commit 99135114ba23c3110b7e4e650fabdc5e639746b7

Author: DJ Delorie <dj@redhat.com>

Date:   Fri Jun 28 18:30:00 2019 -0500

    nss_db: fix endent wrt NULL mappings [BZ #24695] [BZ #24696]

    nss_db allows for getpwent et al to be called without a set*ent,

    but it only works once.  After the last get*ent a set*ent is

    required to restart, because the end*ent did not properly reset

    the module.  Resetting it to NULL allows for a proper restart.

    If the database doesn't exist, however, end*ent erroniously called

    munmap which set errno.

    The test case runs "makedb" inside the testroot, so needs selinux

    DSOs installed.

diff -rupN a/nss/Makefile b/nss/Makefile

--- a/nss/Makefile	2019-11-04 15:14:16.721221038 -0500

+++ b/nss/Makefile	2019-11-04 15:15:46.447544678 -0500

@@ -60,6 +60,10 @@ tests			= test-netdb test-digits-dots ts

 			  tst-nss-test5

 xtests			= bug-erange

+tests-container = \

+			  tst-nss-db-endpwent \

+			  tst-nss-db-endgrent

+

 # Tests which need libdl

 ifeq (yes,$(build-shared))

 tests += tst-nss-files-hosts-erange

diff -rupN a/nss/nss_db/db-open.c b/nss/nss_db/db-open.c

--- a/nss/nss_db/db-open.c	2018-08-01 01:10:47.000000000 -0400

+++ b/nss/nss_db/db-open.c	2019-11-04 15:15:10.520213846 -0500

@@ -63,5 +63,9 @@ internal_setent (const char *file, struc

 void

 internal_endent (struct nss_db_map *mapping)

 {

-  munmap (mapping->header, mapping->len);

+  if (mapping->header != NULL)

+    {

+      munmap (mapping->header, mapping->len);

+      mapping->header = NULL;

+    }

 }

diff -rupN a/nss/tst-nss-db-endgrent.c b/nss/tst-nss-db-endgrent.c

--- a/nss/tst-nss-db-endgrent.c	1969-12-31 19:00:00.000000000 -0500

+++ b/nss/tst-nss-db-endgrent.c	2019-11-04 15:15:10.526214069 -0500

@@ -0,0 +1,54 @@

+/* Test for endgrent changing errno for BZ #24696

+   Copyright (C) 2019 Free Software Foundation, Inc.

+   This file is part of the GNU C Library.

+

+   The GNU C Library is free software; you can redistribute it and/or

+   modify it under the terms of the GNU Lesser General Public

+   License as published by the Free Software Foundation; either

+   version 2.1 of the License, or (at your option) any later version.

+

+   The GNU C Library is distributed in the hope that it will be useful,

+   but WITHOUT ANY WARRANTY; without even the implied warranty of

+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

+   Lesser General Public License for more details.

+

+   You should have received a copy of the GNU Lesser General Public

+   License along with the GNU C Library; if not, see

+   <http://www.gnu.org/licenses/>.  */

+

+#include <stdlib.h>

+#include <sys/types.h>

+#include <grp.h>

+#include <unistd.h>

+#include <errno.h>

+

+#include <support/check.h>

+#include <support/support.h>

+

+/* The following test verifies that if the db NSS Service is initialized

+   with no database (getgrent), that a subsequent closure (endgrent) does

+   not set errno. In the case of the db service it is not an error to close

+   the service and so it should not set errno.  */

+

+static int

+do_test (void)

+{

+  /* Just make sure it's not there, although usually it won't be.  */

+  unlink ("/var/db/group.db");

+

+  /* This, in conjunction with the testroot's nsswitch.conf, causes

+     the nss_db module to be "connected" and initialized - but the

+     testroot has no group.db, so no mapping will be created.  */

+  getgrent ();

+

+  errno = 0;

+

+  /* Before the fix, this would call munmap (NULL) and set errno.  */

+  endgrent ();

+

+  if (errno != 0)

+    FAIL_EXIT1 ("endgrent set errno to %d\n", errno);

+

+  return 0;

+}

+#include <support/test-driver.c>

diff -rupN a/nss/tst-nss-db-endgrent.root/etc/nsswitch.conf b/nss/tst-nss-db-endgrent.root/etc/nsswitch.conf

--- a/nss/tst-nss-db-endgrent.root/etc/nsswitch.conf	1969-12-31 19:00:00.000000000 -0500

+++ b/nss/tst-nss-db-endgrent.root/etc/nsswitch.conf	2019-11-04 15:15:10.539214550 -0500

@@ -0,0 +1 @@

+group : db files

diff -rupN a/nss/tst-nss-db-endpwent.c b/nss/tst-nss-db-endpwent.c

--- a/nss/tst-nss-db-endpwent.c	1969-12-31 19:00:00.000000000 -0500

+++ b/nss/tst-nss-db-endpwent.c	2019-11-04 15:15:10.545214772 -0500

@@ -0,0 +1,66 @@

+/* Test for endpwent->getpwent crash for BZ #24695

+   Copyright (C) 2019 Free Software Foundation, Inc.

+   This file is part of the GNU C Library.

+

+   The GNU C Library is free software; you can redistribute it and/or

+   modify it under the terms of the GNU Lesser General Public

+   License as published by the Free Software Foundation; either

+   version 2.1 of the License, or (at your option) any later version.

+

+   The GNU C Library is distributed in the hope that it will be useful,

+   but WITHOUT ANY WARRANTY; without even the implied warranty of

+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

+   Lesser General Public License for more details.

+

+   You should have received a copy of the GNU Lesser General Public

+   License along with the GNU C Library; if not, see

+   <http://www.gnu.org/licenses/>.  */

+

+#include <stdlib.h>

+#include <string.h>

+#include <sys/types.h>

+#include <pwd.h>

+

+#include <support/support.h>

+#include <support/check.h>

+

+/* It is entirely allowed to start with a getpwent call without

+   resetting the state of the service via a call to setpwent.

+   You can also call getpwent more times than you have entries in

+   the service, and it should not fail.  This test iteratates the

+   database once, gets to the end, and then attempts a second

+   iteration to look for crashes.  */

+

+static void

+try_it (void)

+{

+  struct passwd *pw;

+

+  /* setpwent is intentionally omitted here.  The first call to

+     getpwent detects that it's first and initializes.  The second

+     time try_it is called, this "first call" was not detected before

+     the fix, and getpwent would crash.  */

+

+  while ((pw = getpwent ()) != NULL)

+    ;

+

+  /* We only care if this segfaults or not.  */

+  endpwent ();

+}

+

+static int

+do_test (void)

+{

+  char *cmd;

+

+  cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in",

+		   support_bindir_prefix);

+  system (cmd);

+  free (cmd);

+

+  try_it ();

+  try_it ();

+

+  return 0;

+}

+#include <support/test-driver.c>

diff -rupN a/nss/tst-nss-db-endpwent.root/etc/nsswitch.conf b/nss/tst-nss-db-endpwent.root/etc/nsswitch.conf

--- a/nss/tst-nss-db-endpwent.root/etc/nsswitch.conf	1969-12-31 19:00:00.000000000 -0500

+++ b/nss/tst-nss-db-endpwent.root/etc/nsswitch.conf	2019-11-04 15:15:10.556215180 -0500

@@ -0,0 +1 @@

+passwd: db

diff -rupN a/nss/tst-nss-db-endpwent.root/var/db/passwd.in b/nss/tst-nss-db-endpwent.root/var/db/passwd.in

--- a/nss/tst-nss-db-endpwent.root/var/db/passwd.in	1969-12-31 19:00:00.000000000 -0500

+++ b/nss/tst-nss-db-endpwent.root/var/db/passwd.in	2019-11-04 15:15:10.567215588 -0500

@@ -0,0 +1,4 @@

+.root root:x:0:0:root:/root:/bin/bash

+=0 root:x:0:0:root:/root:/bin/bash

+.bin bin:x:1:1:bin:/bin:/sbin/nologin

+=1 bin:x:1:1:bin:/bin:/sbin/nologin

diff -rupN a/support/Makefile b/support/Makefile

--- a/support/Makefile	2019-11-04 15:14:20.416357911 -0500

+++ b/support/Makefile	2019-11-04 15:15:10.574215847 -0500

@@ -180,6 +180,11 @@ LINKS_DSO_PROGRAM = links-dso-program

 LDLIBS-links-dso-program = -lstdc++ -lgcc -lgcc_s $(libunwind)

 endif

+ifeq (yes,$(have-selinux))

+LDLIBS-$(LINKS_DSO_PROGRAM) += -lselinux

+endif

+

+

 LDLIBS-test-container = $(libsupport)

 others += test-container

diff -rupN a/support/links-dso-program-c.c b/support/links-dso-program-c.c

--- a/support/links-dso-program-c.c	2019-11-04 15:14:17.073234077 -0500

+++ b/support/links-dso-program-c.c	2019-11-04 15:15:10.580216069 -0500

@@ -1,9 +1,26 @@

 #include <stdio.h>

+/* makedb needs selinux dso's.  */

+#ifdef HAVE_SELINUX

+# include <selinux/selinux.h>

+#endif

+

+/* The purpose of this file is to indicate to the build system which

+   shared objects need to be copied into the testroot, such as gcc or

+   selinux support libraries.  This program is never executed, only

+   scanned for dependencies on shared objects, so the code below may

+   seem weird - it's written to survive gcc optimization and force

+   such dependencies.

+*/

+

 int

 main (int argc, char **argv)

 {

   /* Complexity to keep gcc from optimizing this away.  */

   printf ("This is a test %s.\n", argc > 1 ? argv[1] : "null");

+#ifdef HAVE_SELINUX

+  /* This exists to force libselinux.so to be required.  */

+  printf ("selinux %d\n", is_selinux_enabled ());

+#endif

   return 0;

 }

diff -rupN a/support/links-dso-program.cc b/support/links-dso-program.cc

--- a/support/links-dso-program.cc	2019-11-04 15:14:17.079234300 -0500

+++ b/support/links-dso-program.cc	2019-11-04 15:15:10.587216328 -0500

@@ -1,11 +1,28 @@

 #include <iostream>

+/* makedb needs selinux dso's.  */

+#ifdef HAVE_SELINUX

+# include <selinux/selinux.h>

+#endif

+

 using namespace std;

+/* The purpose of this file is to indicate to the build system which

+   shared objects need to be copied into the testroot, such as gcc or

+   selinux support libraries.  This program is never executed, only

+   scanned for dependencies on shared objects, so the code below may

+   seem weird - it's written to survive gcc optimization and force

+   such dependencies.

+*/

+

 int

 main (int argc, char **argv)

 {

   /* Complexity to keep gcc from optimizing this away.  */

   cout << (argc > 1 ? argv[1] : "null");

+#ifdef HAVE_SELINUX

+  /* This exists to force libselinux.so to be required.  */

+  cout << "selinux " << is_selinux_enabled ();

+#endif

   return 0;

 }