about summary refs log tree commit diff
path: root/nss/nss_files
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright dates with scripts/update-copyrightsPaul Eggert2024-01-0116-16/+16
|
* Restore lookup of IPv4 mapped addresses in files database (bug 25457)Andreas Schwab2023-07-241-9/+15
| | | | | This was broken by commit 9c02d0784d ("nss_files: Remove RES_USE_INET6 from hosts processing"), which removed too much.
* Fix all the remaining misspellings -- BZ 25337Paul Pluzhnikov2023-06-021-1/+1
|
* Use uintptr_t instead of performing pointer subtraction with a null pointerQihao Chencao2023-02-172-2/+2
| | | | | | Signed-off-by: Qihao Chencao <twose@qq.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Update copyright dates with scripts/update-copyrightsJoseph Myers2023-01-0616-16/+16
|
* Update copyright dates with scripts/update-copyrightsPaul Eggert2022-01-0116-16/+16
| | | | | | | | | | | | | | | | | | | | | | | I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 7061 files FOO. I then removed trailing white space from math/tgmath.h, support/tst-support-open-dev-null-range.c, and sysdeps/x86_64/multiarch/strlen-vec.S, to work around the following obscure pre-commit check failure diagnostics from Savannah. I don't know why I run into these diagnostics whereas others evidently do not. remote: *** 912-#endif remote: *** 913: remote: *** 914- remote: *** error: lines with trailing whitespace found ... remote: *** error: sysdeps/unix/sysv/linux/statx_cp.c: trailing lines
* Remove "Contributed by" linesSiddhesh Poyarekar2021-09-032-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | We stopped adding "Contributed by" or similar lines in sources in 2012 in favour of git logs and keeping the Contributors section of the glibc manual up to date. Removing these lines makes the license header a bit more consistent across files and also removes the possibility of error in attribution when license blocks or files are copied across since the contributed-by lines don't actually reflect reality in those cases. Move all "Contributed by" and similar lines (Written by, Test by, etc.) into a new file CONTRIBUTED-BY to retain record of these contributions. These contributors are also mentioned in manual/contrib.texi, so we just maintain this additional record as a courtesy to the earlier developers. The following scripts were used to filter a list of files to edit in place and to clean up the CONTRIBUTED-BY file respectively. These were not added to the glibc sources because they're not expected to be of any use in future given that this is a one time task: https://gist.github.com/siddhesh/b5ecac94eabfd72ed2916d6d8157e7dc https://gist.github.com/siddhesh/15ea1f5e435ace9774f485030695ee02 Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Fix linknamespace errors and local-plt-usages in nss_files.Stefan Liebler2021-07-143-7/+7
| | | | | | | | | | | | | | | | | | | After commit f9c8b11ed7726b858cd7b7cea0d3d7c5233d78cf "nss: Access nss_files through direct references", when building with -Os, multiple conform/.../linknamespace tests and elf/check-localplt are failing: Extra PLT reference: libc.so: fgetc_unlocked Extra PLT reference: libc.so: getline Or e.g.: [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] feof_unlocked [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endaliasent -> [libc.a(files-alias.o)] fgetc_unlocked [initial] glob -> [libc.a(glob.o)] __getpwnam_r -> [libc.a(getpwnam_r.o)] __nss_database_custom -> [libc.a(nsswitch.o)] __nss_module_get_function -> [libc.a(nss_module.o)] __nss_files_functions -> [libc.a(nss_files_functions.o)] _nss_files_endnetgrent -> [libc.a(files-netgrp.o)] getline This patch is using the hidden symbols where possible. Instead of fputc_unlocked, __putc_unlocked is used. (Compare to commit eeaa19f75e52d2d48074ae0c423f2311d67c42c6 "mntent: Use __putc_unlocked instead of fputc_unlocked")
* nss: Access nss_files through direct referencesFlorian Weimer2021-07-0715-30/+18
| | | | | | | | This partially fixes static-only NSS support (bug 27959): The files module no longer needs dlopen. Support for the dns module remains to be added, and also support for disabling dlopen altogether. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* nss_files: Move into libcFlorian Weimer2021-07-075-21/+15
| | | | | | This is the first step towards fixing bug 27959. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* nss_files: Add generic code for set*ent, end*ent and file openFlorian Weimer2021-07-073-107/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reduces RSS usage if nss_files is not actually used, and can be used later to make NSS data thread-specific. It also results in a small code size reduction. Before: text data bss dec hex filename 2288 0 72 2360 938 nss/files-alias.os 1807 0 72 1879 757 nss/files-ethers.os 1371 0 72 1443 5a3 nss/files-grp.os 6246 0 72 6318 18ae nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2353 0 72 2425 979 nss/files-network.os 2130 0 72 2202 89a nss/files-proto.os 1372 0 72 1444 5a4 nss/files-pwd.os 2124 0 72 2196 894 nss/files-rpc.os 2265 0 72 2337 921 nss/files-service.os 1125 0 72 1197 4ad nss/files-sgrp.os 1124 0 72 1196 4ac nss/files-spwd.os After: text data bss dec hex filename 2040 0 0 2040 7f8 nss/files-alias.os 1599 0 0 1599 63f nss/files-ethers.os 1155 0 0 1155 483 nss/files-grp.os 6010 0 0 6010 177a nss/files-hosts.os 869 0 0 869 365 nss/files-initgroups.os 666 0 0 666 29a nss/files-init.os 1934 0 0 1934 78e nss/files-netgrp.os 2129 0 0 2129 851 nss/files-network.os 1914 0 0 1914 77a nss/files-proto.os 1156 0 0 1156 484 nss/files-pwd.os 1908 0 0 1908 774 nss/files-rpc.os 2057 0 0 2057 809 nss/files-service.os 909 0 0 909 38d nss/files-sgrp.os 908 0 0 908 38c nss/files-spwd.os 1090 0 8 1098 44a nss/nss_files_data.os 27674 code bytes before, 26344 code bytes after, so it is an overall win despite the extra initialization code. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* nss_files: Allocate nscd file registration data on the heapFlorian Weimer2021-07-071-34/+20
| | | | | | | | | | | | | | | | | | | | | | This is only needed if nss_files is loaded by nscd. Before: text data bss dec hex filename 767 0 24952 25719 6477 nss/files-init.os After: text data bss dec hex filename 666 0 0 666 29a nss/files-init.os Using PATH_MAX bytes unconditionally for the directory name is wasteful, but fixing that would constitute another break of this semi-public ABI. (The other issue is that with symbolic links, an arbitrary set of parent directories may need watching, not just a single one.) Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Update copyright dates with scripts/update-copyrightsPaul Eggert2021-01-0216-16/+16
| | | | | | | | | | | | | | | | I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 6694 files FOO. I then removed trailing white space from benchtests/bench-pthread-locks.c and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this diagnostic from Savannah: remote: *** pre-commit check failed ... remote: *** error: lines with trailing whitespace found remote: error: hook declined to update refs/heads/master
* nss: Add __nss_fgetent_rFlorian Weimer2020-07-211-52/+27
| | | | | | | | | | | | And helper functions __nss_readline, __nss_readline_seek, __nss_parse_line_result. This consolidates common code for handling overlong lines and parse files. Use the new functionality in internal_getent in nss/nss_files/files-XXX.c. Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* nss_files: Use generic result pointer in parse_lineFlorian Weimer2020-07-211-2/+3
| | | | | | | | | | | | | As a result, all parse_line functions have the same prototype, except for that producing struct hostent. This change is ABI-compatible, so it does not alter the internal GLIBC_PRIVATE ABI (otherwise we should probably have renamed the exported functions). A future change will use this to implement a generict fget*ent_r function. Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* nss_files: Consolidate line parse declarations in <nss_files.h>Florian Weimer2020-07-211-0/+1
| | | | | | | | These functions should eventually have the same type, so it makes sense to declare them together. Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* nss_files: Consolidate file opening in __nss_files_fopenFlorian Weimer2020-07-214-10/+9
| | | | | Tested-by: Carlos O'Donell <carlos@redhat.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* nss: Remove cryptographic key support from nss_files, nss_nis, nss_nisplusFlorian Weimer2020-07-071-113/+0
| | | | | | | | The interface has hard-coded buffer sizes and is therefore tied to DES. It also does not match current practice where different services on the same host use different key material. This change simplifies removal of the sunrpc code.
* nss_files: Use NSS_DECLARE_MODULE_FUNCTIONSFlorian Weimer2020-02-1315-0/+38
| | | | Reviewed-by: DJ Delorie <dj@redhat.com>
* Update copyright dates with scripts/update-copyrights.Joseph Myers2020-01-0117-17/+17
|
* Prefer https to http for gnu.org and fsf.org URLsPaul Eggert2019-09-0717-17/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
* nss_files: Remove RES_USE_INET6 from hosts processingFlorian Weimer2019-05-161-27/+11
| | | | | | Since commit 3f8b44be0a658266adff5ece1e4bc3ce097a5dbe ("resolv: Remove support for RES_USE_INET6 and the inet6 option"), res_use_inet6 () always evaluates to false.
* nss_files: Fix /etc/aliases null pointer dereference [BZ #24059]Florian Weimer2019-01-311-0/+10
| | | | | | | | If /etc/aliases ends with a continuation line (a line that starts with whitespace) which does not have a trailing newline character, the file parser would crash due to a null pointer dereference. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Update copyright dates with scripts/update-copyrights.Joseph Myers2019-01-0117-17/+17
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* nss_files: Fix file stream leak in aliases lookup [BZ #23521]Florian Weimer2018-08-141-0/+9
| | | | | In order to get a clean test case, it was necessary to fix partially fixed bug 23522 as well.
* nss_files: Fix re-reading of long lines [BZ #18991]Florian Weimer2018-07-061-71/+50
| | | | | Use the new __libc_readline_unlocked function to pick up reading at the same line in case the buffer needs to be enlarged.
* nss_files: Use struct scratch_buffer instead of extend_alloca [BZ #18023]Florian Weimer2018-06-251-22/+10
|
* Update copyright dates with scripts/update-copyrights.Joseph Myers2018-01-0117-17/+17
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* nss_files: Avoid large buffers with many host addresses [BZ #22078]Florian Weimer2017-10-111-96/+129
| | | | | The previous implementation had at least a quadratic space requirement in the number of host addresses and aliases.
* nss_files: Use struct scratch_buffer for gethostbyname [BZ #18023]Florian Weimer2017-10-111-156/+138
|
* nss_files: Refactor gethostbyname3 multi case into separate functionFlorian Weimer2017-10-101-193/+202
| | | | This is in preparation of further cleanup work.
* Assume that O_CLOEXEC is always defined and worksFlorian Weimer2017-04-183-93/+0
|
* Update copyright dates with scripts/update-copyrights.Joseph Myers2017-01-0118-18/+18
|
* resolv: Deprecate the "inet6" option and RES_USE_INET6 [BZ #19582]Florian Weimer2016-12-311-5/+5
|
* Update copyright dates with scripts/update-copyrights.Joseph Myers2016-01-0418-18/+18
|
* Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).Joseph Myers2015-09-082-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was noted in <https://sourceware.org/ml/libc-alpha/2012-09/msg00305.html> that the bits/*.h naming scheme should only be used for installed headers. This patch renames bits/libc-lock.h to plain libc-lock.h and bits/libc-lockP.h to plain libc-lockP.h to follow that convention. Note that I don't know where libc-lockP.h comes from for Hurd (the Hurd libc-lock.h includes libc-lockP.h, but the only libc-lockP.h in the glibc source tree is for NPTL) - some unmerged patch? - but I updated the #include in the Hurd libc-lock.h anyway. Tested for x86_64 (testsuite, and that installed stripped shared libraries are unchanged by the patch). [BZ #14912] * bits/libc-lock.h: Move to ... * sysdeps/generic/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/mach/hurd/bits/libc-lock.h: Move to ... * sysdeps/mach/hurd/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. [_LIBC]: Include <libc-lockP.h> instead of <bits/libc-lockP.h>. * sysdeps/mach/bits/libc-lock.h: Move to ... * sysdeps/mach/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/nptl/bits/libc-lock.h: Move to ... * sysdeps/nptl/libc-lock.h: ...here. (_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H. * sysdeps/nptl/bits/libc-lockP.h: Move to ... * sysdeps/nptl/libc-lockP.h: ...here. (_BITS_LIBC_LOCKP_H): Rename macro to _LIBC_LOCKP_H. * crypt/crypt_util.c: Include <libc-lock.h> instead of <bits/libc-lock.h>. * dirent/scandir-tail.c: Likewise. * dlfcn/dlerror.c: Likewise. * elf/dl-close.c: Likewise. * elf/dl-iteratephdr.c: Likewise. * elf/dl-lookup.c: Likewise. * elf/dl-open.c: Likewise. * elf/dl-support.c: Likewise. * elf/dl-writev.h: Likewise. * elf/rtld.c: Likewise. * grp/fgetgrent.c: Likewise. * gshadow/fgetsgent.c: Likewise. * gshadow/sgetsgent.c: Likewise. * iconv/gconv_conf.c: Likewise. * iconv/gconv_db.c: Likewise. * iconv/gconv_dl.c: Likewise. * iconv/gconv_int.h: Likewise. * iconv/gconv_trans.c: Likewise. * include/link.h: Likewise. * inet/getnameinfo.c: Likewise. * inet/getnetgrent.c: Likewise. * inet/getnetgrent_r.c: Likewise. * intl/bindtextdom.c: Likewise. * intl/dcigettext.c: Likewise. * intl/finddomain.c: Likewise. * intl/gettextP.h: Likewise. * intl/loadmsgcat.c: Likewise. * intl/localealias.c: Likewise. * intl/textdomain.c: Likewise. * libidn/idn-stub.c: Likewise. * libio/libioP.h: Likewise. * locale/duplocale.c: Likewise. * locale/freelocale.c: Likewise. * locale/newlocale.c: Likewise. * locale/setlocale.c: Likewise. * login/getutent_r.c: Likewise. * login/getutid_r.c: Likewise. * login/getutline_r.c: Likewise. * login/utmp-private.h: Likewise. * login/utmpname.c: Likewise. * malloc/mtrace.c: Likewise. * misc/efgcvt.c: Likewise. * misc/error.c: Likewise. * misc/fstab.c: Likewise. * misc/getpass.c: Likewise. * misc/mntent.c: Likewise. * misc/syslog.c: Likewise. * nis/nis_call.c: Likewise. * nis/nis_callback.c: Likewise. * nis/nss-default.c: Likewise. * nis/nss_compat/compat-grp.c: Likewise. * nis/nss_compat/compat-initgroups.c: Likewise. * nis/nss_compat/compat-pwd.c: Likewise. * nis/nss_compat/compat-spwd.c: Likewise. * nis/nss_nis/nis-alias.c: Likewise. * nis/nss_nis/nis-ethers.c: Likewise. * nis/nss_nis/nis-grp.c: Likewise. * nis/nss_nis/nis-hosts.c: Likewise. * nis/nss_nis/nis-network.c: Likewise. * nis/nss_nis/nis-proto.c: Likewise. * nis/nss_nis/nis-pwd.c: Likewise. * nis/nss_nis/nis-rpc.c: Likewise. * nis/nss_nis/nis-service.c: Likewise. * nis/nss_nis/nis-spwd.c: Likewise. * nis/nss_nisplus/nisplus-alias.c: Likewise. * nis/nss_nisplus/nisplus-ethers.c: Likewise. * nis/nss_nisplus/nisplus-grp.c: Likewise. * nis/nss_nisplus/nisplus-hosts.c: Likewise. * nis/nss_nisplus/nisplus-initgroups.c: Likewise. * nis/nss_nisplus/nisplus-network.c: Likewise. * nis/nss_nisplus/nisplus-proto.c: Likewise. * nis/nss_nisplus/nisplus-pwd.c: Likewise. * nis/nss_nisplus/nisplus-rpc.c: Likewise. * nis/nss_nisplus/nisplus-service.c: Likewise. * nis/nss_nisplus/nisplus-spwd.c: Likewise. * nis/ypclnt.c: Likewise. * nptl/libc_pthread_init.c: Likewise. * nss/getXXbyYY.c: Likewise. * nss/getXXent.c: Likewise. * nss/getXXent_r.c: Likewise. * nss/nss_db/db-XXX.c: Likewise. * nss/nss_db/db-netgrp.c: Likewise. * nss/nss_db/nss_db.h: Likewise. * nss/nss_files/files-XXX.c: Likewise. * nss/nss_files/files-alias.c: Likewise. * nss/nsswitch.c: Likewise. * posix/regex_internal.h: Likewise. * posix/wordexp.c: Likewise. * pwd/fgetpwent.c: Likewise. * resolv/res_hconf.c: Likewise. * resolv/res_libc.c: Likewise. * shadow/fgetspent.c: Likewise. * shadow/lckpwdf.c: Likewise. * shadow/sgetspent.c: Likewise. * socket/opensock.c: Likewise. * stdio-common/reg-modifier.c: Likewise. * stdio-common/reg-printf.c: Likewise. * stdio-common/reg-type.c: Likewise. * stdio-common/vfprintf.c: Likewise. * stdio-common/vfscanf.c: Likewise. * stdlib/abort.c: Likewise. * stdlib/cxa_atexit.c: Likewise. * stdlib/fmtmsg.c: Likewise. * stdlib/random.c: Likewise. * stdlib/setenv.c: Likewise. * string/strsignal.c: Likewise. * sunrpc/auth_none.c: Likewise. * sunrpc/bindrsvprt.c: Likewise. * sunrpc/create_xid.c: Likewise. * sunrpc/key_call.c: Likewise. * sunrpc/rpc_thread.c: Likewise. * sysdeps/arm/backtrace.c: Likewise. * sysdeps/generic/ldsodefs.h: Likewise. * sysdeps/generic/stdio-lock.h: Likewise. * sysdeps/generic/unwind-dw2-fde.c: Likewise. * sysdeps/i386/backtrace.c: Likewise. * sysdeps/ieee754/ldbl-opt/nldbl-compat.c: Likewise. * sysdeps/m68k/backtrace.c: Likewise. * sysdeps/mach/hurd/cthreads.c: Likewise. * sysdeps/mach/hurd/dirstream.h: Likewise. * sysdeps/mach/hurd/malloc-machine.h: Likewise. * sysdeps/nptl/malloc-machine.h: Likewise. * sysdeps/nptl/stdio-lock.h: Likewise. * sysdeps/posix/dirstream.h: Likewise. * sysdeps/posix/getaddrinfo.c: Likewise. * sysdeps/posix/system.c: Likewise. * sysdeps/pthread/aio_suspend.c: Likewise. * sysdeps/s390/s390-32/backtrace.c: Likewise. * sysdeps/s390/s390-64/backtrace.c: Likewise. * sysdeps/unix/sysv/linux/check_pf.c: Likewise. * sysdeps/unix/sysv/linux/if_index.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutent_r.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutid_r.c: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/getutline_r.c: Likewise. * sysdeps/unix/sysv/linux/shm-directory.c: Likewise. * sysdeps/unix/sysv/linux/system.c: Likewise. * sysdeps/x86_64/backtrace.c: Likewise. * time/alt_digit.c: Likewise. * time/era.c: Likewise. * time/tzset.c: Likewise. * wcsmbs/wcsmbsload.c: Likewise. * nptl/tst-initializers1.c (do_test): Refer to <libc-lock.h> instead of <bits/libc-lock.h> in comment.
* Separate internal state between getXXent and getXXbyYY NSS calls (bug 18007)Andreas Schwab2015-05-113-167/+67
|
* CVE-2014-8121: Do not close NSS files database during iteration [BZ #18007]Florian Weimer2015-04-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Robin Hack discovered Samba would enter an infinite loop processing certain quota-related requests. We eventually tracked this down to a glibc issue. Running a (simplified) test case under strace shows that /etc/passwd is continuously opened and closed: … open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717 lseek(3, 2717, SEEK_SET) = 2717 close(3) = 0 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 lseek(3, 0, SEEK_SET) = 0 read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717 lseek(3, 2717, SEEK_SET) = 2717 close(3) = 0 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 lseek(3, 0, SEEK_CUR) = 0 … The lookup function implementation in nss/nss_files/files-XXX.c:DB_LOOKUP has code to prevent that. It is supposed skip closing the input file if it was already open. /* Reset file pointer to beginning or open file. */ \ status = internal_setent (keep_stream); \ \ if (status == NSS_STATUS_SUCCESS) \ { \ /* Tell getent function that we have repositioned the file pointer. */ \ last_use = getby; \ \ while ((status = internal_getent (result, buffer, buflen, errnop \ H_ERRNO_ARG EXTRA_ARGS_VALUE)) \ == NSS_STATUS_SUCCESS) \ { break_if_match } \ \ if (! keep_stream) \ internal_endent (); \ } \ keep_stream is initialized from the stayopen flag in internal_setent. internal_setent is called from the set*ent implementation as: status = internal_setent (stayopen); However, for non-host database, this flag is always 0, per the STAYOPEN magic in nss/getXXent_r.c. Thus, the fix is this: - status = internal_setent (stayopen); + status = internal_setent (1); This is not a behavioral change even for the hosts database (where the application can specify the stayopen flag) because with a call to sethostent(0), the file handle is still not closed in the implementation of gethostent.
* Enhance nscd's inotify support (Bug 14906).Carlos O'Donell2015-03-131-25/+21
| | | | | | | | | | | | | | | | | | | | | | In bug 14906 the user complains that the inotify support in nscd is not sufficient when it comes to detecting changes in the configurationfiles that should be watched for the various databases. The current nscd implementation uses inotify to watch for changes in the configuration files, but adds watches only for IN_DELETE_SELF and IN_MODIFY. These watches are insufficient to cover even the most basic uses by a system administrator. For example using emacs or vim to edit a configuration file should trigger a reload but it might not if the editors use move to atomically update the file. This atomic update changes the inode and thus removes the notification on the file (as inotify is based on inodes). Thus the inotify support in nscd for configuration files is insufficient to account for the average use cases of system administrators and users. The inotify support is significantly enhanced and described here: https://www.sourceware.org/ml/libc-alpha/2015-02/msg00504.html Tested on x86_64 with and without inotify support.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2015-01-0218-18/+18
|
* Remove IS_IN_libcSiddhesh Poyarekar2014-11-241-1/+1
| | | | | | | | | Replace it with IS_IN (libc) and remove the one place that it is defined in. The generated code remains unchanged on x86_64. * include/shlib-compat.h [!NOT_IN_libc]: Remove. * nss/nss_files/files-parse.c (IS_IN_libc): Replace with IS_IN (libc).
* BZ#14498: fix infinite loop in nss_db_getservbynameAlexandre Oliva2014-11-211-2/+5
| | | | | | | | | | | | | | | | nss_db uses nss_files code for services, but a continue on protocol mismatch that doesn't affect nss_files skipped the code that advanced to the next db entry. Any one of these changes would suffice to fix it, but fixing both makes them both safer to reuse elsewhere. for ChangeLog [BZ #14498] * NEWS: Fixed. * nss/nss_db/db-XXX.c (_nss_db_get##name##_r): Update hidx after parsing line but before break_if_match. * nss/nss_files/files-service (DB_LOOKUP): Don't "continue;" if there is a protocol mismatch.
* Don't ignore too long lines in nss_files (BZ #17079)Andreas Schwab2014-06-231-1/+3
|
* Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)Siddhesh Poyarekar2014-05-261-1/+1
| | | | | | | | | | | | The netgroups nss modules in the glibc tree use NSS_STATUS_UNAVAIL (with errno as ERANGE) when the supplied buffer does not have sufficient space for the result. This is wrong, because the canonical way to indicate insufficient buffer is to set the errno to ERANGE and the status to NSS_STATUS_TRYAGAIN, as is used by all other modules. This fixes nscd behaviour when the nss_ldap module returns NSS_STATUS_TRYAGAIN to indicate that a netgroup entry is too long to fit into the supplied buffer.
* Use glibc_likely instead __builtin_expect.Ondřej Bílka2014-02-101-1/+1
|
* Fix invalid memory access when parsing netgroup files with blank lines (BZ ↵Siddhesh Poyarekar2014-01-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | #16506) The netgroups file parsing code tries to access the character before the newline in parsed lines to see if it is a backslash (\). This results in an access before the block allocated for the line if the line is blank, i.e. does not have anything other than the newline character. This doesn't seem like it will cause any crashes because the byte belongs to the malloc metadata block and hence access to it will always succeed. There could be an invalid alteration in code flow where a blank line is seen as a continuation due to the preceding byte *happening* to be '\\'. This could be done by interposing malloc, but that's not really a security problem since one could interpose getnetgrent_r itself and achieve a similar 'exploit'. The possibility of actually exploiting this is remote to impossible since it also requires the previous line to end with a '\\', which would happen only on invalid configurations.
* Update copyright notices with scripts/update-copyrightsAllan McRae2014-01-0118-18/+18
|
* Use herrnop directlySiddhesh Poyarekar2013-12-021-2/+2
| | | | | H_ERRNO_ARGS is unnecessary since we this file is specifically for hosts lookup.
* Get canonical name in getaddrinfo from hosts file for AF_INET (fixes 16077)Siddhesh Poyarekar2013-11-281-250/+257
| | | | | | | | AF_INET lookup in hosts file uses _nss_files_gethostbyname2_r, which is not capable of returning a canonical name if it has found one. This change adds _nss_files_gethostbyname3_r, which wraps around _nss_files_gethostbyname2_r and then returns result.h_name as the canonical name.
* Fix reads for sizes larger than INT_MAX in AF_INET lookupSiddhesh Poyarekar2013-10-301-8/+51
| | | | | | | | | | | | | | | Currently for AF_INET lookups from the hosts file, buffer sizes larger than INT_MAX silently overflow and may result in access beyond bounds of a buffer. This happens when the number of results in an AF_INET lookup in /etc/hosts are very large. There are two aspects to the problem. One problem is that the size computed from the buffer size is stored into an int, which results in overflow for large sizes. Additionally, even if this size was expanded, the function used to read content into the buffer (fgets) accepts only int sizes. As a result, the fix is to have a function wrap around fgets that calls it multiple times with int sizes if necessary.