From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: [PATCH] fix getgrouplist without nscd
Date: Wed, 21 Jun 2017 19:23:10 -0400 [thread overview]
Message-ID: <20170621232310.GI1627@brightrain.aerifal.cx> (raw)
In-Reply-To: <1468315857.14738.0@mail.zhasha.com>
On Tue, Jul 12, 2016 at 11:30:57AM +0200, Joakim Sindholt wrote:
> There were two issues here. First, if socket() fails then it's
> treated as an unrecoverable error and second: the response buffer
> was not initialized and so a recoverable error (ie. no nscd) would
> result in UB.
>
> dgp tested this patch and confirmed on IRC that it worked in the
> no-nscd no-socket case and I have tested it in the has-nscd case.
> >From 9251aff794832e0e37f5b747b69e756ac836f181 Mon Sep 17 00:00:00 2001
> From: Joakim Sindholt <opensource@zhasha.com>
> Date: Tue, 12 Jul 2016 10:13:23 +0200
> Subject: [PATCH] fix getgrouplist without nscd
>
> ---
> src/passwd/getgrouplist.c | 2 +-
> src/passwd/nscd_query.c | 8 +++++++-
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/src/passwd/getgrouplist.c b/src/passwd/getgrouplist.c
> index 43e5182..fd0bf5f 100644
> --- a/src/passwd/getgrouplist.c
> +++ b/src/passwd/getgrouplist.c
> @@ -17,7 +17,7 @@ int getgrouplist(const char *user, gid_t gid, gid_t *groups, int *ngroups)
> struct group *res;
> FILE *f;
> int swap = 0;
> - int32_t resp[INITGR_LEN];
> + int32_t resp[INITGR_LEN] = {0};
> uint32_t *nscdbuf = 0;
> char *buf = 0;
> char **mem = 0;
> diff --git a/src/passwd/nscd_query.c b/src/passwd/nscd_query.c
> index d38e371..8641e4f 100644
> --- a/src/passwd/nscd_query.c
> +++ b/src/passwd/nscd_query.c
> @@ -40,7 +40,13 @@ retry:
> buf[0] = NSCDVERSION;
>
> fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
> - if (fd < 0) return NULL;
> + if (fd < 0) {
> + if (errno == EACCES || errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT) {
> + errno = errno_save;
> + return fopen("/dev/null", "re");
> + }
> + return 0;
> + }
>
> if(!(f = fdopen(fd, "r"))) {
> close(fd);
> --
> 2.7.3
>
I just ran across this patch that got lost last year while looking at
the git history for src/passwd and seeing commit
39494a273eaa6b714e0fa0c59ce7a1f5fbc80a1e. Was there any further
progress or discussion on it I might be overlooking? I think the
concept looks right but I wonder if there's a good way to avoid the
spurious /dev/null access.
Rich
next prev parent reply other threads:[~2017-06-21 23:23 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-12 9:30 Joakim Sindholt
2017-06-21 23:23 ` Rich Felker [this message]
2017-06-22 16:12 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170621232310.GI1627@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).