diff options
Diffstat (limited to 'nis/nss_compat')
| -rw-r--r-- | nis/nss_compat/compat-grp.c | 29 | ||||
| -rw-r--r-- | nis/nss_compat/compat-pwd.c | 43 | ||||
| -rw-r--r-- | nis/nss_compat/compat-spwd.c | 29 |
3 files changed, 82 insertions, 19 deletions
diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c index 9726784b2d..35ae2f7b02 100644 --- a/nis/nss_compat/compat-grp.c +++ b/nis/nss_compat/compat-grp.c @@ -18,6 +18,7 @@ Boston, MA 02111-1307, USA. */ #include <errno.h> +#include <fcntl.h> #include <nss.h> #include <grp.h> #include <ctype.h> @@ -132,6 +133,26 @@ internal_setgrent (ent_t *ent) if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + else + { + /* We have to make sure the file is `closed on exec'. */ + int result, flags; + + result = flags = fcntl (fileno (ent->stream), F_GETFD, 0); + if (result >= 0) + { + flags |= FD_CLOEXEC; + result = fcntl (fileno (ent->stream), F_SETFD, flags); + } + if (result < 0) + { + /* Something went wrong. Close the stream and return a + failure. */ + fclose (ent->stream); + ent->stream = NULL; + status = NSS_STATUS_UNAVAIL; + } + } } else rewind (ent->stream); @@ -277,7 +298,7 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer, if (!save_nis_first) free (save_oldkey); } - + if (parse_res && in_blacklist (result->gr_name, strlen (result->gr_name), ent)) parse_res = 0; /* if result->gr_name in blacklist,search next entry */ @@ -297,7 +318,7 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer, { nis_result *save_oldres; bool_t save_nis_first; - + if (ent->nis_first) { save_oldres = ent->result; @@ -324,7 +345,7 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer, return niserr2nss (ent->result->status); } } - if ((parse_res = _nss_nisplus_parse_grent (ent->result, 0, result, + if ((parse_res = _nss_nisplus_parse_grent (ent->result, 0, result, buffer, buflen)) == -1) { nis_freeresult (ent->result); @@ -370,7 +391,7 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer, nis_freeresult (res); return status; } - if ((parse_res = _nss_nisplus_parse_grent (res, 0, result, buffer, + if ((parse_res = _nss_nisplus_parse_grent (res, 0, result, buffer, buflen)) == -1) { __set_errno (ERANGE); diff --git a/nis/nss_compat/compat-pwd.c b/nis/nss_compat/compat-pwd.c index af1267922c..6fac0f46c6 100644 --- a/nis/nss_compat/compat-pwd.c +++ b/nis/nss_compat/compat-pwd.c @@ -21,6 +21,7 @@ #include <pwd.h> #include <errno.h> #include <ctype.h> +#include <fcntl.h> #include <netdb.h> #include <string.h> #include <bits/libc-lock.h> @@ -232,6 +233,26 @@ internal_setpwent (ent_t *ent) if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + else + { + /* We have to make sure the file is `closed on exec'. */ + int result, flags; + + result = flags = fcntl (fileno (ent->stream), F_GETFD, 0); + if (result >= 0) + { + flags |= FD_CLOEXEC; + result = fcntl (fileno (ent->stream), F_SETFD, flags); + } + if (result < 0) + { + /* Something went wrong. Close the stream and return a + failure. */ + fclose (ent->stream); + ent->stream = NULL; + status = NSS_STATUS_UNAVAIL; + } + } } else rewind (ent->stream); @@ -274,7 +295,7 @@ internal_endpwent (ent_t *ent) if (ent->netgroup) __internal_endnetgrent (&ent->netgrdata); - + ent->nis = ent->first = ent->netgroup = 0; if (ent->oldkey != NULL) @@ -432,13 +453,13 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group, give_pwd_free (&ent->pwd); return NSS_STATUS_RETURN; } - + if (user == NULL || user[0] == '-') continue; - + if (domain != NULL && strcmp (ypdomain, domain) != 0) continue; - + p2len = pwd_need_buflen (&ent->pwd); if (p2len > buflen) { @@ -457,7 +478,7 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group, nis_freeresult (nisres); continue; } - if ((parse_res = _nss_nisplus_parse_pwent (nisres, result, buffer, + if ((parse_res = _nss_nisplus_parse_pwent (nisres, result, buffer, buflen)) == -1) { nis_freeresult (nisres); @@ -551,7 +572,7 @@ getpwent_next_nisplus (struct passwd *result, ent_t *ent, char *buffer, if (!saved_first) nis_freeresult (saved_res); } - + if (parse_res && in_blacklist (result->pw_name, strlen (result->pw_name), ent)) parse_res = 0; /* if result->pw_name in blacklist,search next entry */ @@ -592,7 +613,7 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer, bool_t saved_first; char *saved_oldkey; int saved_oldlen; - + if (ent->first) { if (yp_first (domain, "passwd.byname", &outkey, &outkeylen, @@ -602,7 +623,7 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer, give_pwd_free (&ent->pwd); return NSS_STATUS_UNAVAIL; } - + saved_first = TRUE; saved_oldkey = ent->oldkey; saved_oldlen = ent->oldkeylen; @@ -699,7 +720,7 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer, nis_freeresult (res); return status; } - if ((parse_res = _nss_nisplus_parse_pwent (res, result, buffer, + if ((parse_res = _nss_nisplus_parse_pwent (res, result, buffer, buflen)) == -1) { nis_freeresult (res); @@ -713,10 +734,10 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer, char *domain; char *outval; int outvallen; - + if (yp_get_default_domain (&domain) != YPERR_SUCCESS) return NSS_STATUS_TRYAGAIN; - + if (yp_match (domain, "passwd.byname", &result->pw_name[1], strlen (result->pw_name) - 1, &outval, &outvallen) != YPERR_SUCCESS) diff --git a/nis/nss_compat/compat-spwd.c b/nis/nss_compat/compat-spwd.c index 61a703c1ea..a4c6201c2d 100644 --- a/nis/nss_compat/compat-spwd.c +++ b/nis/nss_compat/compat-spwd.c @@ -20,6 +20,7 @@ #include <nss.h> #include <errno.h> #include <ctype.h> +#include <fcntl.h> #include <netdb.h> #include <shadow.h> #include <string.h> @@ -184,6 +185,26 @@ internal_setspent (ent_t *ent) if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; + else + { + /* We have to make sure the file is `closed on exec'. */ + int result, flags; + + result = flags = fcntl (fileno (ent->stream), F_GETFD, 0); + if (result >= 0) + { + flags |= FD_CLOEXEC; + result = fcntl (fileno (ent->stream), F_SETFD, flags); + } + if (result < 0) + { + /* Something went wrong. Close the stream and return a + failure. */ + fclose (ent->stream); + ent->stream = NULL; + status = NSS_STATUS_UNAVAIL; + } + } } else rewind (ent->stream); @@ -305,10 +326,10 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group, give_spwd_free (&ent->pwd); return NSS_STATUS_RETURN; } - + if (user == NULL || user[0] == '-') continue; - + if (domain != NULL && strcmp (ypdomain, domain) != 0) continue; @@ -651,7 +672,7 @@ getspent_next_file_plususer (struct spwd *result, char *buffer, nis_freeresult (res); return status; } - if ((parse_res = _nss_nisplus_parse_spent (res, result, buffer, + if ((parse_res = _nss_nisplus_parse_spent (res, result, buffer, buflen)) == -1) { nis_freeresult (res); @@ -735,7 +756,7 @@ getspent_next_file (struct spwd *result, ent_t *ent, __set_errno (ERANGE); return NSS_STATUS_TRYAGAIN; } - + if (result->sp_namp[0] != '+' && result->sp_namp[0] != '-') /* This is a real entry. */ break; |