|
 |
25845f |
commit 1c81d55fc4b07b51adf68558ba74ce975153e580
|
|
|
25845f |
Author: DJ Delorie <dj@redhat.com>
|
|
|
25845f |
Date: Thu Mar 1 23:20:45 2018 -0500
|
|
|
25845f |
|
|
|
25845f |
[BZ #22342] Fix netgroup cache keys.
|
|
|
25845f |
|
|
|
25845f |
Unlike other nscd caches, the netgroup cache contains two types of
|
|
|
25845f |
records - those for "iterate through a netgroup" (i.e. setnetgrent())
|
|
|
25845f |
and those for "is this user in this netgroup" (i.e. innetgr()),
|
|
|
25845f |
i.e. full and partial records. The timeout code assumes these records
|
|
|
25845f |
have the same key for the group name, so that the collection of records
|
|
|
25845f |
that is "this netgroup" can be expired as a unit.
|
|
|
25845f |
|
|
|
25845f |
However, the keys are not the same, as the in-netgroup key is generated
|
|
|
25845f |
by nscd rather than being passed to it from elsewhere, and is generated
|
|
|
25845f |
without the trailing NUL. All other keys have the trailing NUL, and as
|
|
|
25845f |
noted in the linked BZ, debug statements confirm that two keys for the
|
|
|
25845f |
same netgroup are added to the cache with two different lengths.
|
|
|
25845f |
|
|
|
25845f |
The result of this is that as records in the cache expire, the purge
|
|
|
25845f |
code only cleans out one of the two types of entries, resulting in
|
|
|
25845f |
stale, possibly incorrect, and possibly inconsistent cache data.
|
|
|
25845f |
|
|
|
25845f |
The patch simply includes the existing NUL in the computation for the
|
|
|
25845f |
key length ('key' points to the char after the NUL, and 'group' to the
|
|
|
25845f |
first char of the group, so 'key-group' includes the first char to the
|
|
|
25845f |
NUL, inclusive).
|
|
|
25845f |
|
|
|
25845f |
[BZ #22342]
|
|
|
25845f |
* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
|
|
|
25845f |
key value.
|
|
|
25845f |
|
|
|
25845f |
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
|
25845f |
|
|
|
25845f |
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
|
|
|
25845f |
index b832c93..2f187b2 100644
|
|
|
25845f |
--- a/nscd/netgroupcache.c
|
|
|
25845f |
+++ b/nscd/netgroupcache.c
|
|
|
25845f |
@@ -480,7 +480,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
|
|
|
25845f |
{
|
|
|
25845f |
const char *group = key;
|
|
|
25845f |
key = (char *) rawmemchr (key, '\0') + 1;
|
|
|
25845f |
- size_t group_len = key - group - 1;
|
|
|
25845f |
+ size_t group_len = key - group;
|
|
|
25845f |
const char *host = *key++ ? key : NULL;
|
|
|
25845f |
if (host != NULL)
|
|
|
25845f |
key = (char *) rawmemchr (key, '\0') + 1;
|