[BUG] With --disable-dynamic-nss, not all functions calls are protected

[Vincent Lefevre <vincent@vinc17.net>]

[Posted to zsh-workers, with a Cc to the Debian bug.]

While looking at Debian bug 993843

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993843
  (zsh-static segfaults immediately)

I can notice the following warnings:

gcc -static   -o zsh main.o  `cat stamp-modobjs`   -lgdbm -lpcre -lcap -lncursesw -ltinfo -ltinfo -lrt -lm  -lc
/usr/bin/ld: options.o: in function `dosetopt':
./obj-static/Src/../../Src/options.c:830: warning: Using 'initgroups' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: Modules/parameter.o: in function `get_all_groups':
./obj-static/Src/Modules/../../../Src/Modules/parameter.c:2058: warning: Using 'getgrgid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: Modules/files.o: in function `bin_chown':
./obj-static/Src/Modules/../../../Src/Modules/files.c:763: warning: Using 'getgrnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: params.o: in function `usernamesetfn':
./obj-static/Src/../../Src/params.c:4420: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: options.o: in function `dosetopt':
./obj-static/Src/../../Src/options.c:822: warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking

This is exactly the issue we are seeing in Debian: zsh-static
segfaults after upgrading glibc, and this issue disappears
after rebuilding zsh-static with the new glibc. And I could
see in the strace output that the shared C library libc.so.6
is read, while zsh-static should entirely be static.

However, --disable-dynamic-nss is used to build zsh-static,
so that the above functions should not be called.

I can see that Src/zsh_system.h has

#if defined(HAVE_INITGROUPS) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_INITGROUPS
#endif

#if defined(HAVE_GETGRGID) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_GETGRGID
#endif

#if defined(HAVE_GETGRNAM) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_GETGRNAM
#endif

#if defined(HAVE_GETPWENT) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_GETPWENT
#endif

#if defined(HAVE_GETPWNAM) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_GETPWNAM
#endif

#if defined(HAVE_GETPWUID) && !defined(DISABLE_DYNAMIC_NSS)
# define USE_GETPWUID
#endif

But concerning the first warning, Src/options.c contains

# ifdef HAVE_INITGROUPS

I suppose that the test should have been

# ifdef USE_INITGROUPS

like in Src/params.c, which has

# ifdef USE_INITGROUPS
        initgroups(x, pswd->pw_gid);
# endif

I suspect that there is the same issue with the other warnings.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)