]>
Commit | Line | Data |
---|---|---|
dff8da6b | 1 | /* Copyright (C) 2007-2024 Free Software Foundation, Inc. |
b21fa963 | 2 | This file is part of the GNU C Library. |
b21fa963 UD |
3 | |
4 | The GNU C Library is free software; you can redistribute it and/or | |
5 | modify it under the terms of the GNU Lesser General Public | |
6 | License as published by the Free Software Foundation; either | |
7 | version 2.1 of the License, or (at your option) any later version. | |
8 | ||
9 | The GNU C Library is distributed in the hope that it will be useful, | |
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
12 | Lesser General Public License for more details. | |
13 | ||
14 | You should have received a copy of the GNU Lesser General Public | |
59ba27a6 | 15 | License along with the GNU C Library; if not, see |
5a82c748 | 16 | <https://www.gnu.org/licenses/>. */ |
b21fa963 | 17 | |
f2962a71 | 18 | #include <assert.h> |
b21fa963 UD |
19 | #include <errno.h> |
20 | #include <string.h> | |
21 | #include <not-cancel.h> | |
eb96ffb0 | 22 | #include <_itoa.h> |
e054f494 | 23 | #include <stdint.h> |
b21fa963 UD |
24 | |
25 | #include "nscd-client.h" | |
26 | #include "nscd_proto.h" | |
27 | ||
28 | ||
29 | int __nss_not_use_nscd_services; | |
30 | ||
31 | ||
32 | static int nscd_getserv_r (const char *crit, size_t critlen, const char *proto, | |
33 | request_type type, struct servent *resultbuf, | |
34 | char *buf, size_t buflen, struct servent **result); | |
35 | ||
36 | ||
37 | int | |
38 | __nscd_getservbyname_r (const char *name, const char *proto, | |
39 | struct servent *result_buf, char *buf, size_t buflen, | |
40 | struct servent **result) | |
41 | { | |
42 | return nscd_getserv_r (name, strlen (name), proto, GETSERVBYNAME, result_buf, | |
43 | buf, buflen, result); | |
44 | } | |
45 | ||
46 | ||
47 | int | |
48 | __nscd_getservbyport_r (int port, const char *proto, | |
49 | struct servent *result_buf, char *buf, size_t buflen, | |
50 | struct servent **result) | |
51 | { | |
52 | char portstr[3 * sizeof (int) + 2]; | |
53 | portstr[sizeof (portstr) - 1] = '\0'; | |
54 | char *cp = _itoa_word (port, portstr + sizeof (portstr) - 1, 10, 0); | |
55 | ||
8ec3f656 | 56 | return nscd_getserv_r (cp, portstr + sizeof (portstr) - 1 - cp, proto, |
b21fa963 UD |
57 | GETSERVBYPORT, result_buf, buf, buflen, result); |
58 | } | |
59 | ||
60 | ||
61 | libc_locked_map_ptr (, __serv_map_handle) attribute_hidden; | |
62 | /* Note that we only free the structure if necessary. The memory | |
63 | mapping is not removed since it is not visible to the malloc | |
64 | handling. */ | |
88677348 AZN |
65 | void |
66 | __nscd_serv_map_freemem (void) | |
b21fa963 UD |
67 | { |
68 | if (__serv_map_handle.mapped != NO_MAPPING) | |
69 | { | |
70 | void *p = __serv_map_handle.mapped; | |
71 | __serv_map_handle.mapped = NO_MAPPING; | |
72 | free (p); | |
73 | } | |
74 | } | |
75 | ||
76 | ||
77 | static int | |
78 | nscd_getserv_r (const char *crit, size_t critlen, const char *proto, | |
79 | request_type type, struct servent *resultbuf, | |
80 | char *buf, size_t buflen, struct servent **result) | |
81 | { | |
82 | int gc_cycle; | |
83 | int nretries = 0; | |
f2962a71 | 84 | size_t alloca_used = 0; |
b21fa963 UD |
85 | |
86 | /* If the mapping is available, try to search there instead of | |
87 | communicating with the nscd. */ | |
88 | struct mapped_database *mapped; | |
89 | mapped = __nscd_get_map_ref (GETFDSERV, "services", &__serv_map_handle, | |
90 | &gc_cycle); | |
91 | size_t protolen = proto == NULL ? 0 : strlen (proto); | |
92 | size_t keylen = critlen + 1 + protolen + 1; | |
f2962a71 UD |
93 | int alloca_key = __libc_use_alloca (keylen); |
94 | char *key; | |
95 | if (alloca_key) | |
96 | key = alloca_account (keylen, alloca_used); | |
97 | else | |
98 | { | |
99 | key = malloc (keylen); | |
100 | if (key == NULL) | |
101 | return -1; | |
102 | } | |
b21fa963 UD |
103 | memcpy (__mempcpy (__mempcpy (key, crit, critlen), |
104 | "/", 1), proto ?: "", protolen + 1); | |
105 | ||
106 | retry:; | |
b21fa963 UD |
107 | const char *s_name = NULL; |
108 | const char *s_proto = NULL; | |
f2962a71 | 109 | int alloca_aliases_len = 0; |
b21fa963 UD |
110 | const uint32_t *aliases_len = NULL; |
111 | const char *aliases_list = NULL; | |
112 | int retval = -1; | |
113 | const char *recend = (const char *) ~UINTMAX_C (0); | |
114 | int sock = -1; | |
1a77d37f JJ |
115 | serv_response_header serv_resp; |
116 | ||
b21fa963 UD |
117 | if (mapped != NO_MAPPING) |
118 | { | |
cfe1fc10 JJ |
119 | struct datahead *found = __nscd_cache_search (type, key, keylen, mapped, |
120 | sizeof serv_resp); | |
b21fa963 UD |
121 | |
122 | if (found != NULL) | |
123 | { | |
1a77d37f JJ |
124 | s_name = (char *) (&found->data[0].servdata + 1); |
125 | serv_resp = found->data[0].servdata; | |
126 | s_proto = s_name + serv_resp.s_name_len; | |
c8fc0c91 | 127 | alloca_aliases_len = 1; |
1a77d37f | 128 | aliases_len = (uint32_t *) (s_proto + serv_resp.s_proto_len); |
b21fa963 | 129 | aliases_list = ((char *) aliases_len |
1a77d37f JJ |
130 | + serv_resp.s_aliases_cnt * sizeof (uint32_t)); |
131 | recend = (const char *) found->data + found->recsize; | |
132 | /* Now check if we can trust serv_resp fields. If GC is | |
133 | in progress, it can contain anything. */ | |
134 | if (mapped->head->gc_cycle != gc_cycle) | |
135 | { | |
136 | retval = -2; | |
137 | goto out; | |
138 | } | |
3687a5a7 JJ |
139 | if (__builtin_expect ((const char *) aliases_len |
140 | + serv_resp.s_aliases_cnt * sizeof (uint32_t) | |
141 | > recend, 0)) | |
142 | goto out; | |
b21fa963 | 143 | |
b21fa963 UD |
144 | /* The aliases_len array in the mapped database might very |
145 | well be unaligned. We will access it word-wise so on | |
146 | platforms which do not tolerate unaligned accesses we | |
147 | need to make an aligned copy. */ | |
148 | if (((uintptr_t) aliases_len & (__alignof__ (*aliases_len) - 1)) | |
149 | != 0) | |
150 | { | |
f2962a71 UD |
151 | uint32_t *tmp; |
152 | alloca_aliases_len | |
153 | = __libc_use_alloca (alloca_used | |
154 | + (serv_resp.s_aliases_cnt | |
155 | * sizeof (uint32_t))); | |
156 | if (alloca_aliases_len) | |
c8fc0c91 UD |
157 | tmp = alloca_account (serv_resp.s_aliases_cnt |
158 | * sizeof (uint32_t), | |
159 | alloca_used); | |
f2962a71 UD |
160 | else |
161 | { | |
162 | tmp = malloc (serv_resp.s_aliases_cnt * sizeof (uint32_t)); | |
163 | if (tmp == NULL) | |
164 | { | |
165 | retval = ENOMEM; | |
166 | goto out; | |
167 | } | |
168 | } | |
b21fa963 | 169 | aliases_len = memcpy (tmp, aliases_len, |
1a77d37f | 170 | serv_resp.s_aliases_cnt |
b21fa963 UD |
171 | * sizeof (uint32_t)); |
172 | } | |
b21fa963 UD |
173 | } |
174 | } | |
175 | ||
1a77d37f | 176 | if (s_name == NULL) |
b21fa963 | 177 | { |
1a77d37f JJ |
178 | sock = __nscd_open_socket (key, keylen, type, &serv_resp, |
179 | sizeof (serv_resp)); | |
b21fa963 UD |
180 | if (sock == -1) |
181 | { | |
182 | __nss_not_use_nscd_services = 1; | |
183 | goto out; | |
184 | } | |
b21fa963 UD |
185 | } |
186 | ||
187 | /* No value found so far. */ | |
188 | *result = NULL; | |
189 | ||
a1ffb40e | 190 | if (__glibc_unlikely (serv_resp.found == -1)) |
b21fa963 UD |
191 | { |
192 | /* The daemon does not cache this database. */ | |
193 | __nss_not_use_nscd_services = 1; | |
194 | goto out_close; | |
195 | } | |
196 | ||
1a77d37f | 197 | if (serv_resp.found == 1) |
b21fa963 UD |
198 | { |
199 | char *cp = buf; | |
200 | uintptr_t align1; | |
201 | uintptr_t align2; | |
202 | size_t total_len; | |
203 | ssize_t cnt; | |
204 | int n; | |
205 | ||
206 | /* A first check whether the buffer is sufficiently large is possible. */ | |
207 | /* Now allocate the buffer the array for the group members. We must | |
208 | align the pointer and the base of the h_addr_list pointers. */ | |
cc4d6614 | 209 | align1 = ((__alignof__ (char *) - ((uintptr_t) cp)) |
b21fa963 | 210 | & (__alignof__ (char *) - 1)); |
cc4d6614 QC |
211 | align2 = ((__alignof__ (char *) - ((uintptr_t) (cp + align1 + serv_resp.s_name_len |
212 | + serv_resp.s_proto_len))) | |
b21fa963 | 213 | & (__alignof__ (char *) - 1)); |
1a77d37f | 214 | if (buflen < (align1 + serv_resp.s_name_len + serv_resp.s_proto_len |
b21fa963 | 215 | + align2 |
1a77d37f | 216 | + (serv_resp.s_aliases_cnt + 1) * sizeof (char *))) |
b21fa963 UD |
217 | { |
218 | no_room: | |
219 | __set_errno (ERANGE); | |
220 | retval = ERANGE; | |
221 | goto out_close; | |
222 | } | |
223 | cp += align1; | |
224 | ||
225 | /* Prepare the result as far as we can. */ | |
226 | resultbuf->s_aliases = (char **) cp; | |
1a77d37f | 227 | cp += (serv_resp.s_aliases_cnt + 1) * sizeof (char *); |
b21fa963 UD |
228 | |
229 | resultbuf->s_name = cp; | |
1a77d37f | 230 | cp += serv_resp.s_name_len; |
b21fa963 | 231 | resultbuf->s_proto = cp; |
1a77d37f JJ |
232 | cp += serv_resp.s_proto_len + align2; |
233 | resultbuf->s_port = serv_resp.s_port; | |
b21fa963 UD |
234 | |
235 | if (s_name == NULL) | |
236 | { | |
237 | struct iovec vec[2]; | |
238 | ||
239 | vec[0].iov_base = resultbuf->s_name; | |
1a77d37f | 240 | vec[0].iov_len = serv_resp.s_name_len + serv_resp.s_proto_len; |
b21fa963 UD |
241 | total_len = vec[0].iov_len; |
242 | n = 1; | |
243 | ||
1a77d37f | 244 | if (serv_resp.s_aliases_cnt > 0) |
b21fa963 | 245 | { |
f2962a71 UD |
246 | assert (alloca_aliases_len == 0); |
247 | alloca_aliases_len | |
248 | = __libc_use_alloca (alloca_used | |
249 | + (serv_resp.s_aliases_cnt | |
250 | * sizeof (uint32_t))); | |
251 | if (alloca_aliases_len) | |
c8fc0c91 UD |
252 | aliases_len = alloca_account (serv_resp.s_aliases_cnt |
253 | * sizeof (uint32_t), | |
254 | alloca_used); | |
f2962a71 UD |
255 | else |
256 | { | |
257 | aliases_len = malloc (serv_resp.s_aliases_cnt | |
258 | * sizeof (uint32_t)); | |
259 | if (aliases_len == NULL) | |
260 | { | |
261 | retval = ENOMEM; | |
262 | goto out_close; | |
263 | } | |
264 | } | |
b21fa963 | 265 | vec[n].iov_base = (void *) aliases_len; |
1a77d37f | 266 | vec[n].iov_len = serv_resp.s_aliases_cnt * sizeof (uint32_t); |
b21fa963 | 267 | |
1a77d37f | 268 | total_len += serv_resp.s_aliases_cnt * sizeof (uint32_t); |
b21fa963 UD |
269 | ++n; |
270 | } | |
271 | ||
272 | if ((size_t) __readvall (sock, vec, n) != total_len) | |
273 | goto out_close; | |
274 | } | |
275 | else | |
276 | memcpy (resultbuf->s_name, s_name, | |
1a77d37f | 277 | serv_resp.s_name_len + serv_resp.s_proto_len); |
b21fa963 UD |
278 | |
279 | /* Now we also can read the aliases. */ | |
280 | total_len = 0; | |
1a77d37f | 281 | for (cnt = 0; cnt < serv_resp.s_aliases_cnt; ++cnt) |
b21fa963 UD |
282 | { |
283 | resultbuf->s_aliases[cnt] = cp; | |
284 | cp += aliases_len[cnt]; | |
285 | total_len += aliases_len[cnt]; | |
286 | } | |
287 | resultbuf->s_aliases[cnt] = NULL; | |
288 | ||
289 | if (__builtin_expect ((const char *) aliases_list + total_len > recend, | |
290 | 0)) | |
1a77d37f JJ |
291 | { |
292 | /* aliases_len array might contain garbage during nscd GC cycle, | |
293 | retry rather than fail in that case. */ | |
294 | if (aliases_list != NULL && mapped->head->gc_cycle != gc_cycle) | |
295 | retval = -2; | |
296 | goto out_close; | |
297 | } | |
298 | ||
b21fa963 | 299 | /* See whether this would exceed the buffer capacity. */ |
a1ffb40e | 300 | if (__glibc_unlikely (cp > buf + buflen)) |
1a77d37f JJ |
301 | { |
302 | /* aliases_len array might contain garbage during nscd GC cycle, | |
303 | retry rather than fail in that case. */ | |
304 | if (aliases_list != NULL && mapped->head->gc_cycle != gc_cycle) | |
305 | { | |
306 | retval = -2; | |
307 | goto out_close; | |
308 | } | |
309 | goto no_room; | |
310 | } | |
b21fa963 UD |
311 | |
312 | /* And finally read the aliases. */ | |
313 | if (aliases_list == NULL) | |
314 | { | |
315 | if (total_len == 0 | |
316 | || ((size_t) __readall (sock, resultbuf->s_aliases[0], total_len) | |
317 | == total_len)) | |
318 | { | |
319 | retval = 0; | |
320 | *result = resultbuf; | |
321 | } | |
322 | } | |
323 | else | |
324 | { | |
325 | memcpy (resultbuf->s_aliases[0], aliases_list, total_len); | |
326 | ||
327 | /* Try to detect corrupt databases. */ | |
1a77d37f JJ |
328 | if (resultbuf->s_name[serv_resp.s_name_len - 1] != '\0' |
329 | || resultbuf->s_proto[serv_resp.s_proto_len - 1] != '\0' | |
330 | || ({for (cnt = 0; cnt < serv_resp.s_aliases_cnt; ++cnt) | |
b21fa963 UD |
331 | if (resultbuf->s_aliases[cnt][aliases_len[cnt] - 1] |
332 | != '\0') | |
333 | break; | |
1a77d37f JJ |
334 | cnt < serv_resp.s_aliases_cnt; })) |
335 | { | |
336 | /* We cannot use the database. */ | |
337 | if (mapped->head->gc_cycle != gc_cycle) | |
338 | retval = -2; | |
339 | goto out_close; | |
340 | } | |
b21fa963 UD |
341 | |
342 | retval = 0; | |
343 | *result = resultbuf; | |
344 | } | |
345 | } | |
346 | else | |
347 | { | |
cfca0aa3 UD |
348 | /* Set errno to 0 to indicate no error, just no found record. */ |
349 | __set_errno (0); | |
b21fa963 UD |
350 | /* Even though we have not found anything, the result is zero. */ |
351 | retval = 0; | |
352 | } | |
353 | ||
354 | out_close: | |
355 | if (sock != -1) | |
c181840c | 356 | __close_nocancel_nostatus (sock); |
b21fa963 | 357 | out: |
1a77d37f | 358 | if (__nscd_drop_map_ref (mapped, &gc_cycle) != 0) |
b21fa963 UD |
359 | { |
360 | /* When we come here this means there has been a GC cycle while we | |
361 | were looking for the data. This means the data might have been | |
362 | inconsistent. Retry if possible. */ | |
1a77d37f | 363 | if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1) |
b21fa963 UD |
364 | { |
365 | /* nscd is just running gc now. Disable using the mapping. */ | |
a364a3a7 | 366 | if (atomic_fetch_add_relaxed (&mapped->counter, -1) == 1) |
1a77d37f | 367 | __nscd_unmap (mapped); |
b21fa963 UD |
368 | mapped = NO_MAPPING; |
369 | } | |
370 | ||
1a77d37f | 371 | if (retval != -1) |
c8fc0c91 UD |
372 | { |
373 | if (!alloca_aliases_len) | |
f15f1e45 | 374 | free ((void *) aliases_len); |
c8fc0c91 UD |
375 | goto retry; |
376 | } | |
b21fa963 UD |
377 | } |
378 | ||
f2962a71 UD |
379 | if (!alloca_aliases_len) |
380 | free ((void *) aliases_len); | |
381 | if (!alloca_key) | |
382 | free (key); | |
383 | ||
b21fa963 UD |
384 | return retval; |
385 | } |