fix regressions caused by the get{gr,pw}nam_r patch

Resolves: RHEL-40603
2024-07-19 15:40:56 +02:00 · 2024-07-19 15:40:56 +02:00 · 2b15335b46
commit 2b15335b46
parent 75e348b1a4
3 changed files with 118 additions and 1 deletions
--- a/0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch
+++ b/0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch
@ -0,0 +1,46 @@
 From 56abe432b65801f31277fb9a3bca0f9e31502315 Mon Sep 17 00:00:00 2001
 From: Matthias Gerstner <matthias.gerstner@suse.de>
 Date: Thu, 25 Apr 2024 12:43:49 +0200
 Subject: [PATCH] libmisc: __acl_get_uid(): fix memory wasting loop if user
 does not exist
 I noticed that `acl_from_text()` unexpectedly returns ENOMEM for invalid
 user names. The reason for this is a missing break statement in the for
 loop in `__acl_get_uid()`, which causes the loop to act as if ERANGE was
 returned from `getpwnam_r()`, thereby exponentially increasing the
 buffer size to (in my case) multiple gigabytes, until `grow_buffer()`
 reports ENOMEM, which terminates the `__acl_get_uid()` function.
 This is a pretty costly "no such user" lookup that can disturb a
 process's heap memory management, but can also cause a process to fail
 e.g. if it is multithreaded and other threads encounter an ENOMEM,
 before `__acl_get_uid()` frees the gigantic heap buffer and returns.
 The allocated memory isn't actually used. Therefore on Linux it should
 not affect other processes by default, due to its overcommit memory
 and lazy memory allocation strategy.
 Fix this by properly terminating the for loop on any conditions except
 an ERANGE error being reported. The same break statement correctly
 exists in `__acl_get_gid()` already.
 Fixes: 3737f00 ("use thread-safe getpwnam_r and getgrnam_r")
 Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
 ---
 libmisc/uid_gid_lookup.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/libmisc/uid_gid_lookup.c b/libmisc/uid_gid_lookup.c
 index a4f21f6..74baab4 100644
 --- a/libmisc/uid_gid_lookup.c
 +++ b/libmisc/uid_gid_lookup.c
@@ -91,6 +91,7 @@ __acl_get_uid(const char *token, uid_t *uid_p)
 		if (err == ERANGE)
 			continue;
 		errno = err ? err : EINVAL;
 +		break;
 	}
 	free(buffer);
 	return result ? 0 : -1;
 -- 
 2.45.2
--- a/0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch
+++ b/0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch
@ -0,0 +1,62 @@
 From 99ed23222f315d1a6efbc240db3ff4ed04db99c6 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= <lzaoral@redhat.com>
 Date: Mon, 10 Jun 2024 16:28:22 +0200
 Subject: [PATCH] tests: fix getpwnam and getgrnam
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 The calls to these functions would always fail because the size of the buffer
 was smaller than the minimum (170000) specified in the test implementations
 of getgrnam_r and getpwnam_r.  Use test_get*_match directly because getpwnam
 and getgrnam should never fail on ERANGE.
 This commit fixes the following failure in the test/root/restore.test test:
 [21] $ chown bin passwd -- failed
 chown: invalid user: ‘bin’        != ~
 Fixes: 3737f000d3f17cd283f51eeacac21a71a3472053 ("use thread-safe getpwnam_r and getgrnam_r")
 ---
 test/test_group.c  | 2 +-
 test/test_passwd.c | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
 diff --git a/test/test_group.c b/test/test_group.c
 index 96dd612..42d6b07 100644
 --- a/test/test_group.c
 +++ b/test/test_group.c
@@ -136,7 +136,7 @@ struct group *getgrnam(const char *name)
 	static struct group grp;
 	struct group *result;
 -	(void) getgrnam_r(name, &grp, buf, sizeof(buf), &result);
 +	(void) test_getgr_match(&grp, buf, sizeof buf, &result, match_name, name);
 	return result;
 }
 diff --git a/test/test_passwd.c b/test/test_passwd.c
 index b88ea45..ebe9dce 100644
 --- a/test/test_passwd.c
 +++ b/test/test_passwd.c
@@ -117,7 +117,7 @@ int getpwnam_r(const char *name, struct passwd *pwd, char *buf, size_t buflen,
 		*result = NULL;
 		return ERANGE;
 	}
 -	last_buflen =- 1;
 +	last_buflen = -1;
 	return test_getpw_match(pwd, buf, buflen, result, match_name, name);
 }
@@ -129,7 +129,7 @@ struct passwd *getpwnam(const char *name)
 	static struct passwd pwd;
 	struct passwd *result;
 -	(void) getpwnam_r(name, &pwd, buf, sizeof(buf), &result);
 +	(void) test_getpw_match(&pwd, buf, sizeof(buf), &result, match_name, name);
 	return result;
 }
 -- 
 2.45.2
--- a/acl.spec
+++ b/acl.spec
@ -1,7 +1,7 @@
 Summary: Access control list utilities
 Name: acl
 Version: 2.3.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 BuildRequires: gawk
 BuildRequires: gcc
 BuildRequires: gettext
@ -21,6 +21,12 @@ Source2: vapier-key.gpg
 # avoid permission denied problem with LD_PRELOAD in the test-suite
 Patch1: 0001-acl-2.2.53-test-runwrapper.patch
 # fix regressions introduced by the `libacl: use getpwnam_r and getgrnam_r in acl_from_text.c` patch
 # https://git.savannah.nongnu.org/cgit/acl.git/commit/?id=56abe432b65801f31277fb9a3bca0f9e31502315
 Patch2: 0001-acl-2.3.2-__acl_get_uid-fix-memory-wasting-loop.patch
 # https://lists.nongnu.org/archive/html/acl-devel/2024-06/msg00000.html
 Patch3: 0001-acl-2.3.2-tests-fix-getpwnam-and-getgrnam.patch
 License: GPL-2.0-or-later AND LGPL-2.1-or-later
 URL: https://savannah.nongnu.org/projects/acl
@ -126,6 +132,9 @@ rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}*
 %{_libdir}/libacl.so.*
 %changelog
 * Fri Jul 19 2024 Lukáš Zaoral <lzaoral@redhat.com> - 2.3.2-3
 - fix regressions caused by the get{gr,pw}nam_r patch (RHEL-40603)
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.3.2-2
 - Bump release for June 2024 mass rebuild