124 lines
4.1 KiB
Diff
124 lines
4.1 KiB
Diff
From 23ed36735af09c258e542266aaed92cdd8571c6c Mon Sep 17 00:00:00 2001
|
|
From: Florian Weimer <fweimer@redhat.com>
|
|
Date: Thu, 16 Jul 2020 16:21:28 +0200
|
|
Subject: [PATCH 02/11] nss_compat: Do not use mmap to read database files (bug
|
|
26258)
|
|
|
|
This avoids crashes in case the files are truncated for some reason.
|
|
For typically file sizes, it is also going to be slightly faster.
|
|
Using __nss_files_fopen instead mirrors what nss_files does.
|
|
|
|
Tested-by: Carlos O'Donell <carlos@redhat.com>
|
|
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
---
|
|
nss/nss_compat/compat-grp.c | 6 ++----
|
|
nss/nss_compat/compat-initgroups.c | 6 ++----
|
|
nss/nss_compat/compat-pwd.c | 6 ++----
|
|
nss/nss_compat/compat-spwd.c | 6 ++----
|
|
4 files changed, 8 insertions(+), 16 deletions(-)
|
|
|
|
diff -rup a/nss/nss_compat/compat-grp.c b/nss/nss_compat/compat-grp.c
|
|
--- a/nss/nss_compat/compat-grp.c 2020-09-14 15:49:18.248178627 -0400
|
|
+++ b/nss/nss_compat/compat-grp.c 2020-09-14 17:18:22.514977541 -0400
|
|
@@ -26,6 +26,7 @@
|
|
#include <string.h>
|
|
#include <libc-lock.h>
|
|
#include <kernel-features.h>
|
|
+#include <nss_files.h>
|
|
|
|
static service_user *ni;
|
|
static enum nss_status (*nss_setgrent) (int stayopen);
|
|
@@ -106,13 +107,10 @@ internal_setgrent (ent_t *ent, int stayo
|
|
|
|
if (ent->stream == NULL)
|
|
{
|
|
- ent->stream = fopen ("/etc/group", "rme");
|
|
+ ent->stream = __nss_files_fopen ("/etc/group");
|
|
|
|
if (ent->stream == NULL)
|
|
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
- else
|
|
- /* We take care of locking ourself. */
|
|
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
}
|
|
else
|
|
rewind (ent->stream);
|
|
diff -rup a/nss/nss_compat/compat-initgroups.c b/nss/nss_compat/compat-initgroups.c
|
|
--- a/nss/nss_compat/compat-initgroups.c 2020-09-14 15:49:18.255178892 -0400
|
|
+++ b/nss/nss_compat/compat-initgroups.c 2020-09-14 17:18:22.519977728 -0400
|
|
@@ -29,6 +29,7 @@
|
|
#include <libc-lock.h>
|
|
#include <kernel-features.h>
|
|
#include <scratch_buffer.h>
|
|
+#include <nss_files.h>
|
|
|
|
static service_user *ni;
|
|
/* Type of the lookup function. */
|
|
@@ -121,13 +122,10 @@ internal_setgrent (ent_t *ent)
|
|
else
|
|
ent->blacklist.current = 0;
|
|
|
|
- ent->stream = fopen ("/etc/group", "rme");
|
|
+ ent->stream = __nss_files_fopen ("/etc/group");
|
|
|
|
if (ent->stream == NULL)
|
|
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
- else
|
|
- /* We take care of locking ourself. */
|
|
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
|
|
return status;
|
|
}
|
|
diff -rup a/nss/nss_compat/compat-pwd.c b/nss/nss_compat/compat-pwd.c
|
|
--- a/nss/nss_compat/compat-pwd.c 2020-09-14 15:49:18.260179081 -0400
|
|
+++ b/nss/nss_compat/compat-pwd.c 2020-09-14 17:18:22.523977879 -0400
|
|
@@ -27,6 +27,7 @@
|
|
#include <string.h>
|
|
#include <libc-lock.h>
|
|
#include <kernel-features.h>
|
|
+#include <nss_files.h>
|
|
|
|
#include "netgroup.h"
|
|
#include "nisdomain.h"
|
|
@@ -221,13 +222,10 @@ internal_setpwent (ent_t *ent, int stayo
|
|
|
|
if (ent->stream == NULL)
|
|
{
|
|
- ent->stream = fopen ("/etc/passwd", "rme");
|
|
+ ent->stream = __nss_files_fopen ("/etc/passwd");
|
|
|
|
if (ent->stream == NULL)
|
|
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
- else
|
|
- /* We take care of locking ourself. */
|
|
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
}
|
|
else
|
|
rewind (ent->stream);
|
|
diff -rup a/nss/nss_compat/compat-spwd.c b/nss/nss_compat/compat-spwd.c
|
|
--- a/nss/nss_compat/compat-spwd.c 2020-09-14 15:49:18.264179232 -0400
|
|
+++ b/nss/nss_compat/compat-spwd.c 2020-09-14 17:18:22.527978029 -0400
|
|
@@ -27,6 +27,7 @@
|
|
#include <string.h>
|
|
#include <libc-lock.h>
|
|
#include <kernel-features.h>
|
|
+#include <nss_files.h>
|
|
|
|
#include "netgroup.h"
|
|
#include "nisdomain.h"
|
|
@@ -177,13 +178,10 @@ internal_setspent (ent_t *ent, int stayo
|
|
|
|
if (ent->stream == NULL)
|
|
{
|
|
- ent->stream = fopen ("/etc/shadow", "rme");
|
|
+ ent->stream = __nss_files_fopen ("/etc/shadow");
|
|
|
|
if (ent->stream == NULL)
|
|
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
|
|
- else
|
|
- /* We take care of locking ourself. */
|
|
- __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
|
|
}
|
|
else
|
|
rewind (ent->stream);
|