summary refs log tree commit diff
path: root/nss
Commit message (Collapse)AuthorAgeFilesLines
* Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)Siddhesh Poyarekar2014-05-261-1/+1
| | | | | | | | | | | | The netgroups nss modules in the glibc tree use NSS_STATUS_UNAVAIL (with errno as ERANGE) when the supplied buffer does not have sufficient space for the result. This is wrong, because the canonical way to indicate insufficient buffer is to set the errno to ERANGE and the status to NSS_STATUS_TRYAGAIN, as is used by all other modules. This fixes nscd behaviour when the nss_ldap module returns NSS_STATUS_TRYAGAIN to indicate that a netgroup entry is too long to fit into the supplied buffer.
* Consistently include Makeconfig after defining subdir.Joseph Myers2014-02-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In <https://sourceware.org/ml/libc-alpha/2014-01/msg00196.html> I noted it was necessary to add includes of Makeconfig early in various subdirectory makefiles for the tests-special variable settings added by that patch to be conditional on configuration information. No-one commented on the general question there of whether Makeconfig should always be included immediately after the definition of subdir. This patch implements that early inclusion of Makeconfig in each directory (which is a lot easier than consistent placement of includes of Rules). Includes are added if needed, or moved up if already present. Subdirectory "all:" targets are removed, since Makeconfig provides one. There is potential for further cleanups I haven't done. Rules and Makerules have code such as ifneq "$(findstring env,$(origin headers))" "" headers := endif to override to empty any value of various variables that came from the environment. I think there is a case for Makeconfig setting all the subdirectory variables (other than subdir) to empty to ensure no outside value is going to take effect if a subdirectory fails to define a variable. (A list of such variables, possibly out of date and incomplete, is in manual/maint.texi.) Rules and Makerules would give errors if Makeconfig hadn't already been included, instead of including it themselves. The special code to override values coming from the environment would then be obsolete and could be removed. Tested x86_64, including that installed binaries are identical before and after the patch. * argp/Makefile: Include Makeconfig immediately after defining subdir. * assert/Makefile: Likewise. * benchtests/Makefile: Likewise. * catgets/Makefile: Likewise. * conform/Makefile: Likewise. * crypt/Makefile: Likewise. * csu/Makefile: Likewise. (all): Remove target. * ctype/Makefile: Include Makeconfig immediately after defining subdir. * debug/Makefile: Likewise. * dirent/Makefile: Likewise. * dlfcn/Makefile: Likewise. * gmon/Makefile: Likewise. * gnulib/Makefile: Likewise. * grp/Makefile: Likewise. * gshadow/Makefile: Likewise. * hesiod/Makefile: Likewise. * hurd/Makefile: Likewise. (all): Remove target. * iconvdata/Makefile: Include Makeconfig immediately after defining subdir. * inet/Makefile: Likewise. * intl/Makefile: Likewise. * io/Makefile: Likewise. * libio/Makefile: Likewise. (all): Remove target. * locale/Makefile: Include Makeconfig immediately after defining subdir. * login/Makefile: Likewise. * mach/Makefile: Likewise. (all): Remove target. * malloc/Makefile: Include Makeconfig immediately after defining subdir. (all): Remove target. * manual/Makefile: Include Makeconfig immediately after defining subdir. * math/Makefile: Likewise. * misc/Makefile: Likewise. * nis/Makefile: Likewise. * nss/Makefile: Likewise. * po/Makefile: Likewise. (all): Remove target. * posix/Makefile: Include Makeconfig immediately after defining subdir. * pwd/Makefile: Likewise. * resolv/Makefile: Likewise. * resource/Makefile: Likewise. * rt/Makefile: Likewise. * setjmp/Makefile: Likewise. * shadow/Makefile: Likewise. * signal/Makefile: Likewise. * socket/Makefile: Likewise. * soft-fp/Makefile: Likewise. * stdio-common/Makefile: Likewise. * stdlib/Makefile: Likewise. * streams/Makefile: Likewise. * string/Makefile: Likewise. * sunrpc/Makefile: Likewise. (all): Remove target. * sysvipc/Makefile: Include Makeconfig immediately after defining subdir. * termios/Makefile: Likewise. * time/Makefile: Likewise. * timezone/Makefile: Likewise. (all): Remove target. * wcsmbs/Makefile: Include Makeconfig immediately after defining subdir. * wctype/Makefile: Likewise. libidn/ChangeLog: * Makefile: Include Makeconfig immediately after defining subdir. localedata/ChangeLog: * Makefile: Include Makeconfig immediately after defining subdir. (all): Remove target. nptl/ChangeLog: * Makefile: Include Makeconfig immediately after defining subdir. nptl_db/ChangeLog: * Makefile: Include Makeconfig immediately after defining subdir.
* Use glibc_likely instead __builtin_expect.Ondřej Bílka2014-02-101-1/+1
|
* Fix invalid memory access when parsing netgroup files with blank lines (BZ ↵Siddhesh Poyarekar2014-01-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | #16506) The netgroups file parsing code tries to access the character before the newline in parsed lines to see if it is a backslash (\). This results in an access before the block allocated for the line if the line is blank, i.e. does not have anything other than the newline character. This doesn't seem like it will cause any crashes because the byte belongs to the malloc metadata block and hence access to it will always succeed. There could be an invalid alteration in code flow where a blank line is seen as a continuation due to the preceding byte *happening* to be '\\'. This could be done by interposing malloc, but that's not really a security problem since one could interpose getnetgrent_r itself and achieve a similar 'exploit'. The possibility of actually exploiting this is remote to impossible since it also requires the previous line to end with a '\\', which would happen only on invalid configurations.
* Update remaining copyright datesAllan McRae2014-01-012-2/+2
| | | | Update copyright years that are not handled by scripts/update-copyright.
* Update copyright notices with scripts/update-copyrightsAllan McRae2014-01-0156-56/+56
|
* Use herrnop directlySiddhesh Poyarekar2013-12-021-2/+2
| | | | | H_ERRNO_ARGS is unnecessary since we this file is specifically for hosts lookup.
* Get canonical name in getaddrinfo from hosts file for AF_INET (fixes 16077)Siddhesh Poyarekar2013-11-282-250/+258
| | | | | | | | AF_INET lookup in hosts file uses _nss_files_gethostbyname2_r, which is not capable of returning a canonical name if it has found one. This change adds _nss_files_gethostbyname3_r, which wraps around _nss_files_gethostbyname2_r and then returns result.h_name as the canonical name.
* Make getent services compliant with RFC 6335 section 5.1 Fixes bug 15374Ondřej Bílka2013-11-071-2/+6
| | | | | The RFC 6335 allows services that start with digit (like 3com-tsmux). These were parsed as port number which this patch fixes.
* Fix reads for sizes larger than INT_MAX in AF_INET lookupSiddhesh Poyarekar2013-10-301-8/+51
| | | | | | | | | | | | | | | Currently for AF_INET lookups from the hosts file, buffer sizes larger than INT_MAX silently overflow and may result in access beyond bounds of a buffer. This happens when the number of results in an AF_INET lookup in /etc/hosts are very large. There are two aspects to the problem. One problem is that the size computed from the buffer size is stored into an int, which results in overflow for large sizes. Additionally, even if this size was expanded, the function used to read content into the buffer (fgets) accepts only int sizes. As a result, the fix is to have a function wrap around fgets that calls it multiple times with int sizes if necessary.
* Use proper #include for xdecrypt declarations.Roland McGrath2013-08-261-3/+1
|
* Fix leading whitespaces.Ondrej Bilka2013-06-061-1/+1
|
* Link extra-libs consistently with libc and ld.so.Joseph Myers2013-05-311-7/+5
|
* Set EAI_SYSTEM only when h_errno is NETDB_INTERNALSiddhesh Poyarekar2013-05-211-4/+4
| | | | | | | | | | | | Fixes BZ #15339. NSS_STATUS_UNAVAIL may mean that a necessary input resource is not available. This could occur in a number of cases including when the network is down, system runs out of file descriptors, etc. The correct differentiator in such a case is the h_errno, which gives the nature of failure. In case of failures other than a simple 'not found', we set h_errno as NETDB_INTERNAL and let errno be the identifier for the exact error.
* Fix parsing of numeric hosts in gethostbyname_rAndreas Schwab2013-05-214-55/+63
|
* Add #include <stdint.h> for uint[32|64]_t usage (except installed headers).Ryan S. Arnold2013-05-166-0/+6
|
* Remove non-standard initialisation of flexible array memberAndreas Schwab2013-04-231-1/+8
| | | | This avoids GCC bug 28865.
* Fix getent to call endspent rather than endpwent for shadow database.Jan-Benedict Glaw2013-04-221-1/+1
|
* BZ#14812: Add missing translation marker on some argp option argument names ↵Roland McGrath2013-03-181-1/+1
| | | | in utilities.
* unify xmalloc prototypes & friendsMike Frysinger2013-02-181-4/+1
| | | | | | | | These prototypes are duplicated in many places. Add a dedicated header for holding prototypes for program-specific functions to avoid that. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* Remove lots of inline keywords.Roland McGrath2013-02-071-5/+5
|
* Update copyright notices with scripts/update-copyrights.Joseph Myers2013-01-0254-56/+54
|
* Update copyright years.David S. Miller2013-01-012-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * catgets/gencat.c: Update copyright year. * csu/version.c: Likewise. * debug/catchsegv.sh: Likewise. * debug/pcprofiledump.c: Likewise. * debug/xtrace.sh: Likewise. * elf/ldconfig.c: Likewise. * elf/ldd.bash.in: Likewise. * elf/pldd.c: Likewise. * elf/sotruss.ksh: Likewise. * elf/sprof.c: Likewise. * iconv/iconv_prog.c: Likewise. * iconv/iconvconfig.c: Likewise. * locale/programs/locale.c: Likewise. * locale/programs/localedef.c: Likewise. * login/programs/pt_chown.c: Likewise. * malloc/memusage.sh: Likewise. * malloc/memusagestat.c: Likewise. * malloc/mtrace.pl: Likewise. * nscd/nscd.c: Likewise. * nss/getent.c: Likewise. * nss/makedb.c: Likewise. * posix/getconf.c: Likewise.
* Fix hashtable size calculation when database has exactly one recordSiddhesh Poyarekar2012-11-281-3/+6
| | | | The hash function needs a hashtable of at least size 3 or greater.
* Return EAI_SYSTEM if we're out of file descriptorsSiddhesh Poyarekar2012-11-191-1/+6
| | | | Resolves BZ #14719.
* Support --with-pkgversion and --with-bugurl.Joseph Myers2012-11-092-6/+9
|
* Suppress incorrect link warnings for NSS symbolsChris Metcalf2012-10-305-6/+14
| | | | | | | | | When glibc is built with --enable-static-nss, the warning that using NSS symbols requires the nss shared objects to be present is no longer true, as those symbols are built into libc. Suppress the warning for those symbols by providing a new macro (nss_interface_function) for the NSS functions that is defined as static_link_warning in the normal case, and empty for static NSS.
* Quiet make warning under --disable-shared.Roland McGrath2012-09-281-0/+2
|
* Avoid more warnings in nsswitch.cRoland McGrath2012-09-281-0/+4
|
* Avoid unused static function warning in nsswitch.c.Roland McGrath2012-09-281-0/+2
|
* BZ#13696: Add --disable-nscd configure option.Roland McGrath2012-08-223-4/+16
|
* getXXbyYY_r.c: Fix comment typo: s/FUNCTION_NAME/FUNCTION2_NAME/Jim Meyering2012-08-041-1/+1
|
* Conditionalize use of PTR_MANGLE.Roland McGrath2012-07-311-2/+10
|
* Fix lots of bitrot for stub configurations.Roland McGrath2012-07-305-2/+11
|
* Avoid duplicate DNS requests if answer is longer than a implementationJeroen van Bemmel2012-07-121-2/+5
| | | | | | | | | | | | | | | | limit [BZ #14307] * sysdeps/posix/getaddrinfo.c (gaih_inet): Increase the size of the temporary buffer used to invoke __gethostbyname2_r, __gethostbyaddr_r and gethostbyname4_r to make room for struct host_data / struct gaih_addrtuple. * resolv/nss_dns/dns-host.c (global scope): Move definition of implementation constants MAX_NR_ALIASES and MAX_NR_ADDRS to header file nss/nsswitch.h. * nss/nsswitch.h (global scope): Add definition of implementation constants MAX_NR_ALIASES and MAX_NR_ADDRS (moved from resolv/nss_dns/dns-host.c).
* For [BZ#14122], plug memory leaks in nsswitch.c.Paul Pluzhnikov2012-05-221-24/+70
|
* Hurd: mmap deficienciesThomas Schwinge2012-05-101-0/+4
|
* Hurd: Add missing includesThomas Schwinge2012-05-102-1/+5
|
* 2012-04-06 Paul Pluzhnikov <ppluzhnikov@google.com>Paul Pluzhnikov2012-04-063-9/+26
| | | | | | | | [BZ #13895] * nss/nsswitch.c (nss_load_library, __nss_lookup_function): Avoid extra indirection. * nss/Makefile (tests-static, tests): Add tst-nss-static. * nss/tst-nss-static.c: New.
* Add missing include fileAndreas Jaeger2012-04-061-1/+2
| | | | | | | | | | Compiling on Linux/i586 I get these warnings: nss_db/db-initgroups.c:60:3: warning: implicit declaration of function 'strlen' [-Wimplicit-function-declaration] nss_db/db-initgroups.c:74:7: warning: implicit declaration of function 'strncmp' [-Wimplicit-function-declaration] Fixed with inclusion of <string.h>
* 2012-03-23 Jeff Law <law@redhat.com>Jeff Law2012-03-231-2/+2
| | | | * nss/getnssent.c (__nss_getent): Fix typo.
* 2012-03-23 Daniel Jacobowitz <dmj@google.com>Paul Pluzhnikov2012-03-231-12/+4
| | | | | | | | | | | | | | | | | | | Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #6528] * grp/Makefile (otherlibs): Don't set it. * inet/Makefile (otherlibs): Likewise. * login/Makefile (otherlibs): Likewise. * nscd/Makefile (otherlibs): Likewise. * posix/Makefile (otherlibs): Likewise. * pwd/Makefile (otherlibs): Likewise. * rt/Makefile (otherlibs): Likewise. * sunrpc/Makefile (otherlibs): Likewise. * nss/Makefile (otherlibs): Likewise. Add libnss_files to routines and static-only-routines. ($(objpfx)getent): Remove rule. * resolv/Makefile: Add libnss_dns and libresolv to routines and static-only-routines.
* Add missing string.h include for strcpy calls.David S. Miller2012-03-131-2/+2
| | | | * nss/nss_db/db-init.c: Include string.h
* Remove distribute variable from MakefilesUlrich Drepper2012-03-071-8/+1
|
* Add missing gshadow handling in __nss_configure_lookupUlrich Drepper2012-03-061-1/+2
|
* Replace FSF snail mail address with URLs.Paul Eggert2012-02-0955-165/+110
|
* Optimize xmalloc, xcalloc, xrealloc, and xstrdupUlrich Drepper2012-01-081-2/+4
| | | | | Add alloc_size attribute and apply consistently the malloc attribute to xmalloc, xcalloc, xrealloc, and xstrdup.
* Remove pre-ISO C supportUlrich Drepper2012-01-071-3/+3
| | | | No more __const.
* Also update new programsUlrich Drepper2012-01-011-2/+2
|
* Update copyright yearUlrich Drepper2012-01-011-2/+2
|