aboutsummaryrefslogtreecommitdiff
path: root/nss
AgeCommit message (Collapse)AuthorFilesLines
2024-12-23getaddrinfo.c: Avoid uninitialized pointer access [BZ #32465]H.J. Lu1-23/+22
Add valid_decimal_value to check valid decimal value in a string to avoid uninitialized endp in add_prefixlist and gaiconf_init as reported by Clang 19: ./getaddrinfo.c:1884:11: error: variable 'endp' is used uninitialized whenever '||' condition is true [-Werror,-Wsometimes-uninitialized] 1884 | && (cp == NULL | ^~~~~~~~~~ ./getaddrinfo.c:1887:11: note: uninitialized use occurs here 1887 | && *endp == '\0' | ^~~~ ./getaddrinfo.c:1884:11: note: remove the '||' if its condition is always false 1884 | && (cp == NULL | ^~~~~~~~~~ 1885 | || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX | ~~ ./getaddrinfo.c:1875:13: note: initialize the variable 'endp' to silence this warning 1875 | char *endp; | ^ | = NULL This fixes BZ #32465. Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
2024-12-16Use empty initializer to silence GCC 4.9 or olderH.J. Lu1-1/+1
Use empty initializer to silence GCC 4.9 or older: getaddrinfo.c: In function ‘gaih_inet’: getaddrinfo.c:1135:24: error: missing braces around initializer [-Werror=missing-braces] / sizeof (struct gaih_typeproto)] = {0}; ^ Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
2024-12-15Revert "Add braces in initializers for GCC 4.9 or older"H.J. Lu1-1/+1
This reverts commit 8aa2a9e0339215012354f3c4a262edda838134e8. as not all targets need braces.
2024-12-14Add braces in initializers for GCC 4.9 or olderH.J. Lu1-1/+1
Add braces to silence GCC 4.9 or older: getaddrinfo.c: In function ‘gaih_inet’: getaddrinfo.c:1135:24: error: missing braces around initializer [-Werror=missing-braces] / sizeof (struct gaih_typeproto)] = {0}; ^ Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
2024-11-25Silence most -Wzero-as-null-pointer-constant diagnosticsAlejandro Colomar1-2/+2
Replace 0 by NULL and {0} by {}. Omit a few cases that aren't so trivial to fix. Link: <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117059> Link: <https://software.codidact.com/posts/292718/292759#answer-292759> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-08-07nss: Fix incorrect switch fall-through in tst-nss-gai-actionsFlorian Weimer1-0/+1
This only happened on test failure. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-02getaddrinfo: translate ENOMEM to EAI_MEMORY (bug 31163)Andreas Schwab1-1/+8
When __resolv_context_get returns NULL due to out of memory, translate it to a return value of EAI_MEMORY.
2024-01-01Update copyright dates not handled by scripts/update-copyrightsPaul Eggert2-2/+2
I've updated copyright dates in glibc for 2024. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files.
2024-01-01Update copyright dates with scripts/update-copyrightsPaul Eggert210-210/+210
2023-12-20nss: Remove unused allocation from get_nscd_addresses in getaddrinfoFlorian Weimer1-1/+0
No bug because this is not visible if glibc is built with optimization. Otherwise this would be a critical resource leak. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-10-24Move getnameinfo from 'inet' to 'nss'Arjun Shankar3-0/+565
getnameinfo is an entry points for nss functionality. This commit moves it from the 'inet' subdirectory to 'nss'. The corresponding Versions entry is also moved from 'posix' into 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move getaddrinfo from 'posix' into 'nss'Arjun Shankar11-2/+3579
getaddrinfo is an entry point for nss functionality. This commit moves it from 'sysdeps/posix' to 'nss', gets rid of the stub in 'posix', and moves all associated tests as well. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'services' routines from 'inet' into 'nss'Arjun Shankar8-0/+182
The getservby* and getservent* routines are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'rpc' routines from 'inet' into 'nss'Arjun Shankar9-0/+274
The getrpcby* and getrpcent* routines are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss'. The Versions entries for these routines along with a test, located in the 'sunrpc' subdirectory, are also moved into 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'protocols' routines from 'inet' into 'nss'Arjun Shankar8-0/+200
The getprotoby* and getprotoent* routines are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'networks' routines from 'inet' into 'nss'Arjun Shankar8-0/+214
The getnetby* and getnetent* routines are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'netgroup' routines from 'inet' into 'nss'Arjun Shankar5-0/+651
These netgroup routines are entry points for nss functionality. This commit moves them along with netgroup.h from the 'inet' subdirectory to 'nss', and adjusts any references accordingly. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'hosts' routines from 'inet' into 'nss'Arjun Shankar11-0/+392
The gethostby* and gethostent* routines are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss'. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'ethers' routines from 'inet' into 'nss'Arjun Shankar4-0/+126
ether_hostton and ether_ntohost are entry points for nss functionality. This commit moves them from the 'inet' subdirectory to 'nss', and adjusts any references accordingly. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Move 'aliases' routines from 'inet' into 'nss'Arjun Shankar7-0/+197
The aliases routines are entry points for nss functionality. This commit moves aliases.h and the aliases routines from the 'inet' subdirectory to 'nss', and adjusts any external references. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Remove 'shadow' and merge into 'nss'Arjun Shankar15-0/+1153
The majority of shadow routines are entry points for nss functionality. This commit removes the 'shadow' subdirectory and moves all functionality and tests to 'nss'. References to shadow/ are accordingly changed. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Remove 'pwd' and merge into 'nss'Arjun Shankar15-0/+968
The majority of pwd routines are entry points for nss functionality. This commit removes the 'pwd' subdirectory and moves all functionality and tests to 'nss'. References to pwd/ are accordingly changed. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Remove 'gshadow' and merge into 'nss'Arjun Shankar16-0/+1246
The majority of gshadow routines are entry points for nss functionality. This commit removes the 'gshadow' subdirectory and moves all functionality and tests to 'nss'. References to gshadow/ are accordingly changed. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-24Remove 'grp' and merge into 'nss' and 'posix'Arjun Shankar28-1/+1720
The majority of grp routines are entry points for nss functionality. This commit removes the 'grp' subdirectory and moves all nss-relevant functionality and all tests to 'nss', and the 'setgroups' stub into 'posix' (alongside the 'getgroups' stub). References to grp/ are accordingly changed. In addition, compat-initgroups.c, a fallback implementation of initgroups is renamed to initgroups-fallback.c so that the build system does not confuse it for nss_compat/compat-initgroups.c. Build time improves very slightly; e.g. down from an average of 45.5s to 44.5s on an 8-thread mobile x86_64 CPU. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-10-04nss: Get rid of alloca usage in makedb's write_output.Joe Simmons-Talbott1-1/+12
Replace alloca usage with a scratch_buffer. Reviewed-by: Arjun Shankar <arjun@redhat.com>
2023-10-04nss: Rearrange and sort Makefile variablesArjun Shankar1-14/+41
Rearrange lists of routines, tests, etc. into one-per-line in nss/Makefile and sort them using scripts/sort-makefile-lines.py. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-09-25Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]Romain Geissler2-0/+23
This patch fixes a very recently added leak in getaddrinfo. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-09-15getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)Siddhesh Poyarekar6-2/+135
When an NSS plugin only implements the _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use memory that was freed during tmpbuf resizing, through h_name in a previous query response. The backing store for res->at->name when doing a query with gethostbyname3_r or gethostbyname2_r is tmpbuf, which is reallocated in gethosts during the query. For AF_INET6 lookup with AI_ALL | AI_V4MAPPED, gethosts gets called twice, once for a v6 lookup and second for a v4 lookup. In this case, if the first call reallocates tmpbuf enough number of times, resulting in a malloc, th->h_name (that res->at->name refers to) ends up on a heap allocated storage in tmpbuf. Now if the second call to gethosts also causes the plugin callback to return NSS_STATUS_TRYAGAIN, tmpbuf will get freed, resulting in a UAF reference in res->at->name. This then gets dereferenced in the getcanonname_r plugin call, resulting in the use after free. Fix this by copying h_name over and freeing it at the end. This resolves BZ #30843, which is assigned CVE-2023-4806. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-07-24Restore lookup of IPv4 mapped addresses in files database (bug 25457)Andreas Schwab5-9/+59
This was broken by commit 9c02d0784d ("nss_files: Remove RES_USE_INET6 from hosts processing"), which removed too much.
2023-06-19tests: replace system by xsystemFrédéric Bérat1-1/+2
With fortification enabled, system calls return result needs to be checked, has it gets the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-06tests: Replace various function calls with their x variantFrédéric Bérat1-1/+1
With fortification enabled, few function calls return result need to be checked, has they get the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-02Fix all the remaining misspellings -- BZ 25337Paul Pluzhnikov10-10/+10
2023-05-16nss: Reconcile conditional declaration and use of `is_nscd'Arjun Shankar1-3/+3
This change harmonizes the declaration and use of `is_nscd' and fixes a build failure with the "--enable-static-nss --enable-nscd" configuration options due to `is_nscd' being used undeclared. The purpose of `is_nscd' is to avoid (nss <-> nscd) recursion in dynamically linked libc (SHARED) that is nscd-aware (USE_NSCD), and so its declaration and use should be guarded by the definition of those macros. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-03-27Move libc_freeres_ptrs and libc_subfreeres to hidden/weak functionsAdhemerval Zanella Netto8-14/+15
They are both used by __libc_freeres to free all library malloc allocated resources to help tooling like mtrace or valgrind with memory leak tracking. The current scheme uses assembly markers and linker script entries to consolidate the free routine function pointers in the RELRO segment and to be freed buffers in BSS. This patch changes it to use specific free functions for libc_freeres_ptrs buffers and call the function pointer array directly with call_function_static_weak. It allows the removal of both the internal macros and the linker script sections. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-02-17Use uintptr_t instead of performing pointer subtraction with a null pointerQihao Chencao2-2/+2
Signed-off-by: Qihao Chencao <twose@qq.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-02-06Replace rawmemchr (s, '\0') with strchrWilco Dijkstra1-1/+1
Almost all uses of rawmemchr find the end of a string. Since most targets use a generic implementation, replacing it with strchr is better since that is optimized by compilers into strlen (s) + s. Also fix the generic rawmemchr implementation to use a cast to unsigned char in the if statement. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2023-01-06Update copyright dates not handled by scripts/update-copyrightsJoseph Myers2-2/+2
I've updated copyright dates in glibc for 2023. This is the patch for the changes not generated by scripts/update-copyrights and subsequent build / regeneration of generated files.
2023-01-06Update copyright dates with scripts/update-copyrightsJoseph Myers105-105/+105
2022-10-18Use PTR_MANGLE and PTR_DEMANGLE unconditionally in C sourcesFlorian Weimer1-12/+0
In the future, this will result in a compilation failure if the macros are unexpectedly undefined (due to header inclusion ordering or header inclusion missing altogether). Assembler sources are more difficult to convert. In many cases, they are hand-optimized for the mangling and no-mangling variants, which is why they are not converted. sysdeps/s390/s390-32/__longjmp.c and sysdeps/s390/s390-64/__longjmp.c are special: These are C sources, but most of the implementation is in assembler, so the PTR_DEMANGLE macro has to be undefined in some cases, to match the assembler style. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2022-10-18Introduce <pointer_guard.h>, extracted from <sysdep.h>Florian Weimer1-1/+1
This allows us to define a generic no-op version of PTR_MANGLE and PTR_DEMANGLE. In the future, we can use PTR_MANGLE and PTR_DEMANGLE unconditionally in C sources, avoiding an unintended loss of hardening due to missing include files or unlucky header inclusion ordering. In i386 and x86_64, we can avoid a <tls.h> dependency in the C code by using the computed constant from <tcb-offsets.h>. <sysdep.h> no longer includes these definitions, so there is no cyclic dependency anymore when computing the <tcb-offsets.h> constants. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2022-09-23nss: Use shared prefix in IPv4 address in tst-reload1Florian Weimer1-4/+4
Otherwise, sorting based on the longest-matching prefix in getaddrinfo can reorder the addresses in ways the test does not expect, depending on the IPv4 address of the host. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-09-23nss: Enhance tst-reload1 coverage and loggingFlorian Weimer1-22/+29
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-09-20nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816)Florian Weimer1-4/+5
getent implicitly passes AI_ADDRCONFIG to getaddrinfo by default. Use --no-addrconfig to suppress that, so that both IPv4 and IPv6 lookups succeed even if the address family is not supported by the host. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-09-20nss: Implement --no-addrconfig option for getentFlorian Weimer1-1/+10
The ahosts, ahostsv4, ahostsv6 commands unconditionally pass AI_ADDRCONFIG to getaddrinfo, which is not always desired. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2022-09-12makedb: fix build with libselinux >= 3.1 (Bug 26233)Aurelien Jarno1-9/+15
glibc doesn't build with libselinux 3.1 that has been released recently due to new deprecations introduced in that version and the fact that glibc is built with -Werror by default: | makedb.c: In function ‘set_file_creation_context’: | makedb.c:849:3: error: ‘security_context_t’ is deprecated [-Werror=deprecated-declarations] | 849 | security_context_t ctx; | | ^~~~~~~~~~~~~~~~~~ | makedb.c:863:3: error: ‘matchpathcon’ is deprecated: Use selabel_lookup instead [-Werror=deprecated-declarations] | 863 | if (matchpathcon (outname, S_IFREG | mode, &ctx) == 0 && ctx != NULL) | | ^~ | In file included from makedb.c:50: | /usr/include/selinux/selinux.h:500:12: note: declared here | 500 | extern int matchpathcon(const char *path, | | ^~~~~~~~~~~~ | cc1: all warnings being treated as errors This patch fixes the makedb half of bug 26233 by moving to the new SELinux APIs and removes the existing compiler pragmas as no longer required. Upstream API usage feedback gathered by Arjun is integrated into this version of the fix. The built makedb was tested and operates as expected on x86_64 with SELinu in enforcing mode. No regressions on x86_64 with libselinux 3.3. Co-authored-by: Arjun Shankar <arjun@redhat.com> Co-authored-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-06-08nss: handle stat failure in check_reload_and_get (BZ #28752)Sam James1-15/+24
Skip the chroot test if the database isn't loaded correctly (because the chroot test uses some existing DB state). The __stat64_time64 -> fstatat call can fail if running under an (aggressive) seccomp filter, like Firefox seems to use. This manifested in a crash when using glib built with FAM support with such a Firefox build. Suggested-by: DJ Delorie <dj@redhat.com> Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: DJ Delorie <dj@redhat.com>
2022-06-08nss: add assert to DB_LOOKUP_FCT (BZ #28752)Sam James1-0/+5
It's interesting if we have a null action list, so an assert is worthwhile. Suggested-by: DJ Delorie <dj@redhat.com> Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: DJ Delorie <dj@redhat.com>
2022-05-23nss: Optimize nss_hash in nss_hash.cNoah Goldstein1-37/+42
The prior unrolling didn't really do much as it left the dependency chain between iterations. Unrolled the loop for 4 so 4x multiplies could be pipelined in out-of-order machines. Results for __nss_hash Benchmarked on Tigerlake: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz Time as Geometric Mean of N=25 runs Geometric of all benchmark New / Old: 0.845 type, length, New Time, Old Time, New Time / Old Time fixed, 0, 4.019, 3.729, 1.078 fixed, 1, 4.95, 5.707, 0.867 fixed, 2, 5.152, 5.657, 0.911 fixed, 3, 4.641, 5.721, 0.811 fixed, 4, 5.551, 5.81, 0.955 fixed, 5, 6.525, 6.552, 0.996 fixed, 6, 6.711, 6.561, 1.023 fixed, 7, 6.715, 6.767, 0.992 fixed, 8, 7.874, 7.915, 0.995 fixed, 9, 8.888, 9.767, 0.91 fixed, 10, 8.959, 9.762, 0.918 fixed, 11, 9.188, 9.987, 0.92 fixed, 12, 9.708, 10.618, 0.914 fixed, 13, 10.393, 11.14, 0.933 fixed, 14, 10.628, 12.097, 0.879 fixed, 15, 10.982, 12.965, 0.847 fixed, 16, 11.851, 14.429, 0.821 fixed, 32, 24.334, 34.414, 0.707 fixed, 64, 55.618, 86.688, 0.642 fixed, 128, 118.261, 224.36, 0.527 fixed, 256, 256.183, 538.629, 0.476 random, 2, 11.194, 11.556, 0.969 random, 4, 17.516, 17.205, 1.018 random, 8, 23.501, 20.985, 1.12 random, 16, 28.131, 29.212, 0.963 random, 32, 35.436, 38.662, 0.917 random, 64, 45.74, 58.868, 0.777 random, 128, 75.394, 121.963, 0.618 random, 256, 139.524, 260.726, 0.535 Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-05-23nss: Add tests for the nss_hash in nss_hash.hNoah Goldstein4-0/+124
If we want to further optimize the function tests are needed. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2022-04-12hurd: Fix arbitrary error codeSamuel Thibault1-1/+1
ELIBBAD is Linux-specific.