aboutsummaryrefslogtreecommitdiff
path: root/nis
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2004-09-12 20:38:38 +0000
committerUlrich Drepper <drepper@redhat.com>2004-09-12 20:38:38 +0000
commit20f8e6663accb3d318630e8ec4a08ed37521fce6 (patch)
treea780fced9cb6d492f91e89edbefa791a383e8572 /nis
parentccc63b07082c257ffc6fe0b0bbf770283bb44e98 (diff)
downloadglibc-20f8e6663accb3d318630e8ec4a08ed37521fce6.zip
glibc-20f8e6663accb3d318630e8ec4a08ed37521fce6.tar.gz
glibc-20f8e6663accb3d318630e8ec4a08ed37521fce6.tar.bz2
Update.
2004-09-11 Thorsten Kukuk <kukuk@suse.de> * nis/nss_compat/compat-grp.c: Check that buflen is greater zero before writing data into the buffer with negative offset. * nis/nss_compat/compat-initgroups.c: Likewise. * nis/nss_compat/compat-pwd.c: Likewise. * nis/nss_compat/compat-spwd.c Likewise.
Diffstat (limited to 'nis')
-rw-r--r--nis/nss_compat/compat-grp.c82
-rw-r--r--nis/nss_compat/compat-initgroups.c24
-rw-r--r--nis/nss_compat/compat-pwd.c74
-rw-r--r--nis/nss_compat/compat-spwd.c48
4 files changed, 131 insertions, 97 deletions
diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c
index 85414ed..08bf5d2 100644
--- a/nis/nss_compat/compat-grp.c
+++ b/nis/nss_compat/compat-grp.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 1996,1997,1998,1999,2001,2002, 2003 Free Software Foundation, Inc.
+/* Copyright (C) 1996-1999,2001,2002,2003,2004 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Thorsten Kukuk <kukuk@suse.de>, 1996.
@@ -253,17 +253,25 @@ getgrent_next_file (struct group *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -279,13 +287,9 @@ getgrent_next_file (struct group *result, ent_t *ent,
!(parse_res = _nss_files_parse_grent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
/* This is a real entry. */
@@ -315,17 +319,15 @@ getgrent_next_file (struct group *result, ent_t *ent,
blacklist_store_name (buf, ent);
if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
break;
- else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry */
+ else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry*/
|| status == NSS_STATUS_NOTFOUND) /* No group in NIS */
continue;
else
{
if (status == NSS_STATUS_TRYAGAIN)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- }
+ /* The parser ran out of space. */
+ goto erange_reset;
+
return status;
}
}
@@ -384,17 +386,25 @@ internal_getgrnam_r (const char *name, struct group *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -410,13 +420,9 @@ internal_getgrnam_r (const char *name, struct group *result, ent_t *ent,
!(parse_res = _nss_files_parse_grent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
/* This is a real entry. */
if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
@@ -511,17 +517,25 @@ internal_getgrgid_r (gid_t gid, struct group *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -538,12 +552,8 @@ internal_getgrgid_r (gid_t gid, struct group *result, ent_t *ent,
errnop)));
if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ /* The parser ran out of space. */
+ goto erange_reset;
/* This is a real entry. */
if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
diff --git a/nis/nss_compat/compat-initgroups.c b/nis/nss_compat/compat-initgroups.c
index 100febc..9574ea7 100644
--- a/nis/nss_compat/compat-initgroups.c
+++ b/nis/nss_compat/compat-initgroups.c
@@ -327,17 +327,25 @@ internal_getgrent_r (ent_t *ent, char *buffer, size_t buflen, const char *user,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -353,13 +361,9 @@ internal_getgrent_r (ent_t *ent, char *buffer, size_t buflen, const char *user,
!(parse_res = _nss_files_parse_grent (p, &grpbuf, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
if (grpbuf.gr_name[0] != '+' && grpbuf.gr_name[0] != '-')
/* This is a real entry. */
diff --git a/nis/nss_compat/compat-pwd.c b/nis/nss_compat/compat-pwd.c
index b8c5890..89a6a70 100644
--- a/nis/nss_compat/compat-pwd.c
+++ b/nis/nss_compat/compat-pwd.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 1996-1999,2001,2002,2003 Free Software Foundation, Inc.
+/* Copyright (C) 1996-1999,2001,2002,2003,2004 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
@@ -499,17 +499,25 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -525,13 +533,9 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
!(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
/* This is a real entry. */
@@ -694,6 +698,14 @@ internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
@@ -701,11 +713,11 @@ internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
{
return NSS_STATUS_NOTFOUND;
}
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -721,13 +733,9 @@ internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
!(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
/* This is a real entry. */
if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
@@ -897,17 +905,25 @@ internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -923,13 +939,9 @@ internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
!(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
/* This is a real entry. */
if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
diff --git a/nis/nss_compat/compat-spwd.c b/nis/nss_compat/compat-spwd.c
index 55db10e..4ca6368 100644
--- a/nis/nss_compat/compat-spwd.c
+++ b/nis/nss_compat/compat-spwd.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 1996-1999,2001,2002,2003 Free Software Foundation, Inc.
+/* Copyright (C) 1996-1999,2001,2002,2003,2004 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
@@ -451,17 +451,25 @@ getspent_next_file (struct spwd *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
if (p == NULL && feof_unlocked (ent->stream))
return NSS_STATUS_NOTFOUND;
- if (p == NULL || buffer[buflen - 1] != '\xff')
+ if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Skip leading blanks. */
@@ -474,13 +482,9 @@ getspent_next_file (struct spwd *result, ent_t *ent,
|| !(parse_res = _nss_files_parse_spent (p, result, data,
buflen, errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
if (result->sp_namp[0] != '+' && result->sp_namp[0] != '-')
/* This is a real entry. */
@@ -645,6 +649,14 @@ internal_getspnam_r (const char *name, struct spwd *result, ent_t *ent,
do
{
+ /* We need at least 3 characters for one line. */
+ if (__builtin_expect (buflen < 3, 0))
+ {
+ erange:
+ *errnop = ERANGE;
+ return NSS_STATUS_TRYAGAIN;
+ }
+
fgetpos (ent->stream, &pos);
buffer[buflen - 1] = '\xff';
p = fgets_unlocked (buffer, buflen, ent->stream);
@@ -653,9 +665,9 @@ internal_getspnam_r (const char *name, struct spwd *result, ent_t *ent,
if (p == NULL || buffer[buflen - 1] != '\xff')
{
+ erange_reset:
fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
+ goto erange;
}
/* Terminate the line for any case. */
@@ -671,13 +683,9 @@ internal_getspnam_r (const char *name, struct spwd *result, ent_t *ent,
!(parse_res = _nss_files_parse_spent (p, result, data, buflen,
errnop)));
- if (parse_res == -1)
- {
- /* The parser ran out of space. */
- fsetpos (ent->stream, &pos);
- *errnop = ERANGE;
- return NSS_STATUS_TRYAGAIN;
- }
+ if (__builtin_expect (parse_res == -1, 0))
+ /* The parser ran out of space. */
+ goto erange_reset;
/* This is a real entry. */
if (result->sp_namp[0] != '+' && result->sp_namp[0] != '-')