Accepting request 179303 from Base:System

- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524) (forwarded request 179302 from Andreas_Schwab) OBS-URL: https://build.opensuse.org/request/show/179303 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=147
2013-06-19 12:43:49 +00:00 · 2013-06-19 12:43:49 +00:00 · b279560015
commit b279560015
parent 0001be9322
7 changed files with 122 additions and 0 deletions
--- a/glibc-testsuite.changes
+++ b/glibc-testsuite.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jun 17 09:49:24 UTC 2013 - schwab@suse.de
+
+- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524)
+
 -------------------------------------------------------------------
 Mon Jun 10 08:33:46 UTC 2013 - schwab@suse.de

--- a/glibc-testsuite.spec
+++ b/glibc-testsuite.spec
@ -255,6 +255,8 @@ Patch1003:      rtlddir.patch
 Patch1004:      regexp-overrun.patch
 # PATCH-FIX-UPSTREAM Fix stack overflow in getaddrinfo with many results
 Patch1005:      getaddrinfo-overflow.patch
+# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
+Patch1006:      nscd-netgroup.patch

 ### 
 # Patches awaiting upstream approval
@ -483,6 +485,7 @@ rm nscd/s-stamp
 %patch1003 -p1
 %patch1004 -p1
 %patch1005 -p1
+%patch1006 -p1

 # XXX Disable, it breaks the testsuite, test elf/tst-audit2 
 # %patch2008 -p1
--- a/glibc-utils.changes
+++ b/glibc-utils.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jun 17 09:49:24 UTC 2013 - schwab@suse.de
+
+- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524)
+
 -------------------------------------------------------------------
 Mon Jun 10 08:33:46 UTC 2013 - schwab@suse.de

--- a/glibc-utils.spec
+++ b/glibc-utils.spec
@ -254,6 +254,8 @@ Patch1003:      rtlddir.patch
 Patch1004:      regexp-overrun.patch
 # PATCH-FIX-UPSTREAM Fix stack overflow in getaddrinfo with many results
 Patch1005:      getaddrinfo-overflow.patch
+# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
+Patch1006:      nscd-netgroup.patch

 ### 
 # Patches awaiting upstream approval
@ -483,6 +485,7 @@ rm nscd/s-stamp
 %patch1003 -p1
 %patch1004 -p1
 %patch1005 -p1
+%patch1006 -p1

 # XXX Disable, it breaks the testsuite, test elf/tst-audit2 
 # %patch2008 -p1
--- a/glibc.changes
+++ b/glibc.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jun 17 09:49:24 UTC 2013 - schwab@suse.de
+
+- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524)
+
 -------------------------------------------------------------------
 Mon Jun 10 08:33:46 UTC 2013 - schwab@suse.de

--- a/glibc.spec
+++ b/glibc.spec
@ -255,6 +255,8 @@ Patch1003:      rtlddir.patch
 Patch1004:      regexp-overrun.patch
 # PATCH-FIX-UPSTREAM Fix stack overflow in getaddrinfo with many results
 Patch1005:      getaddrinfo-overflow.patch
+# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
+Patch1006:      nscd-netgroup.patch

 ### 
 # Patches awaiting upstream approval
@ -483,6 +485,7 @@ rm nscd/s-stamp
 %patch1003 -p1
 %patch1004 -p1
 %patch1005 -p1
+%patch1006 -p1

 # XXX Disable, it breaks the testsuite, test elf/tst-audit2 
 # %patch2008 -p1
--- a/nscd-netgroup.patch
+++ b/nscd-netgroup.patch
@ -0,0 +1,98 @@
+2013-06-11  Andreas Schwab  <schwab@suse.de>
+
+	[BZ #15577]
+	* nscd/connections.c (nscd_run_worker): Always zero-terminate key.
+	* nscd/netgroupcache.c (addgetnetgrentX): Properly handle absent
+	values in the triple.
+	* nscd/nscd_netgroup.c (__nscd_setnetgrent): Include zero
+	terminator in the group key.
+
+Index: glibc-2.17/nscd/connections.c
+===================================================================
+--- glibc-2.17.orig/nscd/connections.c
+++ glibc-2.17/nscd/connections.c
+@@ -1762,7 +1762,7 @@ nscd_run_worker (void *p)
+       else
+ 	{
+ 	  /* Get the key.  */
+-	  char keybuf[MAXKEYLEN];
+	  char keybuf[MAXKEYLEN + 1];
+ 
+ 	  if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd, keybuf,
+ 							  req.key_len))
+@@ -1774,6 +1774,7 @@ nscd_run_worker (void *p)
+ 			 strerror_r (errno, buf, sizeof (buf)));
+ 	      goto close_and_out;
+ 	    }
+	  keybuf[req.key_len] = '\0';
+ 
+ 	  if (__builtin_expect (debug_level, 0) > 0)
+ 	    {
+Index: glibc-2.17/nscd/netgroupcache.c
+===================================================================
+--- glibc-2.17.orig/nscd/netgroupcache.c
+++ glibc-2.17/nscd/netgroupcache.c
+@@ -192,18 +192,26 @@ addgetnetgrentX (struct database_dyn *db
+ 			    const char *nuser = data.val.triple.user;
+ 			    const char *ndomain = data.val.triple.domain;
+ 
+-			    if (data.val.triple.host > data.val.triple.user
+-				|| data.val.triple.user > data.val.triple.domain)
+			    if (nhost == NULL || nuser == NULL || ndomain == NULL
+				|| nhost > nuser || nuser > ndomain)
+ 			      {
+-				const char *last = MAX (nhost,
+-							MAX (nuser, ndomain));
+-				size_t bufused = (last + strlen (last) + 1
+-						  - buffer);
+				const char *last = nhost;
+				if (last == NULL
+				    || (nuser != NULL && nuser > last))
+				  last = nuser;
+				if (last == NULL
+				    || (ndomain != NULL && ndomain > last))
+				  last = ndomain;
+
+				size_t bufused
+				  = (last == NULL
+				     ? buffilled
+				     : last + strlen (last) + 1 - buffer);
+ 
+ 				/* We have to make temporary copies.  */
+-				size_t hostlen = strlen (nhost) + 1;
+-				size_t userlen = strlen (nuser) + 1;
+-				size_t domainlen = strlen (ndomain) + 1;
+				size_t hostlen = strlen (nhost ?: "") + 1;
+				size_t userlen = strlen (nuser ?: "") + 1;
+				size_t domainlen = strlen (ndomain ?: "") + 1;
+ 				size_t needed = hostlen + userlen + domainlen;
+ 
+ 				if (buflen - req->key_len - bufused < needed)
+@@ -226,11 +234,11 @@ addgetnetgrentX (struct database_dyn *db
+ 				  }
+ 
+ 				nhost = memcpy (buffer + bufused,
+-						nhost, hostlen);
+						nhost ?: "", hostlen);
+ 				nuser = memcpy ((char *) nhost + hostlen,
+-						nuser, userlen);
+						nuser ?: "", userlen);
+ 				ndomain = memcpy ((char *) nuser + userlen,
+-						  ndomain, domainlen);
+						  ndomain ?: "", domainlen);
+ 			      }
+ 
+ 			    char *wp = buffer + buffilled;
+Index: glibc-2.17/nscd/nscd_netgroup.c
+===================================================================
+--- glibc-2.17.orig/nscd/nscd_netgroup.c
+++ glibc-2.17/nscd/nscd_netgroup.c
+@@ -48,7 +48,7 @@ __nscd_setnetgrent (const char *group, s
+ {
+   int gc_cycle;
+   int nretries = 0;
+-  size_t group_len = strlen (group);
+  size_t group_len = strlen (group) + 1;
+ 
+   /* If the mapping is available, try to search there instead of
+      communicating with the nscd.  */