Summary: | internal_end*ent in nss_compat may clobber errno, hiding ERANGE | ||
---|---|---|---|
Product: | glibc | Reporter: | Florian Weimer <fweimer> |
Component: | nss | Assignee: | Florian Weimer <fweimer> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | fweimer |
Priority: | P2 | Flags: | fweimer:
security-
|
Version: | unspecified | ||
Target Milestone: | 2.32 | ||
See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=1402403 | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Florian Weimer
2020-05-12 11:48:30 UTC
Fixed for glibc 2.32 with: commit 790b8dda4455865cb8c3a47801f4304c1a43baf6 Author: Florian Weimer <fweimer@redhat.com> Date: Tue May 19 14:09:38 2020 +0200 nss_compat: internal_end*ent may clobber errno, hiding ERANGE [BZ #25976] During cleanup, before returning from get*_r functions, the end*ent calls must not change errno. Otherwise, an ERANGE error from the underlying implementation can be hidden, causing unexpected lookup failures. This commit introduces an internal_end*ent_noerror function which saves and restore errno, and marks the original internal_end*ent function as warn_unused_result, so that it is used only in contexts were errors from it can be handled explicitly. Reviewed-by: DJ Delorie <dj@redhat.com> |