This prevents injection of ':' and '\n' into output functions which
use the NSS files database syntax. Critical fields (user/group names
and file system paths) are checked strictly. For backwards
compatibility, the GECOS field is rewritten instead.
The getent program is adjusted to use the put*ent functions in libc,
instead of local copies. This changes the behavior of getent if user
names start with '-' or '+'.
Robin Hack discovered Samba would enter an infinite loop processing
certain quota-related requests. We eventually tracked this down to a
glibc issue.
Running a (simplified) test case under strace shows that /etc/passwd
is continuously opened and closed:
…
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
read(3, "root❌0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET) = 2717
close(3) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
lseek(3, 0, SEEK_SET) = 0
read(3, "root❌0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET) = 2717
close(3) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
…
The lookup function implementation in
nss/nss_files/files-XXX.c:DB_LOOKUP has code to prevent that. It is
supposed skip closing the input file if it was already open.
/* Reset file pointer to beginning or open file. */ \
status = internal_setent (keep_stream); \
\
if (status == NSS_STATUS_SUCCESS) \
{ \
/* Tell getent function that we have repositioned the file pointer. */ \
last_use = getby; \
\
while ((status = internal_getent (result, buffer, buflen, errnop \
H_ERRNO_ARG EXTRA_ARGS_VALUE)) \
== NSS_STATUS_SUCCESS) \
{ break_if_match } \
\
if (! keep_stream) \
internal_endent (); \
} \
keep_stream is initialized from the stayopen flag in internal_setent.
internal_setent is called from the set*ent implementation as:
status = internal_setent (stayopen);
However, for non-host database, this flag is always 0, per the
STAYOPEN magic in nss/getXXent_r.c.
Thus, the fix is this:
- status = internal_setent (stayopen);
+ status = internal_setent (1);
This is not a behavioral change even for the hosts database (where the
application can specify the stayopen flag) because with a call to
sethostent(0), the file handle is still not closed in the
implementation of gethostent.
The current scheme to identify which module a translation unit is
built in depends on defining multiple macros IS_IN_* and also defining
NOT_IN_libc if we're building a non-libc module. In addition, there
is an IN_LIB macro that does effectively the same thing, but for
different modules (notably the systemtap probes). This macro scheme
unifies both ideas to use just one macro IN_MODULE and assign it a
value depending on the module it is being built into. If the module
is not defined, it defaults to MODULE_libc.
Patches that follow will replace uses of IS_IN_* variables with the
IS_IN() macro. libc-symbols.h has been converted already to give an
example of how such a transition will look.
Verified that there are no relevant binary changes. One source change
that will crop up repeatedly is that of nscd_stat, since it uses the
build timestamp as a constant in its logic.
* Makeconfig (in-module): Get value of libof set for the
translation unit.
(CPPFLAGS): Use $(in-module).
* Makerules: Don't suffix routine names for nonlib.
* include/libc-modules.h: New file.
* include/libc-symbols.h: Include libc-modules.h
(IS_IN): New macro to replace IS_IN_* macros.
* elf/Makefile: Set libof-* for each routine.
* elf/rtld-Rules: Likewise.
* extra-modules.mk: Likewise.
* iconv/Makefile: Likewise.
* iconvdata/Makefile: Likewise.
* locale/Makefile: Likewise.
* malloc/Makefile: Likewise.
* nss/Makefile: Likewise.
* sysdeps/gnu/Makefile: Likewise.
* sysdeps/ieee754/ldbl-opt/Makefile: Likewise.
* sysdeps/unix/sysv/linux/Makefile: Likewise.
* sysdeps/s390/s390-64/Makefile: Likewise.
* nscd/Makefile: Set libof-* for each routine. Set CFLAGS and
CPPFLAGS for nscd instead of nonlib.
In <https://sourceware.org/ml/libc-alpha/2014-01/msg00196.html> I
noted it was necessary to add includes of Makeconfig early in various
subdirectory makefiles for the tests-special variable settings added
by that patch to be conditional on configuration information. No-one
commented on the general question there of whether Makeconfig should
always be included immediately after the definition of subdir.
This patch implements that early inclusion of Makeconfig in each
directory (which is a lot easier than consistent placement of includes
of Rules). Includes are added if needed, or moved up if already
present. Subdirectory "all:" targets are removed, since Makeconfig
provides one.
There is potential for further cleanups I haven't done. Rules and
Makerules have code such as
ifneq "$(findstring env,$(origin headers))" ""
headers :=
endif
to override to empty any value of various variables that came from the
environment. I think there is a case for Makeconfig setting all the
subdirectory variables (other than subdir) to empty to ensure no
outside value is going to take effect if a subdirectory fails to
define a variable. (A list of such variables, possibly out of date
and incomplete, is in manual/maint.texi.) Rules and Makerules would
give errors if Makeconfig hadn't already been included, instead of
including it themselves. The special code to override values coming
from the environment would then be obsolete and could be removed.
Tested x86_64, including that installed binaries are identical before
and after the patch.
* argp/Makefile: Include Makeconfig immediately after defining
subdir.
* assert/Makefile: Likewise.
* benchtests/Makefile: Likewise.
* catgets/Makefile: Likewise.
* conform/Makefile: Likewise.
* crypt/Makefile: Likewise.
* csu/Makefile: Likewise.
(all): Remove target.
* ctype/Makefile: Include Makeconfig immediately after defining
subdir.
* debug/Makefile: Likewise.
* dirent/Makefile: Likewise.
* dlfcn/Makefile: Likewise.
* gmon/Makefile: Likewise.
* gnulib/Makefile: Likewise.
* grp/Makefile: Likewise.
* gshadow/Makefile: Likewise.
* hesiod/Makefile: Likewise.
* hurd/Makefile: Likewise.
(all): Remove target.
* iconvdata/Makefile: Include Makeconfig immediately after
defining subdir.
* inet/Makefile: Likewise.
* intl/Makefile: Likewise.
* io/Makefile: Likewise.
* libio/Makefile: Likewise.
(all): Remove target.
* locale/Makefile: Include Makeconfig immediately after defining
subdir.
* login/Makefile: Likewise.
* mach/Makefile: Likewise.
(all): Remove target.
* malloc/Makefile: Include Makeconfig immediately after defining
subdir.
(all): Remove target.
* manual/Makefile: Include Makeconfig immediately after defining
subdir.
* math/Makefile: Likewise.
* misc/Makefile: Likewise.
* nis/Makefile: Likewise.
* nss/Makefile: Likewise.
* po/Makefile: Likewise.
(all): Remove target.
* posix/Makefile: Include Makeconfig immediately after defining
subdir.
* pwd/Makefile: Likewise.
* resolv/Makefile: Likewise.
* resource/Makefile: Likewise.
* rt/Makefile: Likewise.
* setjmp/Makefile: Likewise.
* shadow/Makefile: Likewise.
* signal/Makefile: Likewise.
* socket/Makefile: Likewise.
* soft-fp/Makefile: Likewise.
* stdio-common/Makefile: Likewise.
* stdlib/Makefile: Likewise.
* streams/Makefile: Likewise.
* string/Makefile: Likewise.
* sunrpc/Makefile: Likewise.
(all): Remove target.
* sysvipc/Makefile: Include Makeconfig immediately after defining
subdir.
* termios/Makefile: Likewise.
* time/Makefile: Likewise.
* timezone/Makefile: Likewise.
(all): Remove target.
* wcsmbs/Makefile: Include Makeconfig immediately after defining
subdir.
* wctype/Makefile: Likewise.
libidn/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
localedata/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
(all): Remove target.
nptl/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
nptl_db/ChangeLog:
* Makefile: Include Makeconfig immediately after defining subdir.
nscd can clear caches when certain files change. The list of files
was hardcoded so far and worked for nss_files and nss_dns and those
modules which need no monitoring. nss_db, for instance, has its
own set of files to monitor. Now the NSS modules themselves can
request that certain files are monitored.
No longer is Berkeley db used. Instead a simple hash function is used.
The database files are not updated once they are created and therefore
no complicated database is needed.
2001-07-06 Paul Eggert <eggert@twinsun.com>
* manual/argp.texi: Remove ignored LGPL copyright notice; it's
not appropriate for documentation anyway.
* manual/libc-texinfo.sh: "Library General Public License" ->
"Lesser General Public License".
2001-07-06 Andreas Jaeger <aj@suse.de>
* All files under GPL/LGPL version 2: Place under LGPL version
2.1.
2000-01-07 Andreas Jaeger <aj@suse.de>
Add support for Berkeley db 3.0.x and merge db support:
* nss/nss_db/dummy-db.h (struct db30): New.
(struct dbc30): New.
Added DB30* flags.
* nss/makedb.c: Move all database routines to db-open.c.
(main): Adjust to interface changes.
Load database early to initialize version dependend variables.
* nss/db-open.c: Merge database routines from makedb.c.
Define version dependend constansts as variables.
(load_db): Check also for db 3.
(internal_setent): Call dbopen.
(db_cursor): New function from makedb; handles db 3 now.
(dbopen): New function from makedb; handles db 3.
* nss/nss_db/db-XXX.c: Use db_notfound since the value is
different in different DB versions.
* nss/nss_db/nss_db.h: Add version dependend constants as
variables, add exportet interfaces from db-open.c.
* nss/Makefile ($(objpfx)makedb): Link against db-open.
2000-01-07 Ulrich Drepper <drepper@cygnus.com>
* misc/error.c: Don't use `defined _LIBC', only `_LIBC'.
Reported by Jim Meyering.
* time/strftime.c: Pretty printing.
2000-01-07 Andreas Jaeger <aj@suse.de>
* manual/socket.texi (Host Names): Fix example.
Reported by Marco Budde <budde@telos.de>.
2000-01-03 Andreas Jaeger <aj@suse.de>
* include/resolv.h: Remove declarations for __ns_name_ntop and
__ns_name_unpack since those are available in resolv/arpa/nameser.h.
2000-01-03 Andreas Jaeger <aj@suse.de>
* time/tst-strptime.c (test_tm): Add tests for all fields of
struct tm.
2000-01-03 Ulrich Drepper <drepper@cygnus.com>
* string/bits/string2.h (__strsep_g): Don't handle empty __S special.
2000-01-03 Andreas Jaeger <aj@suse.de>
* string/tester.c (test_strsep): Add one more test.
2000-01-03 Philip Blundell <philb@gnu.org>
* string/tester.c (test_mempcpy): New function.
(main): Call it.
(test_memcpy): Test unaligned cases too.
* sysdeps/arm/bits/string.h (_HAVE_STRING_ARCH_mempcpy): Define.
* sysdeps/arm/fpu/bits/mathdef.h: New file.
* nss/Makefile: Add rules to build makedb.
* nss/nss_db/db-XXX.c: Move internal_setent and internal_endent
functions from here...
* nss/db-alias.c: ...and here...
* nss/db-netgrp.c: ...and here...
* nss/nss_db/db-open.c: ...to here. New file.
* nss/nss_db/dummy-db.h: New file.
* nss/nss_db/nss_db.h: New file.
* nss/Depend: Depend in dlfcn, not db2.
* nss/Makefile (libnss_db-routines): Add db-open.
(distribute): Add nss_db.h dummy-db.h.
(libnss_db.so): Replace libdb dependency by $(libdl).
Based on a patch by Zack Weinberg.
1998-11-27 Philip Blundell <pb@nexus.co.uk>
Fixes to allow compilation with static NSS:
* nss/Makefile: Make explicit the dependency of getent on
libnss_files.a.
[build_static_nss]: Define $(otherlibs) appropriately.
* nss/Depend: Add a dependency on `resolv'.
1998-11-27 Andreas Jaeger <aj@arthur.rhein-neckar.de>
Partial support for MIPS ISO C 9x exception handling:
* sysdeps/mips/fclrexcpt.c: New file.
* sysdeps/mips/ftestexcept.c: New file.
* sysdeps/mips/fgetexcptflg.c: New file.
* sysdeps/mips/fesetround.c: New file.
* sysdeps/mips/fegetround.c: New file.
* sysdeps/mips/fegetenv.c: New file.
* sysdeps/mips/fesetenv.c: New file.
* sysdeps/mips/feupdateenv.c: Likewise.
* sysdeps/mips/bits/fenv.h: New file.
1998-11-28 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* sysdeps/unix/sysv/linux/mips/bits/signum.h: Remove inclusion of
<asm/signal.h> and add needed symbols from <asm/signal.h>; bring
in sync with linux specific version.
Patches by Ralf Baechle <ralf@uni-koblenz.de> for mips-linux:
* sysdeps/unix/mips/sysdep.S: Define _errno as weak_alias, rewrite
errno declaration.
* sysdeps/unix/sysv/linux/mips/ustat.c: Use INLINE_SYSCALL instead
of calling __syscall_*.
* sysdeps/unix/sysv/linux/mips/xmknod.c: Likewise.
* sysdeps/unix/sysv/linux/mips/syscalls.list: Update entries.
* sysdeps/unix/sysv/linux/mips/sys/syscall.h: Add missing SYS_*
constants, correct values according to Linux 2.1.130.
* sysdeps/unix/sysv/linux/mips/pwrite.c: New file.
* sysdeps/unix/sysv/linux/mips/pwrite64.c: New file.
* sysdeps/unix/sysv/linux/mips/pread.c: New file.
* sysdeps/unix/sysv/linux/mips/pread64.c: New file.
* sysdeps/mips/Makefile (sysdep_routines): Use += instead of a
:=.
* sysdeps/unix/sysv/linux/mips/bits/ipc.h: Remove ipc_kludge.
* sysdeps/unix/sysv/linux/mips/xstatconv.c: New file.
* sysdeps/unix/sysv/linux/mips/xstat.c: Removed.
* sysdeps/unix/sysv/linux/mips/sys/ucontext.h: New file.
* sysdeps/unix/sysv/linux/mips/kernel_termios.h: Add copyright
message, change name of include protection, remove inclusion of
<bits/termios.h>.
* sysdeps/unix/sysv/linux/mips/kernel_sigaction.h
(old_kernel_sigaction): Define.
(struct kernel_sigaction): Rename sa_handler to k_sa_handler.
* sysdeps/unix/sysv/linux/mips/bits/time.h: Removed, we can use
the general linux version.
* sysdeps/unix/sysv/linux/mips/bits/stat.h (_STAT_VER_KERNEL): Added.
* sysdeps/unix/sysv/linux/mips/bits/socket.h: Update file.
1998-09-03 Philip Blundell <pb@nexus.co.uk>
* sysdeps/arm/bits/endian.h (__FLOAT_WORD_ORDER): Define to big
endian.
* math/math_private.h: Use __FLOAT_WORD_ORDER rather than
BYTE_ORDER.
* string/endian.h: If __FLOAT_WORD_ORDER wasn't defined by
<bits/endian.h>, make it the same as __BYTE_ORDER.
1998-11-26 Andreas Schwab <schwab@issan.cs.uni-dortmund.de>
* Makeconfig ($(common-objpfx)sysd-dirs): Use automatic variables
if possible.
($(common-objpfx)sysd-sorted): Likewise.
1998-11-27 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* sysdeps/libm-ieee754/e_log.c (__ieee754_log): Add declaration of
local variables t1,t2 only if needed.
* sysdeps/libm-ieee754/s_truncf.c (__truncf): Likewise.
* sysdeps/libm-ieee754/s_trunc.c (__trunc): Likewise.
* sysdeps/mips/mul_1.S (Loop): Add closing comment to avoid
warning.
1998-11-27 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* math/math.h: Add brace to correct #if expression.
1998-11-26 Philip Blundell <philb@gnu.org>
Undo change of 1998-11-12:
* sysdeps/unix/sysv/linux/netlink/netlink.h: Deleted.
* sysdeps/unix/sysv/linux/Makefile (sysdep_headers): Remove
netlink/netlink.h.
* sysdeps/unix/sysv/linux/Dist: Likewise.
1998-11-22 Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
* nis/nis_print.c (nis_print_entry): Changes to match Solaris output.
1998-11-26 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* sysdeps/generic/pselect.c (__pselect): Change interface,
set/restore sigmask.
* misc/sys/select.h: Change declaration according to Stevens' Unix
Network Programming.
* include/sys/select.h (__pselect): Likewise.
Reported by <bwelling@anomaly.munge.com> [PR libc/872].
* include/fpu_control.h: New file, contains __setfpucw
declaration.
* sysdeps/generic/fpu_control.h: Remove __setfpucw declaration,
it's an internal symbol.
* sysdeps/alpha/fpu/fpu_control.h: Likewise.
* sysdeps/arm/fpu/fpu_control.h: Likewise.
* sysdeps/i386/fpu_control.h: Likewise.
* sysdeps/m68k/fpu_control.h: Likewise.
* sysdeps/powerpc/fpu_control.h: Likewise.
* sysdeps/sparc/sparc32/fpu/fpu_control.h: Likewise.
* sysdeps/sparc/sparc64/fpu/fpu_control.h: Likewise.
1998-06-03 03:09 Geoff Keating <geoffk@ozemail.com.au>
* sysdeps/unix/sysv/linux/pread.c: Detect missing syscall, like poll().
* sysdeps/unix/sysv/linux/pread64.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite64.c: Likewise.
1998-06-03 03:09 Geoff Keating <geoffk@ozemail.com.au>
* sysdeps/powerpc/Makefile: Use -G0 on the startup file; this
makes it easier to undump emacs.
* sysdeps/powerpc/bits/endian.h: Use more informative error message
for when the endianness can't be determined.
1998-06-04 13:19 Geoff Keating <geoffk@ozemail.com.au>
* nss/Makefile: Add files publickey database support.
* nss/libnss_files.map: Export the required functions.
* nss/nss_files/files-key.c: Implement it.
* sunrpc/rpc/auth_des.h: Correct typos in comments.
1998-05-15 14:36 Ulrich Drepper <drepper@cygnus.com>
* posix/wordexp-test.c: Avoid duplicate messages.
* sysdeps/generic/setenv.c: Use __tfind and __tsearch, not tfind and
tsearch. Correctly interpret values returned by those functions.
(unsetenv): Store pointer to string, not pointer to string pointer.
* time/tzfile.c (__tzfile_compute): Take new arguments. Store
DST information and offset in them.
* time/tzset.c (__tz_convert): Pass extra parameters to
__tzfile_compute. Compute equivalent values for use of tz_rules.
1998-05-15 00:49:11 Zack Weinberg <zack@rabi.phys.columbia.edu>
* iconvdata/Makefile (gen-8bit-table): Use move-if-change and
stamp files to avoid unnecessary recompilation.
(gen-8bit-gap-table): Likewise.
(move-if-change): New variable.
(all generated .h rules): Change to be .stmp rules.
(%.h): New rule; depend on %.stmp; no commands.
(distribute): Add gen-8bit.sh, gen-8bit-gap.sh,
gen-8bit-gap-1.sh.
1998-05-15 01:09 Zack Weinberg <zack@rabi.phys.columbia.edu>
* Makerules (libc-map): Deleted.
(load-map-file): Set to the appropriate compiler switch, not
just the file name. If libfoo-map is not set, look for a
libfoo.map in the current directory and $(..).
(map-file): New variable, contains just the mapfile name.
(build-shlib): Adjust for new value of load-map-file.
(libc.so): Correct dependencies.
* extra-lib.mk: Correct shlib dependencies since libfoo-map
may not be set anymore.
* elf/Makefile: Set ld-map to $(..)libc.map, not $(libc-map).
Delete libdl-map. Tweak ld.so link rule to work with changed
variable settings in Makerules.
* iconvdata/Makefile: Tweak build-module to work with changed
variable settings in Makerules.
* db/Makefile: Delete libdb-map.
* hesiod/Makefile: Delete libnss_hesiod-map.
* linuxthreads/Makefile: Delete libpthread-map.
* locale/Makefile: Delete libBrokenLocale-map.
* login/Makefile: Delete libutil-map.
* math/Makefile: Delete libm-map.
* md5-crypt/Makefile: Delete libcrypt-map.
* nis/Makefile: Delete libnsl-map, libnss_nis-map,
libnss_nisplus-map, and libnss_compat-map.
* nss/Makefile: Delete libnss_files-map, libnss_db-map, and
libnss_ldap-map.
* resolv/Makefile: Delete libresolv-map and libnss_dns-map.
* rt/Makefile: Delete librt-map.
1998-05-15 01:06 Zack Weinberg <zack@rabi.phys.columbia.edu>
* configure.in: Instead of substituting `yes' or `no' for whether
--no-whole-archive is available, set @no_whole_archive@ to the
appropriate gcc switch or the empty string. Likewise for
-fno-exceptions.
* config.make.in: Replace have-no-whole-archive with
no-whole-archive and have-no-exceptions with no-exceptions.
* Makerules: Delete stanzas setting no-whole-archive and
no-exceptions.
* sunrpc/Makefile: Use move-if-change to update generated .h
and .c files.
1998-05-13 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* wcsmbs/wcsmbsload.c (extract_charset_name): Use strcspn instead
of strchr loop.
1998-05-15 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* time/tzfile.c (__tzfile_read): Remove unused variable info.
(__tzfile_compute): Likewise.
1998-05-15 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* sysdeps/unix/sysv/linux/bits/socket.h (AF_SNA,PF_SNA): Add new
defines from Linux 2.1.102.
1998-04-04 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* resolv/Makefile: Include ../Makeconfig - needed for building
static NSS module.
1998-04-04 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* hesiod/Makefile (libnss_hesiod-inhibit-o): Remove condition for
static-nss since we don't want hesiod in the static NSS.
* nss/Makefile: Build only nss_files as static.
* nss/function.def: Remove support for service db.
1998-04-04 09:44 H.J. Lu <hjl@gnu.org>
* Makeconfig (CPPFLAGS-.oS): Add -DPIC.
1998-04-04 18:29 Tim Waugh <tim@cyberelk.demon.co.uk>
* posix/wordexp-test.c: Make IFS per test-case.