diff options
author | Florian Weimer <fweimer@redhat.com> | 2020-05-19 14:09:38 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2020-05-19 14:09:57 +0200 |
commit | 790b8dda4455865cb8c3a47801f4304c1a43baf6 (patch) | |
tree | f410f4425e93ec71223199ef2075574758bb1541 /nss/nss_compat | |
parent | 765de945efc5d5602999b2999fe8abdf04881370 (diff) | |
download | glibc-790b8dda4455865cb8c3a47801f4304c1a43baf6.zip glibc-790b8dda4455865cb8c3a47801f4304c1a43baf6.tar.gz glibc-790b8dda4455865cb8c3a47801f4304c1a43baf6.tar.bz2 |
nss_compat: internal_end*ent may clobber errno, hiding ERANGE [BZ #25976]
During cleanup, before returning from get*_r functions, the end*ent
calls must not change errno. Otherwise, an ERANGE error from the
underlying implementation can be hidden, causing unexpected lookup
failures. This commit introduces an internal_end*ent_noerror
function which saves and restore errno, and marks the original
internal_end*ent function as warn_unused_result, so that it is used
only in contexts were errors from it can be handled explicitly.
Reviewed-by: DJ Delorie <dj@redhat.com>
Diffstat (limited to 'nss/nss_compat')
-rw-r--r-- | nss/nss_compat/compat-grp.c | 15 | ||||
-rw-r--r-- | nss/nss_compat/compat-initgroups.c | 13 | ||||
-rw-r--r-- | nss/nss_compat/compat-pwd.c | 15 | ||||
-rw-r--r-- | nss/nss_compat/compat-spwd.c | 14 |
4 files changed, 46 insertions, 11 deletions
diff --git a/nss/nss_compat/compat-grp.c b/nss/nss_compat/compat-grp.c index 14aadc6..d4f750b 100644 --- a/nss/nss_compat/compat-grp.c +++ b/nss/nss_compat/compat-grp.c @@ -144,7 +144,7 @@ _nss_compat_setgrent (int stayopen) } -static enum nss_status +static enum nss_status __attribute_warn_unused_result__ internal_endgrent (ent_t *ent) { if (ent->stream != NULL) @@ -165,6 +165,15 @@ internal_endgrent (ent_t *ent) return NSS_STATUS_SUCCESS; } +/* Like internal_endgrent, but preserve errno in all cases. */ +static void +internal_endgrent_noerror (ent_t *ent) +{ + int saved_errno = errno; + enum nss_status unused __attribute__ ((unused)) = internal_endgrent (ent); + __set_errno (saved_errno); +} + enum nss_status _nss_compat_endgrent (void) { @@ -485,7 +494,7 @@ _nss_compat_getgrnam_r (const char *name, struct group *grp, if (result == NSS_STATUS_SUCCESS) result = internal_getgrnam_r (name, grp, &ent, buffer, buflen, errnop); - internal_endgrent (&ent); + internal_endgrent_noerror (&ent); return result; } @@ -614,7 +623,7 @@ _nss_compat_getgrgid_r (gid_t gid, struct group *grp, if (result == NSS_STATUS_SUCCESS) result = internal_getgrgid_r (gid, grp, &ent, buffer, buflen, errnop); - internal_endgrent (&ent); + internal_endgrent_noerror (&ent); return result; } diff --git a/nss/nss_compat/compat-initgroups.c b/nss/nss_compat/compat-initgroups.c index 67a4c10..3671bef 100644 --- a/nss/nss_compat/compat-initgroups.c +++ b/nss/nss_compat/compat-initgroups.c @@ -134,7 +134,7 @@ internal_setgrent (ent_t *ent) } -static enum nss_status +static enum nss_status __attribute_warn_unused_result__ internal_endgrent (ent_t *ent) { if (ent->stream != NULL) @@ -158,6 +158,15 @@ internal_endgrent (ent_t *ent) return NSS_STATUS_SUCCESS; } +/* Like internal_endgrent, but preserve errno in all cases. */ +static void +internal_endgrent_noerror (ent_t *ent) +{ + int saved_errno = errno; + enum nss_status unused __attribute__ ((unused)) = internal_endgrent (ent); + __set_errno (saved_errno); +} + /* Add new group record. */ static void add_group (long int *start, long int *size, gid_t **groupsp, long int limit, @@ -502,7 +511,7 @@ _nss_compat_initgroups_dyn (const char *user, gid_t group, long int *start, done: scratch_buffer_free (&tmpbuf); - internal_endgrent (&intern); + internal_endgrent_noerror (&intern); return status; } diff --git a/nss/nss_compat/compat-pwd.c b/nss/nss_compat/compat-pwd.c index dfb454f..394e39b 100644 --- a/nss/nss_compat/compat-pwd.c +++ b/nss/nss_compat/compat-pwd.c @@ -261,7 +261,7 @@ _nss_compat_setpwent (int stayopen) } -static enum nss_status +static enum nss_status __attribute_warn_unused_result__ internal_endpwent (ent_t *ent) { if (ent->stream != NULL) @@ -289,6 +289,15 @@ internal_endpwent (ent_t *ent) return NSS_STATUS_SUCCESS; } +/* Like internal_endpwent, but preserve errno in all cases. */ +static void +internal_endpwent_noerror (ent_t *ent) +{ + int saved_errno = errno; + enum nss_status unused __attribute__ ((unused)) = internal_endpwent (ent); + __set_errno (saved_errno); +} + enum nss_status _nss_compat_endpwent (void) { @@ -824,7 +833,7 @@ _nss_compat_getpwnam_r (const char *name, struct passwd *pwd, if (result == NSS_STATUS_SUCCESS) result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop); - internal_endpwent (&ent); + internal_endpwent_noerror (&ent); return result; } @@ -1063,7 +1072,7 @@ _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd, if (result == NSS_STATUS_SUCCESS) result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop); - internal_endpwent (&ent); + internal_endpwent_noerror (&ent); return result; } diff --git a/nss/nss_compat/compat-spwd.c b/nss/nss_compat/compat-spwd.c index 0a1fde1..ec5bf28 100644 --- a/nss/nss_compat/compat-spwd.c +++ b/nss/nss_compat/compat-spwd.c @@ -217,7 +217,7 @@ _nss_compat_setspent (int stayopen) } -static enum nss_status +static enum nss_status __attribute_warn_unused_result__ internal_endspent (ent_t *ent) { if (ent->stream != NULL) @@ -246,6 +246,15 @@ internal_endspent (ent_t *ent) return NSS_STATUS_SUCCESS; } +/* Like internal_endspent, but preserve errno in all cases. */ +static void +internal_endspent_noerror (ent_t *ent) +{ + int saved_errno = errno; + enum nss_status unused __attribute__ ((unused)) = internal_endspent (ent); + __set_errno (saved_errno); +} + enum nss_status _nss_compat_endspent (void) { @@ -263,7 +272,6 @@ _nss_compat_endspent (void) return result; } - static enum nss_status getspent_next_nss_netgr (const char *name, struct spwd *result, ent_t *ent, char *group, char *buffer, size_t buflen, @@ -788,7 +796,7 @@ _nss_compat_getspnam_r (const char *name, struct spwd *pwd, if (result == NSS_STATUS_SUCCESS) result = internal_getspnam_r (name, pwd, &ent, buffer, buflen, errnop); - internal_endspent (&ent); + internal_endspent_noerror (&ent); return result; } |