This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[COMMITTED 2.19] Return NULL for wildcard values in getnetgrent from nscd (BZ #16759)
- From: Aurelien Jarno <aurelien at aurel32 dot net>
- To: libc-alpha at sourceware dot org
- Cc: Siddhesh Poyarekar <siddhesh at redhat dot com>
- Date: Sun, 20 Dec 2015 18:55:33 +0100
- Subject: [COMMITTED 2.19] Return NULL for wildcard values in getnetgrent from nscd (BZ #16759)
- Authentication-results: sourceware.org; auth=none
From: Siddhesh Poyarekar <siddhesh@redhat.com>
getnetgrent is supposed to return NULL for values that are wildcards
in the (host, user, domain) triplet. This works correctly with nscd
disabled, but with it enabled, it returns a blank ("") instead of a
NULL. This is easily seen with the output of `getent netgroup foonet`
for a netgroup foonet defined as follows in /etc/netgroup:
foonet (,foo,)
The output with nscd disabled is:
foonet ( ,foo,)
while with nscd enabled, it is:
foonet (,foo,)
The extra space with nscd disabled is due to the fact that `getent
netgroup` adds it if the return value from getnetgrent is NULL for
either host or user.
(cherry picked from commit dd3022d75e6fb8957843d6d84257a5d8457822d5)
---
ChangeLog | 4 ++++
NEWS | 6 +++---
inet/getnetgrent_r.c | 14 +++++++++++---
3 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 3cb4c4d..896b564 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,10 @@
* nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has
blank values.
+ [BZ #16759]
+ * inet/getnetgrent_r.c (get_nonempty_val): New function.
+ (nscd_getnetgrent): Use it.
+
2015-11-24 Andreas Schwab <schwab@suse.de>
[BZ #17062]
diff --git a/NEWS b/NEWS
index 9771c07..6f295a2 100644
--- a/NEWS
+++ b/NEWS
@@ -9,9 +9,9 @@ Version 2.19.1
* The following bugs are resolved with this release:
- 15946, 16545, 16574, 16623, 16657, 16695, 16743, 16758, 16878, 16882,
- 16885, 16916, 16932, 16943, 16958, 17048, 17062, 17069, 17079, 17137,
- 17153, 17213, 17263, 17269, 17325, 17555, 18007, 18032, 18287.
+ 15946, 16545, 16574, 16623, 16657, 16695, 16743, 16758, 16759, 16878,
+ 16882, 16885, 16916, 16932, 16943, 16958, 17048, 17062, 17069, 17079,
+ 17137, 17153, 17213, 17263, 17269, 17325, 17555, 18007, 18032, 18287.
* A buffer overflow in gethostbyname_r and related functions performing DNS
requests has been fixed. If the NSS functions were called with a
diff --git a/inet/getnetgrent_r.c b/inet/getnetgrent_r.c
index 62cdfda..f6d064d 100644
--- a/inet/getnetgrent_r.c
+++ b/inet/getnetgrent_r.c
@@ -235,6 +235,14 @@ endnetgrent (void)
}
#ifdef USE_NSCD
+static const char *
+get_nonempty_val (const char *in)
+{
+ if (*in == '\0')
+ return NULL;
+ return in;
+}
+
static enum nss_status
nscd_getnetgrent (struct __netgrent *datap, char *buffer, size_t buflen,
int *errnop)
@@ -243,11 +251,11 @@ nscd_getnetgrent (struct __netgrent *datap, char *buffer, size_t buflen,
return NSS_STATUS_UNAVAIL;
datap->type = triple_val;
- datap->val.triple.host = datap->cursor;
+ datap->val.triple.host = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
- datap->val.triple.user = datap->cursor;
+ datap->val.triple.user = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
- datap->val.triple.domain = datap->cursor;
+ datap->val.triple.domain = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
return NSS_STATUS_SUCCESS;
--
2.6.4