diff options
| author | Florian Weimer <fweimer@redhat.com> | 2022-03-11 08:23:56 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2022-03-11 08:24:19 +0100 |
| commit | 9bdf92c79d63b42f931101bb6df87129c408b0c4 (patch) | |
| tree | 7efd60fdfd80e687502c0bb1c7b511010153e7a4 /nss/nss_test_errno.c | |
| parent | aefc79ab5ad4bb9feea2876720cec70dca7cd8ed (diff) | |
| download | glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.tar.gz glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.tar.xz glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.zip | |
nss: Protect against errno changes in function lookup (bug 28953)
dlopen may clobber errno. The nss_test_errno module uses an ELF constructor to achieve that, but there could be internal errors during dlopen that cause this, too. Therefore, the NSS framework has to guard against such errno clobbers. __nss_module_get_function is currently the only function that calls __nss_module_load, so it is sufficient to save and restore errno around this call. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'nss/nss_test_errno.c')
| -rw-r--r-- | nss/nss_test_errno.c | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/nss/nss_test_errno.c b/nss/nss_test_errno.c new file mode 100644 index 0000000000..680f8a07b9 --- /dev/null +++ b/nss/nss_test_errno.c @@ -0,0 +1,58 @@ +/* NSS service provider with errno clobber. + Copyright (C) 2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +#include <errno.h> +#include <nss.h> +#include <stdlib.h> + +/* Catch misnamed and functions. */ +#pragma GCC diagnostic error "-Wmissing-prototypes" +NSS_DECLARE_MODULE_FUNCTIONS (test_errno) + +static void __attribute__ ((constructor)) +init (void) +{ + /* An arbitrary error code which is otherwise not used. */ + errno = ELIBBAD; +} + +/* Lookup functions for pwd follow that do not return any data. */ + +/* Catch misnamed function definitions. */ + +enum nss_status +_nss_test_errno_setpwent (int stayopen) +{ + setenv ("_nss_test_errno_setpwent", "yes", 1); + return NSS_STATUS_SUCCESS; +} + +enum nss_status +_nss_test_errno_getpwent_r (struct passwd *result, + char *buffer, size_t size, int *errnop) +{ + setenv ("_nss_test_errno_getpwent_r", "yes", 1); + return NSS_STATUS_NOTFOUND; +} + +enum nss_status +_nss_test_errno_endpwent (void) +{ + setenv ("_nss_test_errno_endpwent", "yes", 1); + return NSS_STATUS_SUCCESS; +} |