Bug 22161 - nscd cache prune for netgroups hangs after timeout bump
Summary: nscd cache prune for netgroups hangs after timeout bump
Alias: None
Product: glibc
Classification: Unclassified
Component: nscd (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: 2.27
Assignee: dj@redhat.com
Depends on:
Reported: 2017-09-20 21:46 UTC by dj@redhat.com
Modified: 2017-10-04 15:33 UTC (History)
2 users (show)

See Also:
Last reconfirmed:
fweimer: security-


Note You need to log in before you can comment on or make changes to this bug.
Description dj@redhat.com 2017-09-20 21:46:54 UTC
in nscd/netgroupcache.c in addinnetgrX() we call mempool_alloc(..., 1) which takes a lock on the database.  If we exit via the "bump timeout" clause, the lock is not released.

This can be reproduced by requesting the same query multiple times within the timeout, then waiting for a cache prune cycle that needs to time those entries out... the prune thread waits forever for a write lock.  Reads from the database continue but prunes stop.  To the user, it appears as if the cache just keeps stale data.
Comment 1 cvs-commit@gcc.gnu.org 2017-09-25 23:51:06 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  3de93d194a5d27cabfe40ddf58aea36939498ba4 (commit)
      from  5af1e931bfaf8ef28abd94c0c0ad14e4790cf429 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------

commit 3de93d194a5d27cabfe40ddf58aea36939498ba4
Author: DJ Delorie <dj@redhat.com>
Date:   Mon Sep 25 19:43:09 2017 -0400

    nscd: Release read lock after resetting timeout.
    	[BZ #22161]
    	* nscd/netgroupcache.c (addinnetgrX): Release read lock after
    	resetting timeout.
    Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
    Reviewed-by: Andreas Schwab <schwab@suse.de>
    A lock is held by mempool_allocate() when CACHEABLE is true; we
    must release this lock if we exit early.


Summary of changes:
 ChangeLog            |    6 ++++++
 nscd/netgroupcache.c |    2 ++
 2 files changed, 8 insertions(+), 0 deletions(-)
Comment 2 dj@redhat.com 2017-09-25 23:55:14 UTC
Fix pushed to master.