Commit Graph

170 Commits

Author SHA1 Message Date
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
Florian Weimer
bdee910e88 nss: Add __nss_fgetent_r
And helper functions __nss_readline, __nss_readline_seek,
 __nss_parse_line_result.

This consolidates common code for handling overlong lines and
parse files.  Use the new functionality in internal_getent
in nss/nss_files/files-XXX.c.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:50 +02:00
Florian Weimer
9980bf0b30 nss_files: Use generic result pointer in parse_line
As a result, all parse_line functions have the same prototype, except
for that producing struct hostent.  This change is ABI-compatible, so
it does not alter the internal GLIBC_PRIVATE ABI (otherwise we should
probably have renamed the exported functions).

A future change will use this to implement a generict fget*ent_r
function.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:33 +02:00
Florian Weimer
e9b2340998 nss_files: Consolidate line parse declarations in <nss_files.h>
These functions should eventually have the same type, so it makes
sense to declare them together.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:33:20 +02:00
Florian Weimer
299210c1fa nss_files: Consolidate file opening in __nss_files_fopen
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-21 07:32:46 +02:00
Florian Weimer
94d9c76e4a nss: Remove cryptographic key support from nss_files, nss_nis, nss_nisplus
The interface has hard-coded buffer sizes and is therefore tied to
DES.  It also does not match current practice where different
services on the same host use different key material.

This change simplifies removal of the sunrpc code.
2020-07-07 20:20:22 +02:00
Florian Weimer
680f109322 nss_files: Use NSS_DECLARE_MODULE_FUNCTIONS
Reviewed-by: DJ Delorie <dj@redhat.com>
2020-02-13 09:14:54 +01:00
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
Paul Eggert
5a82c74822 Prefer https to http for gnu.org and fsf.org URLs
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:

sed -ri '
  s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
  s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
  $(find $(git ls-files) -prune -type f \
      ! -name '*.po' \
      ! -name 'ChangeLog*' \
      ! -path COPYING ! -path COPYING.LIB \
      ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
      ! -path manual/texinfo.tex ! -path scripts/config.guess \
      ! -path scripts/config.sub ! -path scripts/install-sh \
      ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
      ! -path INSTALL ! -path  locale/programs/charmap-kw.h \
      ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
      ! '(' -name configure \
            -execdir test -f configure.ac -o -f configure.in ';' ')' \
      ! '(' -name preconfigure \
            -execdir test -f preconfigure.ac ';' ')' \
      -print)

and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:

  chmod a+x sysdeps/unix/sysv/linux/riscv/configure
  # Omit irrelevant whitespace and comment-only changes,
  # perhaps from a slightly-different Autoconf version.
  git checkout -f \
    sysdeps/csky/configure \
    sysdeps/hppa/configure \
    sysdeps/riscv/configure \
    sysdeps/unix/sysv/linux/csky/configure
  # Omit changes that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
  git checkout -f \
    sysdeps/powerpc/powerpc64/ppc-mcount.S \
    sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
  # Omit change that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
  git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 02:43:31 -07:00
Florian Weimer
9c02d0784d nss_files: Remove RES_USE_INET6 from hosts processing
Since commit 3f8b44be0a ("resolv:
Remove support for RES_USE_INET6 and the inet6 option"),
res_use_inet6 () always evaluates to false.
2019-05-16 15:11:23 +02:00
Florian Weimer
2bac7daa58 nss_files: Fix /etc/aliases null pointer dereference [BZ #24059]
If /etc/aliases ends with a continuation line (a line that starts
with whitespace) which does not have a trailing newline character,
the file parser would crash due to a null pointer dereference.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-01-31 18:49:58 +01:00
Joseph Myers
04277e02d7 Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2019-01-01 00:11:28 +00:00
Florian Weimer
e95c6f6192 nss_files: Fix file stream leak in aliases lookup [BZ #23521]
In order to get a clean test case, it was necessary to fix partially
fixed bug 23522 as well.
2018-08-14 10:52:06 +02:00
Florian Weimer
916124ed84 nss_files: Fix re-reading of long lines [BZ #18991]
Use the new __libc_readline_unlocked function to pick up
reading at the same line in case the buffer needs to be enlarged.
2018-07-06 17:52:54 +02:00
Florian Weimer
43b1048ab9 nss_files: Use struct scratch_buffer instead of extend_alloca [BZ #18023] 2018-06-25 19:48:01 +02:00
Joseph Myers
688903eb3e Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2018-01-01 00:32:25 +00:00
Florian Weimer
d8425e116c nss_files: Avoid large buffers with many host addresses [BZ #22078]
The previous implementation had at least a quadratic space
requirement in the number of host addresses and aliases.
2017-10-11 07:07:51 +02:00
Florian Weimer
78e806fd8c nss_files: Use struct scratch_buffer for gethostbyname [BZ #18023] 2017-10-11 07:01:34 +02:00
Florian Weimer
8ed70de2fa nss_files: Refactor gethostbyname3 multi case into separate function
This is in preparation of further cleanup work.
2017-10-10 11:50:42 +02:00
Florian Weimer
cef9b65376 Assume that O_CLOEXEC is always defined and works 2017-04-18 14:56:51 +02:00
Joseph Myers
bfff8b1bec Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Florian Weimer
b76e065991 resolv: Deprecate the "inet6" option and RES_USE_INET6 [BZ #19582] 2016-12-31 18:55:14 +01:00
Joseph Myers
f7a9f785e5 Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
Joseph Myers
ec999b8e5e Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
It was noted in
<https://sourceware.org/ml/libc-alpha/2012-09/msg00305.html> that the
bits/*.h naming scheme should only be used for installed headers.
This patch renames bits/libc-lock.h to plain libc-lock.h and
bits/libc-lockP.h to plain libc-lockP.h to follow that convention.

Note that I don't know where libc-lockP.h comes from for Hurd (the
Hurd libc-lock.h includes libc-lockP.h, but the only libc-lockP.h in
the glibc source tree is for NPTL) - some unmerged patch? - but I
updated the #include in the Hurd libc-lock.h anyway.

Tested for x86_64 (testsuite, and that installed stripped shared
libraries are unchanged by the patch).

	[BZ #14912]
	* bits/libc-lock.h: Move to ...
	* sysdeps/generic/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/mach/hurd/bits/libc-lock.h: Move to ...
	* sysdeps/mach/hurd/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	[_LIBC]: Include <libc-lockP.h> instead of <bits/libc-lockP.h>.
	* sysdeps/mach/bits/libc-lock.h: Move to ...
	* sysdeps/mach/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/nptl/bits/libc-lock.h: Move to ...
	* sysdeps/nptl/libc-lock.h: ...here.
	(_BITS_LIBC_LOCK_H): Rename macro to _LIBC_LOCK_H.
	* sysdeps/nptl/bits/libc-lockP.h: Move to ...
	* sysdeps/nptl/libc-lockP.h: ...here.
	(_BITS_LIBC_LOCKP_H): Rename macro to _LIBC_LOCKP_H.
	* crypt/crypt_util.c: Include <libc-lock.h> instead of
	<bits/libc-lock.h>.
	* dirent/scandir-tail.c: Likewise.
	* dlfcn/dlerror.c: Likewise.
	* elf/dl-close.c: Likewise.
	* elf/dl-iteratephdr.c: Likewise.
	* elf/dl-lookup.c: Likewise.
	* elf/dl-open.c: Likewise.
	* elf/dl-support.c: Likewise.
	* elf/dl-writev.h: Likewise.
	* elf/rtld.c: Likewise.
	* grp/fgetgrent.c: Likewise.
	* gshadow/fgetsgent.c: Likewise.
	* gshadow/sgetsgent.c: Likewise.
	* iconv/gconv_conf.c: Likewise.
	* iconv/gconv_db.c: Likewise.
	* iconv/gconv_dl.c: Likewise.
	* iconv/gconv_int.h: Likewise.
	* iconv/gconv_trans.c: Likewise.
	* include/link.h: Likewise.
	* inet/getnameinfo.c: Likewise.
	* inet/getnetgrent.c: Likewise.
	* inet/getnetgrent_r.c: Likewise.
	* intl/bindtextdom.c: Likewise.
	* intl/dcigettext.c: Likewise.
	* intl/finddomain.c: Likewise.
	* intl/gettextP.h: Likewise.
	* intl/loadmsgcat.c: Likewise.
	* intl/localealias.c: Likewise.
	* intl/textdomain.c: Likewise.
	* libidn/idn-stub.c: Likewise.
	* libio/libioP.h: Likewise.
	* locale/duplocale.c: Likewise.
	* locale/freelocale.c: Likewise.
	* locale/newlocale.c: Likewise.
	* locale/setlocale.c: Likewise.
	* login/getutent_r.c: Likewise.
	* login/getutid_r.c: Likewise.
	* login/getutline_r.c: Likewise.
	* login/utmp-private.h: Likewise.
	* login/utmpname.c: Likewise.
	* malloc/mtrace.c: Likewise.
	* misc/efgcvt.c: Likewise.
	* misc/error.c: Likewise.
	* misc/fstab.c: Likewise.
	* misc/getpass.c: Likewise.
	* misc/mntent.c: Likewise.
	* misc/syslog.c: Likewise.
	* nis/nis_call.c: Likewise.
	* nis/nis_callback.c: Likewise.
	* nis/nss-default.c: Likewise.
	* nis/nss_compat/compat-grp.c: Likewise.
	* nis/nss_compat/compat-initgroups.c: Likewise.
	* nis/nss_compat/compat-pwd.c: Likewise.
	* nis/nss_compat/compat-spwd.c: Likewise.
	* nis/nss_nis/nis-alias.c: Likewise.
	* nis/nss_nis/nis-ethers.c: Likewise.
	* nis/nss_nis/nis-grp.c: Likewise.
	* nis/nss_nis/nis-hosts.c: Likewise.
	* nis/nss_nis/nis-network.c: Likewise.
	* nis/nss_nis/nis-proto.c: Likewise.
	* nis/nss_nis/nis-pwd.c: Likewise.
	* nis/nss_nis/nis-rpc.c: Likewise.
	* nis/nss_nis/nis-service.c: Likewise.
	* nis/nss_nis/nis-spwd.c: Likewise.
	* nis/nss_nisplus/nisplus-alias.c: Likewise.
	* nis/nss_nisplus/nisplus-ethers.c: Likewise.
	* nis/nss_nisplus/nisplus-grp.c: Likewise.
	* nis/nss_nisplus/nisplus-hosts.c: Likewise.
	* nis/nss_nisplus/nisplus-initgroups.c: Likewise.
	* nis/nss_nisplus/nisplus-network.c: Likewise.
	* nis/nss_nisplus/nisplus-proto.c: Likewise.
	* nis/nss_nisplus/nisplus-pwd.c: Likewise.
	* nis/nss_nisplus/nisplus-rpc.c: Likewise.
	* nis/nss_nisplus/nisplus-service.c: Likewise.
	* nis/nss_nisplus/nisplus-spwd.c: Likewise.
	* nis/ypclnt.c: Likewise.
	* nptl/libc_pthread_init.c: Likewise.
	* nss/getXXbyYY.c: Likewise.
	* nss/getXXent.c: Likewise.
	* nss/getXXent_r.c: Likewise.
	* nss/nss_db/db-XXX.c: Likewise.
	* nss/nss_db/db-netgrp.c: Likewise.
	* nss/nss_db/nss_db.h: Likewise.
	* nss/nss_files/files-XXX.c: Likewise.
	* nss/nss_files/files-alias.c: Likewise.
	* nss/nsswitch.c: Likewise.
	* posix/regex_internal.h: Likewise.
	* posix/wordexp.c: Likewise.
	* pwd/fgetpwent.c: Likewise.
	* resolv/res_hconf.c: Likewise.
	* resolv/res_libc.c: Likewise.
	* shadow/fgetspent.c: Likewise.
	* shadow/lckpwdf.c: Likewise.
	* shadow/sgetspent.c: Likewise.
	* socket/opensock.c: Likewise.
	* stdio-common/reg-modifier.c: Likewise.
	* stdio-common/reg-printf.c: Likewise.
	* stdio-common/reg-type.c: Likewise.
	* stdio-common/vfprintf.c: Likewise.
	* stdio-common/vfscanf.c: Likewise.
	* stdlib/abort.c: Likewise.
	* stdlib/cxa_atexit.c: Likewise.
	* stdlib/fmtmsg.c: Likewise.
	* stdlib/random.c: Likewise.
	* stdlib/setenv.c: Likewise.
	* string/strsignal.c: Likewise.
	* sunrpc/auth_none.c: Likewise.
	* sunrpc/bindrsvprt.c: Likewise.
	* sunrpc/create_xid.c: Likewise.
	* sunrpc/key_call.c: Likewise.
	* sunrpc/rpc_thread.c: Likewise.
	* sysdeps/arm/backtrace.c: Likewise.
	* sysdeps/generic/ldsodefs.h: Likewise.
	* sysdeps/generic/stdio-lock.h: Likewise.
	* sysdeps/generic/unwind-dw2-fde.c: Likewise.
	* sysdeps/i386/backtrace.c: Likewise.
	* sysdeps/ieee754/ldbl-opt/nldbl-compat.c: Likewise.
	* sysdeps/m68k/backtrace.c: Likewise.
	* sysdeps/mach/hurd/cthreads.c: Likewise.
	* sysdeps/mach/hurd/dirstream.h: Likewise.
	* sysdeps/mach/hurd/malloc-machine.h: Likewise.
	* sysdeps/nptl/malloc-machine.h: Likewise.
	* sysdeps/nptl/stdio-lock.h: Likewise.
	* sysdeps/posix/dirstream.h: Likewise.
	* sysdeps/posix/getaddrinfo.c: Likewise.
	* sysdeps/posix/system.c: Likewise.
	* sysdeps/pthread/aio_suspend.c: Likewise.
	* sysdeps/s390/s390-32/backtrace.c: Likewise.
	* sysdeps/s390/s390-64/backtrace.c: Likewise.
	* sysdeps/unix/sysv/linux/check_pf.c: Likewise.
	* sysdeps/unix/sysv/linux/if_index.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutent_r.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutid_r.c: Likewise.
	* sysdeps/unix/sysv/linux/s390/s390-32/getutline_r.c: Likewise.
	* sysdeps/unix/sysv/linux/shm-directory.c: Likewise.
	* sysdeps/unix/sysv/linux/system.c: Likewise.
	* sysdeps/x86_64/backtrace.c: Likewise.
	* time/alt_digit.c: Likewise.
	* time/era.c: Likewise.
	* time/tzset.c: Likewise.
	* wcsmbs/wcsmbsload.c: Likewise.
	* nptl/tst-initializers1.c (do_test): Refer to <libc-lock.h>
	instead of <bits/libc-lock.h> in comment.
2015-09-08 21:11:03 +00:00
Andreas Schwab
b13b96ca05 Separate internal state between getXXent and getXXbyYY NSS calls (bug 18007) 2015-05-11 10:41:49 +02:00
Florian Weimer
03d2730b44 CVE-2014-8121: Do not close NSS files database during iteration [BZ #18007]
Robin Hack discovered Samba would enter an infinite loop processing
certain quota-related requests.  We eventually tracked this down to a
glibc issue.

Running a (simplified) test case under strace shows that /etc/passwd
is continuously opened and closed:

…
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR)                   = 0
read(3, "root0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET)                = 2717
close(3)                                = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR)                   = 0
lseek(3, 0, SEEK_SET)                   = 0
read(3, "root0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET)                = 2717
close(3)                                = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR)                   = 0
…

The lookup function implementation in
nss/nss_files/files-XXX.c:DB_LOOKUP has code to prevent that.  It is
supposed skip closing the input file if it was already open.

  /* Reset file pointer to beginning or open file.  */			      \
  status = internal_setent (keep_stream);				      \
									      \
  if (status == NSS_STATUS_SUCCESS)					      \
    {									      \
      /* Tell getent function that we have repositioned the file pointer.  */ \
      last_use = getby;							      \
									      \
      while ((status = internal_getent (result, buffer, buflen, errnop	      \
					H_ERRNO_ARG EXTRA_ARGS_VALUE))	      \
	     == NSS_STATUS_SUCCESS)					      \
	{ break_if_match }						      \
									      \
      if (! keep_stream)						      \
	internal_endent ();						      \
    }									      \

keep_stream is initialized from the stayopen flag in internal_setent.
internal_setent is called from the set*ent implementation as:

  status = internal_setent (stayopen);

However, for non-host database, this flag is always 0, per the
STAYOPEN magic in nss/getXXent_r.c.

Thus, the fix is this:

-  status = internal_setent (stayopen);
+  status = internal_setent (1);

This is not a behavioral change even for the hosts database (where the
application can specify the stayopen flag) because with a call to
sethostent(0), the file handle is still not closed in the
implementation of gethostent.
2015-04-29 14:41:26 +02:00
Carlos O'Donell
cf9313e7d1 Enhance nscd's inotify support (Bug 14906).
In bug 14906 the user complains that the inotify support in nscd
is not sufficient when it comes to detecting changes in the
configurationfiles that should be watched for the various databases.

The current nscd implementation uses inotify to watch for changes in
the configuration files, but adds watches only for IN_DELETE_SELF and
IN_MODIFY. These watches are insufficient to cover even the most basic
uses by a system administrator. For example using emacs or vim to edit
a configuration file should trigger a reload but it might not if
the editors use move to atomically update the file. This atomic update
changes the inode and thus removes the notification on the file (as
inotify is based on inodes). Thus the inotify support in nscd for
configuration files is insufficient to account for the average use
cases of system administrators and users.

The inotify support is significantly enhanced and described here:
https://www.sourceware.org/ml/libc-alpha/2015-02/msg00504.html

Tested on x86_64 with and without inotify support.
2015-03-13 09:49:24 -04:00
Joseph Myers
b168057aaa Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Siddhesh Poyarekar
2886d2d14d Remove IS_IN_libc
Replace it with IS_IN (libc) and remove the one place that it
is defined in.  The generated code remains unchanged on x86_64.

	* include/shlib-compat.h [!NOT_IN_libc]: Remove.
	* nss/nss_files/files-parse.c (IS_IN_libc): Replace with
	IS_IN (libc).
2014-11-24 11:41:43 +05:30
Alexandre Oliva
4969890247 BZ#14498: fix infinite loop in nss_db_getservbyname
nss_db uses nss_files code for services, but a continue on protocol
mismatch that doesn't affect nss_files skipped the code that advanced
to the next db entry.  Any one of these changes would suffice to fix
it, but fixing both makes them both safer to reuse elsewhere.

for  ChangeLog

	[BZ #14498]
	* NEWS: Fixed.
	* nss/nss_db/db-XXX.c (_nss_db_get##name##_r): Update hidx
	after parsing line but before break_if_match.
	* nss/nss_files/files-service (DB_LOOKUP): Don't "continue;"
	if there is a protocol mismatch.
2014-11-21 03:29:56 -02:00
Andreas Schwab
ac60763eac Don't ignore too long lines in nss_files (BZ #17079) 2014-06-23 12:29:51 +02:00
Siddhesh Poyarekar
c3ec475c5d Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)
The netgroups nss modules in the glibc tree use NSS_STATUS_UNAVAIL
(with errno as ERANGE) when the supplied buffer does not have
sufficient space for the result.  This is wrong, because the canonical
way to indicate insufficient buffer is to set the errno to ERANGE and
the status to NSS_STATUS_TRYAGAIN, as is used by all other modules.

This fixes nscd behaviour when the nss_ldap module returns
NSS_STATUS_TRYAGAIN to indicate that a netgroup entry is too long to
fit into the supplied buffer.
2014-05-26 11:40:08 +05:30
Ondřej Bílka
a1ffb40e32 Use glibc_likely instead __builtin_expect. 2014-02-10 15:07:12 +01:00
Siddhesh Poyarekar
d7b00f9810 Fix invalid memory access when parsing netgroup files with blank lines (BZ #16506)
The netgroups file parsing code tries to access the character before
the newline in parsed lines to see if it is a backslash (\).  This
results in an access before the block allocated for the line if the
line is blank, i.e. does not have anything other than the newline
character.  This doesn't seem like it will cause any crashes because
the byte belongs to the malloc metadata block and hence access to it
will always succeed.

There could be an invalid alteration in code flow where a blank line
is seen as a continuation due to the preceding byte *happening* to be
'\\'.  This could be done by interposing malloc, but that's not really
a security problem since one could interpose getnetgrent_r itself and
achieve a similar 'exploit'.

The possibility of actually exploiting this is remote to impossible
since it also requires the previous line to end with a '\\', which
would happen only on invalid configurations.
2014-01-27 16:49:33 +05:30
Allan McRae
d4697bc93d Update copyright notices with scripts/update-copyrights 2014-01-01 22:00:23 +10:00
Siddhesh Poyarekar
df3aedaf38 Use herrnop directly
H_ERRNO_ARGS is unnecessary since we this file is specifically for
hosts lookup.
2013-12-02 20:06:20 +05:30
Siddhesh Poyarekar
5a4c6d53f5 Get canonical name in getaddrinfo from hosts file for AF_INET (fixes 16077)
AF_INET lookup in hosts file uses _nss_files_gethostbyname2_r, which
is not capable of returning a canonical name if it has found one.
This change adds _nss_files_gethostbyname3_r, which wraps around
_nss_files_gethostbyname2_r and then returns result.h_name as the
canonical name.
2013-11-28 17:18:12 +05:30
Siddhesh Poyarekar
977f4b31b7 Fix reads for sizes larger than INT_MAX in AF_INET lookup
Currently for AF_INET lookups from the hosts file, buffer sizes larger
than INT_MAX silently overflow and may result in access beyond bounds
of a buffer.  This happens when the number of results in an AF_INET
lookup in /etc/hosts are very large.

There are two aspects to the problem.  One problem is that the size
computed from the buffer size is stored into an int, which results in
overflow for large sizes.  Additionally, even if this size was
expanded, the function used to read content into the buffer (fgets)
accepts only int sizes.  As a result, the fix is to have a function
wrap around fgets that calls it multiple times with int sizes if
necessary.
2013-10-30 16:19:40 +05:30
Roland McGrath
59d112a4c7 Use proper #include for xdecrypt declarations. 2013-08-26 15:04:02 -07:00
Ondrej Bilka
350635a59a Fix leading whitespaces. 2013-06-06 20:36:07 +02:00
Ryan S. Arnold
e054f49430 Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
Andreas Schwab
7ed3f4e859 Remove non-standard initialisation of flexible array member
This avoids GCC bug 28865.
2013-04-23 10:31:03 +02:00
Joseph Myers
568035b787 Update copyright notices with scripts/update-copyrights. 2013-01-02 19:05:09 +00:00
Roland McGrath
3cc3ef96d6 BZ#13696: Add --disable-nscd configure option. 2012-08-22 13:31:12 -07:00
Roland McGrath
bea9b19322 Fix lots of bitrot for stub configurations. 2012-07-30 16:34:33 -07:00
Paul Eggert
59ba27a63a Replace FSF snail mail address with URLs. 2012-02-09 23:18:22 +00:00
Ulrich Drepper
312be3f9f5 Clean up internal fopen uses
No need to ever not use c and e.
2011-11-15 04:24:42 -05:00
Andreas Schwab
ae1bc2fa1c Fix buffer allocation in files initgroups handler 2011-11-07 11:49:51 +01:00
Ulrich Drepper
684ae51599 Implement caching of nscd 2011-10-07 10:06:31 -04:00
Ulrich Drepper
6857791843 Optimize libnss_files initialization 2011-09-28 10:01:13 -04:00