diff options
| author | Siddhesh Poyarekar <siddhesh@redhat.com> | 2014-03-27 07:15:22 +0530 |
|---|---|---|
| committer | Siddhesh Poyarekar <siddhesh@redhat.com> | 2014-03-27 07:15:22 +0530 |
| commit | fbd6b5a4052316f7eb03c4617eebfaafc59dcc06 (patch) | |
| tree | fee9e38f7d76dd576f37952e68f68a2e527f5c27 | |
| parent | 1b26b855b4e5ca540db47e3c27eaed6b78ca8b87 (diff) | |
| download | glibc-fbd6b5a4052316f7eb03c4617eebfaafc59dcc06.tar.gz glibc-fbd6b5a4052316f7eb03c4617eebfaafc59dcc06.tar.xz glibc-fbd6b5a4052316f7eb03c4617eebfaafc59dcc06.zip | |
Fix nscd lookup for innetgr when netgroup has wildcards (BZ #16758)
nscd works correctly when the request in innetgr is a wildcard,
i.e. when one or more of host, user or domain parameters is NULL.
However, it does not work when the the triplet in the netgroup
definition has a wildcard. This is easy to reproduce for a triplet
defined as follows:
foonet (,foo,)
Here, an innetgr call that looks like this:
innetgr ("foonet", "foohost", "foo", NULL);
should succeed and so should:
innetgr ("foonet", NULL, "foo", "foodomain");
It does succeed with nscd disabled, but not with nscd enabled. This
fix adds this additional check for all three parts of the triplet so
that it gives the correct result.
[BZ #16758]
* nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has
blank values.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | nscd/netgroupcache.c | 10 |
3 files changed, 14 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog index 2cc0bce42a..404ef7af2b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2014-03-27 Siddhesh Poyarekar <siddhesh@redhat.com> + + [BZ #16758] + * nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has + blank values. + 2014-03-26 Paul Pluzhnikov <ppluzhnikov@google.com> * elf/dl-load.c: Convert __builtin_expect into __glibc_{un}likely. diff --git a/NEWS b/NEWS index 6f16584a5f..895c640c5e 100644 --- a/NEWS +++ b/NEWS @@ -12,7 +12,7 @@ Version 2.20 15347, 15804, 15894, 16002, 16198, 16284, 16357, 16447, 16532, 16545, 16574, 16599, 16600, 16609, 16610, 16611, 16613, 16623, 16632, 16634, 16639, 16642, 16649, 16670, 16674, 16677, 16680, 16683, 16689, 16695, - 16701, 16706, 16707, 16712, 16713, 16714, 16731, 16743. + 16701, 16706, 16707, 16712, 16713, 16714, 16731, 16743, 16758. * Running the testsuite no longer terminates as soon as a test fails. Instead, a file tests.sum (xtests.sum from "make xcheck") is generated, diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c index 5ba1e1f277..5d15aa49f4 100644 --- a/nscd/netgroupcache.c +++ b/nscd/netgroupcache.c @@ -560,15 +560,19 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, { bool success = true; - if (host != NULL) + /* For the host, user and domain in each triplet, we assume success + if the value is blank because that is how the wildcard entry to + match anything is stored in the netgroup cache. */ + if (host != NULL && *triplets != '\0') success = strcmp (host, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && user != NULL) + if (success && user != NULL && *triplets != '\0') success = strcmp (user, triplets) == 0; triplets = (const char *) rawmemchr (triplets, '\0') + 1; - if (success && (domain == NULL || strcmp (domain, triplets) == 0)) + if (success && (domain == NULL || *triplets == '\0' + || strcmp (domain, triplets) == 0)) { dataset->resp.result = 1; break; |