From 23ed36735af09c258e542266aaed92cdd8571c6c Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 16 Jul 2020 16:21:28 +0200 Subject: [PATCH 02/11] nss_compat: Do not use mmap to read database files (bug 26258) This avoids crashes in case the files are truncated for some reason. For typically file sizes, it is also going to be slightly faster. Using __nss_files_fopen instead mirrors what nss_files does. Tested-by: Carlos O'Donell Reviewed-by: Carlos O'Donell --- nss/nss_compat/compat-grp.c | 6 ++---- nss/nss_compat/compat-initgroups.c | 6 ++---- nss/nss_compat/compat-pwd.c | 6 ++---- nss/nss_compat/compat-spwd.c | 6 ++---- 4 files changed, 8 insertions(+), 16 deletions(-) diff -rup a/nss/nss_compat/compat-grp.c b/nss/nss_compat/compat-grp.c --- a/nss/nss_compat/compat-grp.c 2020-09-14 15:49:18.248178627 -0400 +++ b/nss/nss_compat/compat-grp.c 2020-09-14 17:18:22.514977541 -0400 @@ -26,6 +26,7 @@ #include #include #include +#include static service_user *ni; static enum nss_status (*nss_setgrent) (int stayopen); @@ -106,13 +107,10 @@ internal_setgrent (ent_t *ent, int stayo if (ent->stream == NULL) { - ent->stream = fopen ("/etc/group", "rme"); + ent->stream = __nss_files_fopen ("/etc/group"); if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; - else - /* We take care of locking ourself. */ - __fsetlocking (ent->stream, FSETLOCKING_BYCALLER); } else rewind (ent->stream); diff -rup a/nss/nss_compat/compat-initgroups.c b/nss/nss_compat/compat-initgroups.c --- a/nss/nss_compat/compat-initgroups.c 2020-09-14 15:49:18.255178892 -0400 +++ b/nss/nss_compat/compat-initgroups.c 2020-09-14 17:18:22.519977728 -0400 @@ -29,6 +29,7 @@ #include #include #include +#include static service_user *ni; /* Type of the lookup function. */ @@ -121,13 +122,10 @@ internal_setgrent (ent_t *ent) else ent->blacklist.current = 0; - ent->stream = fopen ("/etc/group", "rme"); + ent->stream = __nss_files_fopen ("/etc/group"); if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; - else - /* We take care of locking ourself. */ - __fsetlocking (ent->stream, FSETLOCKING_BYCALLER); return status; } diff -rup a/nss/nss_compat/compat-pwd.c b/nss/nss_compat/compat-pwd.c --- a/nss/nss_compat/compat-pwd.c 2020-09-14 15:49:18.260179081 -0400 +++ b/nss/nss_compat/compat-pwd.c 2020-09-14 17:18:22.523977879 -0400 @@ -27,6 +27,7 @@ #include #include #include +#include #include "netgroup.h" #include "nisdomain.h" @@ -221,13 +222,10 @@ internal_setpwent (ent_t *ent, int stayo if (ent->stream == NULL) { - ent->stream = fopen ("/etc/passwd", "rme"); + ent->stream = __nss_files_fopen ("/etc/passwd"); if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; - else - /* We take care of locking ourself. */ - __fsetlocking (ent->stream, FSETLOCKING_BYCALLER); } else rewind (ent->stream); diff -rup a/nss/nss_compat/compat-spwd.c b/nss/nss_compat/compat-spwd.c --- a/nss/nss_compat/compat-spwd.c 2020-09-14 15:49:18.264179232 -0400 +++ b/nss/nss_compat/compat-spwd.c 2020-09-14 17:18:22.527978029 -0400 @@ -27,6 +27,7 @@ #include #include #include +#include #include "netgroup.h" #include "nisdomain.h" @@ -177,13 +178,10 @@ internal_setspent (ent_t *ent, int stayo if (ent->stream == NULL) { - ent->stream = fopen ("/etc/shadow", "rme"); + ent->stream = __nss_files_fopen ("/etc/shadow"); if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; - else - /* We take care of locking ourself. */ - __fsetlocking (ent->stream, FSETLOCKING_BYCALLER); } else rewind (ent->stream);