olga / rpms / glibc

Forked from rpms/glibc 5 years ago
Clone

Blame SOURCES/glibc-rh1505647.patch

c6d234
commit 1c81d55fc4b07b51adf68558ba74ce975153e580
c6d234
Author: DJ Delorie <dj@redhat.com>
c6d234
Date:   Thu Mar 1 23:20:45 2018 -0500
c6d234
c6d234
    [BZ #22342] Fix netgroup cache keys.
c6d234
    
c6d234
    Unlike other nscd caches, the netgroup cache contains two types of
c6d234
    records - those for "iterate through a netgroup" (i.e. setnetgrent())
c6d234
    and those for "is this user in this netgroup" (i.e. innetgr()),
c6d234
    i.e. full and partial records.  The timeout code assumes these records
c6d234
    have the same key for the group name, so that the collection of records
c6d234
    that is "this netgroup" can be expired as a unit.
c6d234
    
c6d234
    However, the keys are not the same, as the in-netgroup key is generated
c6d234
    by nscd rather than being passed to it from elsewhere, and is generated
c6d234
    without the trailing NUL.  All other keys have the trailing NUL, and as
c6d234
    noted in the linked BZ, debug statements confirm that two keys for the
c6d234
    same netgroup are added to the cache with two different lengths.
c6d234
    
c6d234
    The result of this is that as records in the cache expire, the purge
c6d234
    code only cleans out one of the two types of entries, resulting in
c6d234
    stale, possibly incorrect, and possibly inconsistent cache data.
c6d234
    
c6d234
    The patch simply includes the existing NUL in the computation for the
c6d234
    key length ('key' points to the char after the NUL, and 'group' to the
c6d234
    first char of the group, so 'key-group' includes the first char to the
c6d234
    NUL, inclusive).
c6d234
    
c6d234
    	[BZ #22342]
c6d234
    	* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
c6d234
    	key value.
c6d234
    
c6d234
    Reviewed-by: Carlos O'Donell <carlos@redhat.com>
c6d234
c6d234
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
c6d234
index b832c93..2f187b2 100644
c6d234
--- a/nscd/netgroupcache.c
c6d234
+++ b/nscd/netgroupcache.c
c6d234
@@ -480,7 +480,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
c6d234
 {
c6d234
   const char *group = key;
c6d234
   key = (char *) rawmemchr (key, '\0') + 1;
c6d234
-  size_t group_len = key - group - 1;
c6d234
+  size_t group_len = key - group;
c6d234
   const char *host = *key++ ? key : NULL;
c6d234
   if (host != NULL)
c6d234
     key = (char *) rawmemchr (key, '\0') + 1;