Commit Graph

8 Commits

Author SHA1 Message Date
Florian Weimer
676599b36a Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
This prevents injection of ':' and '\n' into output functions which
use the NSS files database syntax.  Critical fields (user/group names
and file system paths) are checked strictly.  For backwards
compatibility, the GECOS field is rewritten instead.

The getent program is adjusted to use the put*ent functions in libc,
instead of local copies.  This changes the behavior of getent if user
names start with '-' or '+'.
2015-10-02 11:34:13 +02:00
Joseph Myers
b168057aaa Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Joseph Myers
a5f891ac8d Consistently include Makeconfig after defining subdir.
In <https://sourceware.org/ml/libc-alpha/2014-01/msg00196.html> I
noted it was necessary to add includes of Makeconfig early in various
subdirectory makefiles for the tests-special variable settings added
by that patch to be conditional on configuration information.  No-one
commented on the general question there of whether Makeconfig should
always be included immediately after the definition of subdir.

This patch implements that early inclusion of Makeconfig in each
directory (which is a lot easier than consistent placement of includes
of Rules).  Includes are added if needed, or moved up if already
present.  Subdirectory "all:" targets are removed, since Makeconfig
provides one.

There is potential for further cleanups I haven't done.  Rules and
Makerules have code such as

ifneq   "$(findstring env,$(origin headers))" ""
headers :=
endif

to override to empty any value of various variables that came from the
environment.  I think there is a case for Makeconfig setting all the
subdirectory variables (other than subdir) to empty to ensure no
outside value is going to take effect if a subdirectory fails to
define a variable.  (A list of such variables, possibly out of date
and incomplete, is in manual/maint.texi.)  Rules and Makerules would
give errors if Makeconfig hadn't already been included, instead of
including it themselves.  The special code to override values coming
from the environment would then be obsolete and could be removed.

Tested x86_64, including that installed binaries are identical before
and after the patch.

	* argp/Makefile: Include Makeconfig immediately after defining
	subdir.
	* assert/Makefile: Likewise.
	* benchtests/Makefile: Likewise.
	* catgets/Makefile: Likewise.
	* conform/Makefile: Likewise.
	* crypt/Makefile: Likewise.
	* csu/Makefile: Likewise.
	(all): Remove target.
	* ctype/Makefile: Include Makeconfig immediately after defining
	subdir.
	* debug/Makefile: Likewise.
	* dirent/Makefile: Likewise.
	* dlfcn/Makefile: Likewise.
	* gmon/Makefile: Likewise.
	* gnulib/Makefile: Likewise.
	* grp/Makefile: Likewise.
	* gshadow/Makefile: Likewise.
	* hesiod/Makefile: Likewise.
	* hurd/Makefile: Likewise.
	(all): Remove target.
	* iconvdata/Makefile: Include Makeconfig immediately after
	defining subdir.
	* inet/Makefile: Likewise.
	* intl/Makefile: Likewise.
	* io/Makefile: Likewise.
	* libio/Makefile: Likewise.
	(all): Remove target.
	* locale/Makefile: Include Makeconfig immediately after defining
	subdir.
	* login/Makefile: Likewise.
	* mach/Makefile: Likewise.
	(all): Remove target.
	* malloc/Makefile: Include Makeconfig immediately after defining
	subdir.
	(all): Remove target.
	* manual/Makefile: Include Makeconfig immediately after defining
	subdir.
	* math/Makefile: Likewise.
	* misc/Makefile: Likewise.
	* nis/Makefile: Likewise.
	* nss/Makefile: Likewise.
	* po/Makefile: Likewise.
	(all): Remove target.
	* posix/Makefile: Include Makeconfig immediately after defining
	subdir.
	* pwd/Makefile: Likewise.
	* resolv/Makefile: Likewise.
	* resource/Makefile: Likewise.
	* rt/Makefile: Likewise.
	* setjmp/Makefile: Likewise.
	* shadow/Makefile: Likewise.
	* signal/Makefile: Likewise.
	* socket/Makefile: Likewise.
	* soft-fp/Makefile: Likewise.
	* stdio-common/Makefile: Likewise.
	* stdlib/Makefile: Likewise.
	* streams/Makefile: Likewise.
	* string/Makefile: Likewise.
	* sunrpc/Makefile: Likewise.
	(all): Remove target.
	* sysvipc/Makefile: Include Makeconfig immediately after defining
	subdir.
	* termios/Makefile: Likewise.
	* time/Makefile: Likewise.
	* timezone/Makefile: Likewise.
	(all): Remove target.
	* wcsmbs/Makefile: Include Makeconfig immediately after defining
	subdir.
	* wctype/Makefile: Likewise.

libidn/ChangeLog:
	* Makefile: Include Makeconfig immediately after defining subdir.

localedata/ChangeLog:
	* Makefile: Include Makeconfig immediately after defining subdir.
	(all): Remove target.

nptl/ChangeLog:
	* Makefile: Include Makeconfig immediately after defining subdir.

nptl_db/ChangeLog:
	* Makefile: Include Makeconfig immediately after defining subdir.
2014-02-26 23:12:03 +00:00
Allan McRae
d4697bc93d Update copyright notices with scripts/update-copyrights 2014-01-01 22:00:23 +10:00
Joseph Myers
568035b787 Update copyright notices with scripts/update-copyrights. 2013-01-02 19:05:09 +00:00
Roland McGrath
c75ccd4c3a Clean up definition of _LIBC_REENTRANT and _IO_MTSAFE_IO. 2012-08-17 09:35:15 -07:00
Paul Eggert
59ba27a63a Replace FSF snail mail address with URLs. 2012-02-09 23:18:22 +00:00
Ulrich Drepper
829fea4617 [BZ #9955]
2009-04-23  Ulrich Drepper  <drepper@redhat.com>
	[BZ #9955]
	* gshadow/Makefile: New file.
	* gshadow/Versions: New file.
	* gshadow/fgetsgent.c: New file.
	* gshadow/fgetsgent_r.c: New file.
	* gshadow/getsgent.c: New file.
	* gshadow/getsgent_r.c: New file.
	* gshadow/getsgnam.c: New file.
	* gshadow/getsgnam_r.c: New file.
	* gshadow/gshadow.h: New file.
	* gshadow/putsgent.c: New file.
	* gshadow/sgetsgent.c: New file.
	* gshadow/sgetsgent_r.c: New file.
	* gshadow/tst-gshadow.c: New file.
	* include/gshadow.h: New file.
	* Makeconfig (all-subdirs): Add gshadow.
	* Makefile (installed-headers): Add gshadow/gshadow.h.
	* nss/Makefile (databases): Add sgrp.
	* nss/Versions: Add gshadow functions as private exports.
	* nss/nsswitch.conf: Add gshadow entry.
	* nss/sgrp-lookup.c: New file.
	* nss/nss_files/files-parse.c: Add STRING_LIST macro.  Rewrite
	parse_list to handle STRING_LIST and TRAILING_LIST_PARSER.
	* nss/nss_files/files-sgrp.c: New file.
	* sysdeps/generic/paths.h: Add _PATH_GSHADOW.
	* sysdeps/unix/sysv/linux/paths.h: Likewise.
2009-04-23 18:29:30 +00:00