From 2b15335b46711fa173dc4c80e757408828faf9bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Fri, 19 Jul 2024 15:40:56 +0200 Subject: [PATCH] fix regressions caused by the get{gr,pw}nam_r patch Resolves: RHEL-40603 --- ..._acl_get_uid-fix-memory-wasting-loop.patch | 46 ++++++++++++++ ....3.2-tests-fix-getpwnam-and-getgrnam.patch | 62 +++++++++++++++++++ acl.spec | 11 +++- 3 files changed, 118 insertions(+), 1 deletion(-) create mode 100644 0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch create mode 100644 0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch diff --git a/0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch b/0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch new file mode 100644 index 0000000..a7267b7 --- /dev/null +++ b/0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch @@ -0,0 +1,46 @@ +From 56abe432b65801f31277fb9a3bca0f9e31502315 Mon Sep 17 00:00:00 2001 +From: Matthias Gerstner +Date: Thu, 25 Apr 2024 12:43:49 +0200 +Subject: [PATCH] libmisc: __acl_get_uid(): fix memory wasting loop if user + does not exist + +I noticed that `acl_from_text()` unexpectedly returns ENOMEM for invalid +user names. The reason for this is a missing break statement in the for +loop in `__acl_get_uid()`, which causes the loop to act as if ERANGE was +returned from `getpwnam_r()`, thereby exponentially increasing the +buffer size to (in my case) multiple gigabytes, until `grow_buffer()` +reports ENOMEM, which terminates the `__acl_get_uid()` function. + +This is a pretty costly "no such user" lookup that can disturb a +process's heap memory management, but can also cause a process to fail +e.g. if it is multithreaded and other threads encounter an ENOMEM, +before `__acl_get_uid()` frees the gigantic heap buffer and returns. +The allocated memory isn't actually used. Therefore on Linux it should +not affect other processes by default, due to its overcommit memory +and lazy memory allocation strategy. + +Fix this by properly terminating the for loop on any conditions except +an ERANGE error being reported. The same break statement correctly +exists in `__acl_get_gid()` already. + +Fixes: 3737f00 ("use thread-safe getpwnam_r and getgrnam_r") +Signed-off-by: Andreas Gruenbacher +--- + libmisc/uid_gid_lookup.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libmisc/uid_gid_lookup.c b/libmisc/uid_gid_lookup.c +index a4f21f6..74baab4 100644 +--- a/libmisc/uid_gid_lookup.c ++++ b/libmisc/uid_gid_lookup.c +@@ -91,6 +91,7 @@ __acl_get_uid(const char *token, uid_t *uid_p) + if (err == ERANGE) + continue; + errno = err ? err : EINVAL; ++ break; + } + free(buffer); + return result ? 0 : -1; +-- +2.45.2 + diff --git a/0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch b/0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch new file mode 100644 index 0000000..8073b7c --- /dev/null +++ b/0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch @@ -0,0 +1,62 @@ +From 99ed23222f315d1a6efbc240db3ff4ed04db99c6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= +Date: Mon, 10 Jun 2024 16:28:22 +0200 +Subject: [PATCH] tests: fix getpwnam and getgrnam +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The calls to these functions would always fail because the size of the buffer +was smaller than the minimum (170000) specified in the test implementations +of getgrnam_r and getpwnam_r. Use test_get*_match directly because getpwnam +and getgrnam should never fail on ERANGE. + +This commit fixes the following failure in the test/root/restore.test test: + +[21] $ chown bin passwd -- failed +chown: invalid user: ‘bin’ != ~ + +Fixes: 3737f000d3f17cd283f51eeacac21a71a3472053 ("use thread-safe getpwnam_r and getgrnam_r") +--- + test/test_group.c | 2 +- + test/test_passwd.c | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/test/test_group.c b/test/test_group.c +index 96dd612..42d6b07 100644 +--- a/test/test_group.c ++++ b/test/test_group.c +@@ -136,7 +136,7 @@ struct group *getgrnam(const char *name) + static struct group grp; + struct group *result; + +- (void) getgrnam_r(name, &grp, buf, sizeof(buf), &result); ++ (void) test_getgr_match(&grp, buf, sizeof buf, &result, match_name, name); + return result; + } + +diff --git a/test/test_passwd.c b/test/test_passwd.c +index b88ea45..ebe9dce 100644 +--- a/test/test_passwd.c ++++ b/test/test_passwd.c +@@ -117,7 +117,7 @@ int getpwnam_r(const char *name, struct passwd *pwd, char *buf, size_t buflen, + *result = NULL; + return ERANGE; + } +- last_buflen =- 1; ++ last_buflen = -1; + + return test_getpw_match(pwd, buf, buflen, result, match_name, name); + } +@@ -129,7 +129,7 @@ struct passwd *getpwnam(const char *name) + static struct passwd pwd; + struct passwd *result; + +- (void) getpwnam_r(name, &pwd, buf, sizeof(buf), &result); ++ (void) test_getpw_match(&pwd, buf, sizeof(buf), &result, match_name, name); + return result; + } + +-- +2.45.2 + diff --git a/acl.spec b/acl.spec index e22f271..f398ed8 100644 --- a/acl.spec +++ b/acl.spec @@ -1,7 +1,7 @@ Summary: Access control list utilities Name: acl Version: 2.3.2 -Release: 2%{?dist} +Release: 3%{?dist} BuildRequires: gawk BuildRequires: gcc BuildRequires: gettext @@ -21,6 +21,12 @@ Source2: vapier-key.gpg # avoid permission denied problem with LD_PRELOAD in the test-suite Patch1: 0001-acl-2.2.53-test-runwrapper.patch +# fix regressions introduced by the `libacl: use getpwnam_r and getgrnam_r in acl_from_text.c` patch +# https://git.savannah.nongnu.org/cgit/acl.git/commit/?id=56abe432b65801f31277fb9a3bca0f9e31502315 +Patch2: 0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch +# https://lists.nongnu.org/archive/html/acl-devel/2024-06/msg00000.html +Patch3: 0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch + License: GPL-2.0-or-later AND LGPL-2.1-or-later URL: https://savannah.nongnu.org/projects/acl @@ -126,6 +132,9 @@ rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}* %{_libdir}/libacl.so.* %changelog +* Fri Jul 19 2024 Lukáš Zaoral - 2.3.2-3 +- fix regressions caused by the get{gr,pw}nam_r patch (RHEL-40603) + * Mon Jun 24 2024 Troy Dawson - 2.3.2-2 - Bump release for June 2024 mass rebuild