nis_clone_res.c, nis/nis_creategroup.c, nis/nis_defaults.c
* nis/nis_destroygroup.c, nis/nis_domain_of.c
* nis/nis_domain_of_r.c, nis/nis_error.c, nis/nis_file.c
* nis/nis_free.c, nis/nis_getservlist.c, nis/nis_ismember.c
* nis/nis_local_names.c, nis/nis_lookup.c, nis/nis_mkdir.c
* nis/nis_modify.c, nis/nis_ping.c, nis/nis_print.c
* nis/nis_print_group_entry.c, nis/nis_remove.c
* nis/nis_removemember.c, nis/nis_rmdir.c, nis/nis_server.c
* nis/nis_subr.c, nis/nis_table.c, nis/nis_util.c
* nis/nis_verifygroup.c, nis/nis_xdr.c, nis/yp_xdr.c
* nis/ypclnt.c, nis/ypupdate_xdr.c, sunrpc/auth_des.c
* sunrpc/auth_none.c, sunrpc/auth_unix.c, sunrpc/authdes_prot.c
* sunrpc/authuxprot.c, sunrpc/clnt_gen.c, sunrpc/clnt_perr.c
* sunrpc/clnt_raw.c, sunrpc/clnt_simp.c, sunrpc/clnt_tcp.c
* sunrpc/clnt_udp.c, sunrpc/clnt_unix.c, sunrpc/des_crypt.c
* sunrpc/des_soft.c, sunrpc/get_myaddr.c, sunrpc/key_call.c
* sunrpc/key_prot.c, sunrpc/netname.c, sunrpc/pm_getmaps.c
* sunrpc/pm_getport.c, sunrpc/pmap_clnt.c, sunrpc/pmap_prot.c
* sunrpc/pmap_prot2.c, sunrpc/pmap_rmt.c, sunrpc/publickey.c
* sunrpc/rpc_cmsg.c, sunrpc/rpc_dtable.c, sunrpc/rpc_prot.c
* sunrpc/rpc_thread.c, sunrpc/rtime.c, sunrpc/svc.c
* sunrpc/svc_auth.c, sunrpc/svc_raw.c, sunrpc/svc_run.c
* sunrpc/svc_tcp.c, sunrpc/svc_udp.c, sunrpc/svc_unix.c
* sunrpc/svcauth_des.c, sunrpc/xdr.c, sunrpc/xdr_array.c
* sunrpc/xdr_float.c, sunrpc/xdr_intXX_t.c, sunrpc/xdr_mem.c
* sunrpc/xdr_rec.c, sunrpc/xdr_ref.c, sunrpc/xdr_sizeof.c
* sunrpc/xdr_stdio.c: Include shlib-compat.h.
* sunrpc/des_crypt.c, sunrpc/des_soft.c: No need to include
abi-versions.h as well as shlib-compat.h.
* sunrpc/get_myaddr.c: Remove obsolete comment.
* sunrpc/pmap_rmt.c: Remove obsolete comment and #undef.
* sunrpc/rpc_thread.c: Include libc-lock.h only once.
* resolv/res_libc.c: Include shlib-compat.h only once.
New configure option --enable-obsolete-rpc makes the deprecated RPC
headers and functions available at compile time as they were before
version 2.14. This option will be removed at some time in the future
after the TI-RPC library becomes fully sufficient for the needs of
existing applications.
Add changes which were in this form in the original patch by
Eric Norum <eric.norum@usask.ca>.
* include/rpc/rpc.h: Remove svc_fdset, rpc_createerr, svc_pollfd, and
svc_max_pollfd.
* sunrpc/rpc/rpc.h: Declare __rpc_thread_svc_fdset,
__rpc_thread_createerr, __rpc_thread_svc_pollfd, and
__rpc_thread_svc_max_pollfd.
Define svc_fdset, get_rpc_createerr, svc_pollfd, and
svc_max_pollfd.
* sunrpc/rpc_thread.c: Handle first thread special, it uses the
global variables.
Define __rpc_thread_svc_fdset, __rpc_thread_createerr,
__rpc_thread_svc_pollfd, and __rpc_thread_svc_max_pollfd.
* sunrpc/Versions [libc] (GLIBC_2.2.3): Export __rpc_thread_svc_fdset,
__rpc_thread_createerr, __rpc_thread_svc_pollfd, and
__rpc_thread_svc_max_pollfd.
* sunrpc/clnt_gen.c: Replace use of rpc_createerr by call to
get_rpc_createerr.
* sunrpc/clnt_perr.c: Likewise.
* sunrpc/clnt_simp.c: Likewise.
* sunrpc/clnt_tcp.c: Likewise.
* sunrpc/clnt_udp.c: Likewise.
* sunrpc/clnt_unix.c: Likewise.
* sunrpc/pm_getport.c: Likewise.
2000-10-31 Ulrich Drepper <drepper@redhat.com>
* sunrpc/clnt_gen.c (clnt_create): Don't set timeout with
clnt_control for any protocol. This would make it impossible for
the user to provide one in clnt_call().
Reported by Hitoshi Guutara Maruyama <maruyama@sh.rim.or.jp>.
1999-06-28 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/unix/sysv/linux/gethostid.c: Test for gethostbyname_r
function correctly.
* sunrpc/getrpcport.c: Test for gethostbyname_r function
correctly.
* sunrpc/clnt_simp.c: Test for gethostbyname_r function correctly.
* sunrpc/clnt_gen.c: Test for gethostbyname_r and getprotobyname_r
functions correctly.
* inet/rexec.c (rexec): Test for gethostbyname_r result correctly.
* inet/rcmd.c: Test for gethostbyname_r result correctly. Optimize
file reading a bit.
* sysdeps/generic/glob.c: Test for getpwnam_r result correctly.
1999-06-28 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* manual/string.texi (Copying and Concatenation): Mention that
strndup is a GNU extension.
1999-06-28 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* pwd/getpw.c (__getpw): Fix check for error return.
1998-07-28 Ulrich Drepper <drepper@cygnus.com>
* math/libm-test.c (tgamma_test): Remove redundant tests.
1998-07-28 16:20 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/generic/glob.c: Correct problems with */foo and GLOB_NOCHECK
where foo does not exist in any of the subdirectories.
Reported by Paul D. Smith <psmith@BayNetworks.COM>.
* posix/globtest.sh: Add test for this bug.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* io/sys/statfs.h: Fix typos.
* io/sys/statvfs.h: Fix typos.
1998-07-28 Ulrich Drepper <drepper@cygnus.com>
* version.h (VERSION): Bump to 2.0.95.
* math/Makefile (libm-calls): Remove w_gamma, add w_tgamma.
* math/Versions [GLIBC_2.1]: Add tgamma, tgammaf, and tgammal.
* math/libm-test.c: Split old gamma_test and move half of it in new
function tgamma_test.
* math/bits/mathcalls.h: Add declaration of tgamma.
* sysdeps/libm-ieee754/k_standard.c: Change gamma errors into
tgamma errors.
* sysdeps/libm-ieee754/w_gamma.c: Remove lgamma compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgamma.c: ... this. New file.
* sysdeps/libm-ieee754/w_gammaf.c: Remove lgammaf compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgammaf.c: ... this. New file.
* sysdeps/libm-ieee754/w_gammal.c: Remove lgammal compatibility code
and rename to ...
* sysdeps/libm-ieee754/w_tgammal.c: ... this. New file.
* sysdeps/libm-ieee754/w_lgamma.c: Add gamma as weak alias.
* sysdeps/libm-ieee754/w_lgammaf.c: Likewise.
* sysdeps/libm-ieee754/w_lgammal.c: Likewise.
* stgdio-common/printf-parse.h: Implement handling of j, t, and z
modifiers.
* stdio-common/vfprintf.c: Likewise.
* stdio-common/vfscanf.c: Likewise.
* manual/stdio.texi: Document new printf/scanf modifiers.
* sysdeps/unix/sysv/linux/recvmsg.c: Remove alias __recvmsg.
* sysdeps/unix/sysv/linux/sendmsg.c: Remove alias __sendmsg.
1998-07-28 Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
* sunrpc/Makefile (routines): Add clnt_unix and svc_unix.
* sunrpc/Versions: Add new *unix_create functions.
* sunrpc/clnt_gen.c: Add support for RPC over AF_UNIX.
* sunrpc/clnt_unix.c: New, client side of RPC over AF_UNIX.
* sunrpc/key_call.c: Use RPC over AF_UNIX for communication
with keyserv daemon.
* sunrpc/rpc/clnt.h: Add AF_UNIX based RPC function prototypes.
* sunrpc/rpc/svc.h: Likewise.
* sunrpc/svc_authux.c: Copy internal auth flavor if none is given.
* sunrpc/svc_tcp.c: Fix typos.
* sunrpc/svc_unix.c: New, server side of AF_UNIX based RPC.
* nis/Makefile: Remove currently not working cache functions.
* nis/Versions: Add __nisbind_* functions for rpc.nisd.
* nis/nis_call.c: Rewrite binding to a NIS+ server to reuse
CLIENT handles.
* nis/nis_file.c: Fix memory leaks.
* nis/nis_intern.h: Move internal structs from here ...
* nis/rpcsvc/nislib.h: ... to here for NIS+ server and tools.
* nis/nis_lookup.c: Try at first if last client handle works.
* nis/nis_table.c: Likewise.
* nis/nis_checkpoint.c: Adjust __do_niscall2 parameters.
* nis/nis_mkdir.c: Likewise.
* nis/nis_ping.c: Likewise.
* nis/nis_rmdir.c: Likewise.
* nis/nis_server.c: Likewise.
* nis/nis_util.c: Likewise.
* nis/nis_findserv.c (__nis_findfastest): Little optimization.
1998-07-28 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* stdlib/strtol.c (STRTOL_LONG_MAX): Correct typo in last patch -
define as LONG_MAX.
1998-07-28 09:31 Ulrich Drepper <drepper@cygnus.com>
* nscd/connections.c (gr_send_answer): Deal with missing UIO_MAXIOV.
Correct test whether writev send all data.
* nscd/nscd_getgr_r.c (__nscd_getgr_r): Correct test whether readv
received all data.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* nscd/nscd_getgr_r.c (__nscd_getgr_r): Deal with missing UIO_MAXIOV.
1998-07-28 Mark Kettenis <kettenis@phys.uva.nl>
* sysdeps/mach/hurd/dl-sysdep.c (open_file): Change assert call to
allow mode to be 0.
(__xstat): New function.
(__fxstat): New function.
(_dl_sysdep_read_whole_file): Removed. The implementation in
`elf/dl-misc.c' now also works for the Hurd.
1997-03-27 02:28 Ulrich Drepper <drepper@cygnus.com>
* gmon/gmon.c (monstartup): Mark all messages.
(write_call_graph): Rewrite to use larger I/O vector for writev
call to reduce syscall overhead.
(write_bb_counts): Simplify writev handling.
* inet/rexec.c: Make string parameters `const'.
* resolv/netdb.h: Add prototypes for rcmd, rexec, ruserok, and
rresvport.
* math/Makefile: Don't define CFLAGS-* macros to prevent inlining
in libm-test.
* math/libm-test.c (this_does_nothing): Remove functions. It's
notuseful on any platform but ix86.
(inverse_func_pair_test): Don't use this_does_nothing. Use
memory reference.
(identities1_test): Likewise.
(identities2_test): Likewise.
(identities3_test): Likewise.
(basic_test): Likewise.
Patch by Andreas Schwab.
(BUILD_COMPLEX): New macro. Create complex number from real and
imaginary parts. This works around bugs/inefficiencies in current
gcc.
(cexp_test): Use BUILD_COMPLEX. Add more tests.
* nss/nsswitch.c: Fix typo.
* posix/glob.h: Add declaration for glob_pattern_p.
* posix/glob.c: Rename glob_pattern_p to __glob_pattern_p and
make glob_pattern_p a weak alias. This function is used in other
packages (e.g. bash).
* signal/Makefile (routines): Add sigisempty, sigandset, and
sigorset.
* signal/signal.h: Add prototypes for sigisempty, sigandset, and
sigorset.
* signal/sigisempty.c: New file.
* signal/sigandset.c: New file.
* signal/sigorset.c: New file.
* sysdeps/generic/sigset.h: Define __sigisemptyset, __sigandset,
and __sigorset.
* sysdeps/unix/sysv/linux/sigset.h: Likewise.
* stdlib/strtod.c: Handle `n-char-sequence' in NaN parsing. It
determines the bits in the mantissa part of the NaN.
* stdlib/strtof.c: Define SET_MANTISSA for float type.
* wcsmbs/wcstof.c: Define SET_MANTISSA for float type.
* stdlib/strtold.c: Define SET_MANTISSA for long double type.
* wcsmbs/wcstold.c: Define SET_MANTISSA for long double type.
* sysdeps/libm-ieee754/s_cexp.c: Use explicit assignment to
complex number components. Some more corrects for special cases.
* sysdeps/libm-ieee754/s_cexpf.c: Likewise.
* sysdeps/libm-ieee754/s_cexpl.c: Likewise.
* sysdeps/sparc/elf/start.S: Remove as per request of Miguel de Icaza.
* sysdeps/unix/sysv/linux/netinet/icmp.h: Remove since we have
ip_icmp.h. Reported by HJ Lu.
1997-03-25 03:50 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* sysdeps/m68k/Makefile (CFLAGS-rtld.c): Add -Wno-unused.
* sysdeps/m68k/dl-machine.h (elf_machine_rela): Rewritten as for
i386.
(elf_machine_lookup_noexec_p, elf_machine_lookup_noplt_p,
ELF_MACHINE_RELOC_NOPLT): Define.
1997-03-25 03:48 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* grp/grp.h: Include <stddef.h> only once.
1997-03-25 09:38 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* sysdeps/unix/sysv/linux/termbits.h (OXTABS): Don't define.
* sysdeps/unix/sysv/linux/alpha/termbits.h (OXTABS): Likewise.
* termios/sys/ttydefaults.h (TTYDEF_OFLAG): Use either OXTABS or
TAB3, if one of them is defined.
1997-03-26 04:53 Ulrich Drepper <drepper@cygnus.com>
* posix/glob.c (next_brace_sub): Decrement depth counter when '}'
is found.
Patch by Dennis Henriksen <opus@flamingo.osrl.dk>.
1997-03-25 16:25 Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
* sunrpc/Makefile: Comment gccwarn out.
* sunrpc/auth_none.c: Fix prototypes and parameters for compiling
with enabled warnings.
* sunrpc/auth_unix.c: Likewise.
* sunrpc/authuxprot.c: Likewise.
* sunrpc/bindrsvprt.c: Likewise.
* sunrpc/clnt_gen.c: Likewise.
* sunrpc/clnt_perr.c: Likewise.
* sunrpc/clnt_raw.c: Likewise.
* sunrpc/clnt_simp.c: Likewise.
* sunrpc/clnt_tcp.c: Likewise.
* sunrpc/clnt_udp.c: Likewise.
* sunrpc/get_myaddr.c: Likewise.
* sunrpc/getrpcport.c: Likewise.
* sunrpc/pm_getmaps.c: Likewise.
* sunrpc/pm_getport.c: Likewise.
* sunrpc/pmap_clnt.c: Likewise.
* sunrpc/pmap_prot.c: Likewise.
* sunrpc/pmap_prot2.c: Likewise.
* sunrpc/pmap_rmt.c: Likewise.
* sunrpc/rpc/auth.h: Likewise.
* sunrpc/rpc/clnt.h: Likewise.
* sunrpc/rpc/pmap_clnt.h: Likewise.
* sunrpc/rpc/svc.h: Likewise.
* sunrpc/rpc/svc_auth.h: Likewise.
* sunrpc/rpc/types.h: Likewise.
* sunrpc/rpc/xdr.h: Likewise.
* sunrpc/rpc_clntout.c: Likewise.
* sunrpc/rpc_cmsg.c: Likewise.
* sunrpc/rpc_dtable.c: Likewise.
* sunrpc/rpc_prot.c: Likewise.
* sunrpc/svc.c: Likewise.
* sunrpc/svc_auth.c: Likewise.
* sunrpc/svc_authux.c: Likewise.
* sunrpc/svc_raw.c: Likewise.
* sunrpc/svc_run.c: Likewise.
* sunrpc/svc_simple.c: Likewise.
* sunrpc/svc_tcp.c: Likewise.
* sunrpc/svc_udp.c: Likewise.
* sunrpc/xdr.c: Likewise.
* sunrpc/xdr_array.c: Likewise.
* sunrpc/xdr_mem.c: Likewise.
* sunrpc/xdr_rec.c: Likewise.
* sunrpc/xdr_ref.c: Likewise.
* sunrpc/xdr_stdio.c: Likewise.
1997-03-25 13:39 Ulrich Drepper <drepper@cygnus.com>
* math/libm-test.c (log2_test): Compile this function and call it.
(exp2_test): Likewise, but check whether function really exists
before testing.
* math/Makefile (libm-calls): Add s_log2 and s_exp2.
1997-03-25 04:50 Ulrich Drepper <drepper@cygnus.com>
Implement exp2 function.
* sysdeps/libm-i387/s_exp2.S: New file.
* sysdeps/libm-i387/s_exp2f.S: New file.
* sysdeps/libm-i387/s_exp2l.S: New file.
Implement log2 function.
* sysdeps/libm-i387/s_log2.S: New file.
* sysdeps/libm-i387/s_log2f.S: New file.
* sysdeps/libm-i387/s_log2l.S: New file.
* sysdeps/libm-ieee754/s_log2.c: New file.
* sysdeps/libm-ieee754/s_log2f.c: New file.
* sysdeps/stub/s_log2.c: New file. Stub version.
Mon Dec 2 03:59:38 1996 Ulrich Drepper <drepper@cygnus.com>
* grp/initgroups.c: Update and reformat copyright.
Use __getgrent_r instead of getgrent.
* inet/rcmd.c: Update and reformat copyright.
Use __gethostbyname_r instead of gethostbyname.
* inet/rexec.c: Likewise.
* intl/finddomain.c: Correct comment about CEN sponsor and revision.
* locale/findlocale.c: Likewise.
* intl/l10nflist.c: Correct handling of CEN sponsor and revision.
* locale/Makefile (CPPFLAGS): Add definition of LOCALEDIR.
* locale/setlocale.c (setlocale): Correctly split value of
LOCALE_PATH.
* locale/programs/localedef.c: Use LOCALEDIR not LOCALE_PATH to
find output directory.
* nss/getXXbyYY.c [NEED_H_ERRNO]: Before enlarging buffer test
h_errno_tmp variable.
Save error value from being changed during `free' call.
* nss/getXXent.c: Likewise.
* nss/nss_files/files-XXX.c: Set h_errno variable to NETDB_INTERNAL
before returning ERANGE error.
* posix/glob.c: Use getlogin_r and getpwnam_r function when available
or in GNU libc.
* pwd/getpw.c: Use getpwuid_r instead of getpwuid.
* sunrpc/clnt_gen.c: Use gethostbyname_r and getprotobyname_r.
* sunrpc/clnt_simp.c: Likewise.
* sunrpc/getrpcport.c: Likewise.
* sysdeps/unix/sysv/linux/gethostid.c: Likewise.
* posix/getconf.c: Treat _SC_UNIT_MAX and _SC_ULONG_MAX separately
since the value might be outsode the range of the `long int'.
Print string `undefined' when a value is undefined.
* stdlib/l64a.c: Return correct pointer.
Patch by NIIBE Yutaka <gniibe@mri.co.jp>.
* string/Makefile (routines): Add argz-addsep.
* string/argz-addsep.c: New file.
* string/argz.h: Add prototypes for argz_add_sep.
* string/argz-ctsep.c: Prevent memory leak.
* string/strcoll.c: Correct typo in comment.
Sat Nov 30 02:53:59 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/unix/sysv/linux/sys/serial.h: Removed again. The file is
not general enough to be part of the libc.
* sysdeps/unix/sysv/linux/Dist: Remove sys/serial.h.
* sysdeps/unix/sysv/linux/Makefile: Don't install sys/serial.h.
Thu Nov 28 20:04:41 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* login/Makefile: Fix typo.
* nss/Makefile (generated): Filter out db-alias.c.
Thu Nov 28 14:44:01 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* time/Makefile (echo-zonenames): Don't depend on non-existing
target `zonenames'.
Thu Nov 28 12:34:05 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* link.h: New file.
* nss/nsswitch.c: Use it.
* printf.h: Fix file name.
* stdlib/strfmon.c: Use it.