|
 |
e354a5 |
From 23ed36735af09c258e542266aaed92cdd8571c6c Mon Sep 17 00:00:00 2001
|
|
|
e354a5 |
From: Florian Weimer <fweimer@redhat.com>
|
|
|
e354a5 |
Date: Thu, 16 Jul 2020 16:21:28 +0200
|
|
|
e354a5 |
Subject: [PATCH 02/11] nss_compat: Do not use mmap to read database files (bug
|
|
|
e354a5 |
26258)
|
|
|
e354a5 |
|
|
|
e354a5 |
This avoids crashes in case the files are truncated for some reason.
|
|
|
e354a5 |
For typically file sizes, it is also going to be slightly faster.
|
|
|
e354a5 |
Using __nss_files_fopen instead mirrors what nss_files does.
|
|
|
e354a5 |
|
|
|
e354a5 |
Tested-by: Carlos O'Donell <carlos@redhat.com>
|
|
|
e354a5 |
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
|
e354a5 |
---
|
|
|
e354a5 |
nss/nss_compat/compat-grp.c | 6 ++----
|
|
|
e354a5 |
nss/nss_compat/compat-initgroups.c | 6 ++----
|
|
|
e354a5 |
nss/nss_compat/compat-pwd.c | 6 ++----
|
|
|
e354a5 |
nss/nss_compat/compat-spwd.c | 6 ++----
|
|
|
e354a5 |
4 files changed, 8 insertions(+), 16 deletions(-)
|
|
|
e354a5 |
|
|
|
e354a5 |
diff -rup a/nss/nss_compat/compat-grp.c b/nss/nss_compat/compat-grp.c
|
|
|
e354a5 |
--- a/nss/nss_compat/compat-grp.c 2020-09-14 15:49:18.248178627 -0400
|
|
|
e354a5 |
+++ b/nss/nss_compat/compat-grp.c 2020-09-14 17:18:22.514977541 -0400
|
|
|
e354a5 |
@@ -26,6 +26,7 @@
|
|
|
e354a5 |
#include <string.h>
|
|
|
e354a5 |
#include <libc-lock.h>
|
|
|
e354a5 |
#include <kernel-features.h>
|
|
|
e354a5 |
+#include <nss_files.h>
|
|
|
e354a5 |
|
|
|
e354a5 |
static service_user *ni;
|
|
|
e354a5 |
static enum nss_status (*nss_setgrent) (int stayopen);
|
|
|
e354a5 |
@@ -106,13 +107,10 @@ internal_setgrent (ent_t *ent, int stayo
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
{
|
|
|
e354a5 |
- ent->stream = fopen ("/etc/group", "rme");
|
|
|
e354a5 |
+ ent->stream = __nss_files_fopen ("/etc/group");
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
|
e354a5 |
- else
|
|
|
e354a5 |
- /* We take care of locking ourself. */
|
|
|
e354a5 |
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
|
e354a5 |
}
|
|
|
e354a5 |
else
|
|
|
e354a5 |
rewind (ent->stream);
|
|
|
e354a5 |
diff -rup a/nss/nss_compat/compat-initgroups.c b/nss/nss_compat/compat-initgroups.c
|
|
|
e354a5 |
--- a/nss/nss_compat/compat-initgroups.c 2020-09-14 15:49:18.255178892 -0400
|
|
|
e354a5 |
+++ b/nss/nss_compat/compat-initgroups.c 2020-09-14 17:18:22.519977728 -0400
|
|
|
e354a5 |
@@ -29,6 +29,7 @@
|
|
|
e354a5 |
#include <libc-lock.h>
|
|
|
e354a5 |
#include <kernel-features.h>
|
|
|
e354a5 |
#include <scratch_buffer.h>
|
|
|
e354a5 |
+#include <nss_files.h>
|
|
|
e354a5 |
|
|
|
e354a5 |
static service_user *ni;
|
|
|
e354a5 |
/* Type of the lookup function. */
|
|
|
e354a5 |
@@ -121,13 +122,10 @@ internal_setgrent (ent_t *ent)
|
|
|
e354a5 |
else
|
|
|
e354a5 |
ent->blacklist.current = 0;
|
|
|
e354a5 |
|
|
|
e354a5 |
- ent->stream = fopen ("/etc/group", "rme");
|
|
|
e354a5 |
+ ent->stream = __nss_files_fopen ("/etc/group");
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
|
e354a5 |
- else
|
|
|
e354a5 |
- /* We take care of locking ourself. */
|
|
|
e354a5 |
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
|
e354a5 |
|
|
|
e354a5 |
return status;
|
|
|
e354a5 |
}
|
|
|
e354a5 |
diff -rup a/nss/nss_compat/compat-pwd.c b/nss/nss_compat/compat-pwd.c
|
|
|
e354a5 |
--- a/nss/nss_compat/compat-pwd.c 2020-09-14 15:49:18.260179081 -0400
|
|
|
e354a5 |
+++ b/nss/nss_compat/compat-pwd.c 2020-09-14 17:18:22.523977879 -0400
|
|
|
e354a5 |
@@ -27,6 +27,7 @@
|
|
|
e354a5 |
#include <string.h>
|
|
|
e354a5 |
#include <libc-lock.h>
|
|
|
e354a5 |
#include <kernel-features.h>
|
|
|
e354a5 |
+#include <nss_files.h>
|
|
|
e354a5 |
|
|
|
e354a5 |
#include "netgroup.h"
|
|
|
e354a5 |
#include "nisdomain.h"
|
|
|
e354a5 |
@@ -221,13 +222,10 @@ internal_setpwent (ent_t *ent, int stayo
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
{
|
|
|
e354a5 |
- ent->stream = fopen ("/etc/passwd", "rme");
|
|
|
e354a5 |
+ ent->stream = __nss_files_fopen ("/etc/passwd");
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
|
e354a5 |
- else
|
|
|
e354a5 |
- /* We take care of locking ourself. */
|
|
|
e354a5 |
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
|
e354a5 |
}
|
|
|
e354a5 |
else
|
|
|
e354a5 |
rewind (ent->stream);
|
|
|
e354a5 |
diff -rup a/nss/nss_compat/compat-spwd.c b/nss/nss_compat/compat-spwd.c
|
|
|
e354a5 |
--- a/nss/nss_compat/compat-spwd.c 2020-09-14 15:49:18.264179232 -0400
|
|
|
e354a5 |
+++ b/nss/nss_compat/compat-spwd.c 2020-09-14 17:18:22.527978029 -0400
|
|
|
e354a5 |
@@ -27,6 +27,7 @@
|
|
|
e354a5 |
#include <string.h>
|
|
|
e354a5 |
#include <libc-lock.h>
|
|
|
e354a5 |
#include <kernel-features.h>
|
|
|
e354a5 |
+#include <nss_files.h>
|
|
|
e354a5 |
|
|
|
e354a5 |
#include "netgroup.h"
|
|
|
e354a5 |
#include "nisdomain.h"
|
|
|
e354a5 |
@@ -177,13 +178,10 @@ internal_setspent (ent_t *ent, int stayo
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
{
|
|
|
e354a5 |
- ent->stream = fopen ("/etc/shadow", "rme");
|
|
|
e354a5 |
+ ent->stream = __nss_files_fopen ("/etc/shadow");
|
|
|
e354a5 |
|
|
|
e354a5 |
if (ent->stream == NULL)
|
|
|
e354a5 |
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
|
e354a5 |
- else
|
|
|
e354a5 |
- /* We take care of locking ourself. */
|
|
|
e354a5 |
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
|
e354a5 |
}
|
|
|
e354a5 |
else
|
|
|
e354a5 |
rewind (ent->stream);
|