This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.19-333-gbc8f194
- From: siddhesh at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 30 Apr 2014 06:34:47 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.19-333-gbc8f194
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via bc8f194c8c29e46e8ee4034f06e46988dfff38f7 (commit)
via 1cdeb2372ddecac0dfe0c132a033e9590ffa07d2 (commit)
from 16b293a7a6f65d8ff348a603d19e8fd4372fa3a9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=bc8f194c8c29e46e8ee4034f06e46988dfff38f7
commit bc8f194c8c29e46e8ee4034f06e46988dfff38f7
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Wed Apr 30 12:00:39 2014 +0530
Initialize all of datahead structure in nscd (BZ #16791)
The datahead structure has an unused padding field that remains
uninitialized. Valgrind prints out a warning for it on querying a
netgroups entry. This is harmless, but is a potential data leak since
it would result in writing out an uninitialized byte to the cache
file. Besides, this happens only when there is a cache miss, so we're
not adding computation to any fast path.
diff --git a/ChangeLog b/ChangeLog
index 942fb80..2b0821f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2014-04-30 Siddhesh Poyarekar <siddhesh@redhat.com>
+ [BZ #16791]
+ * nscd/nscd-client.h (datahead_init_common): Initialize entire
+ structure.
+ (datahead_init_pos): Call datahead_init_common early.
+ (datahead_init_neg): Likewise.
+
* nscd/nscd-client.h (datahead_init_common, datahead_init_pos,
datahead_init_neg): New functions.
* nscd/aicache.c (addhstaiX): Use them.
diff --git a/NEWS b/NEWS
index 10d2626..953f5ee 100644
--- a/NEWS
+++ b/NEWS
@@ -15,7 +15,7 @@ Version 2.20
16632, 16634, 16639, 16642, 16648, 16649, 16670, 16674, 16677, 16680,
16683, 16689, 16695, 16701, 16706, 16707, 16712, 16713, 16714, 16731,
16739, 16740, 16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789,
- 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16854.
+ 16791, 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16854.
* Running the testsuite no longer terminates as soon as a test fails.
Instead, a file tests.sum (xtests.sum from "make xcheck") is generated,
diff --git a/nscd/nscd-client.h b/nscd/nscd-client.h
index c069bf6..ee16df6 100644
--- a/nscd/nscd-client.h
+++ b/nscd/nscd-client.h
@@ -240,12 +240,17 @@ static inline time_t
datahead_init_common (struct datahead *head, nscd_ssize_t allocsize,
nscd_ssize_t recsize, uint32_t ttl)
{
+ /* Initialize so that we don't write out junk in uninitialized data to the
+ cache. */
+ memset (head, 0, sizeof (*head));
+
head->allocsize = allocsize;
head->recsize = recsize;
head->usable = true;
head->ttl = ttl;
- /* Compute the timeout time. */
+
+ /* Compute and return the timeout time. */
return head->timeout = time (NULL) + ttl;
}
@@ -253,18 +258,25 @@ static inline time_t
datahead_init_pos (struct datahead *head, nscd_ssize_t allocsize,
nscd_ssize_t recsize, uint8_t nreloads, uint32_t ttl)
{
+ time_t ret = datahead_init_common (head, allocsize, recsize, ttl);
+
head->notfound = false;
head->nreloads = nreloads;
- return datahead_init_common (head, allocsize, recsize, ttl);
+
+ return ret;
}
static inline time_t
datahead_init_neg (struct datahead *head, nscd_ssize_t allocsize,
nscd_ssize_t recsize, uint32_t ttl)
{
+ time_t ret = datahead_init_common (head, allocsize, recsize, ttl);
+
+ /* We don't need to touch nreloads here since it is set to our desired value
+ (0) when we clear the structure. */
head->notfound = true;
- head->nreloads = 0;
- return datahead_init_common (head, allocsize, recsize, ttl);
+
+ return ret;
}
/* Structure for one hash table entry. */
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=1cdeb2372ddecac0dfe0c132a033e9590ffa07d2
commit 1cdeb2372ddecac0dfe0c132a033e9590ffa07d2
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Wed Apr 30 11:57:09 2014 +0530
Consolidate code to initialize nscd dataset header
This patch consolidates the code to initialize the header of a dataset
into a single set of functions (one for positive and another for
negative datasets) primarily to reduce repetition of code. The
secondary reason is to simplify Patch 2/2 which fixes the problem of
an uninitialized byte in the header by initializing an unused field in
the structure and hence preventing a possible data leak into the cache
file.
diff --git a/ChangeLog b/ChangeLog
index 7aa7bd2..942fb80 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,18 @@
2014-04-30 Siddhesh Poyarekar <siddhesh@redhat.com>
+
+ * nscd/nscd-client.h (datahead_init_common, datahead_init_pos,
+ datahead_init_neg): New functions.
+ * nscd/aicache.c (addhstaiX): Use them.
+ * nscd/grpcache.c (cache_addgr): Likewise.
+ * nscd/hstcache.c (cache_addhst): Likewise.
+ * nscd/initgrcache.c (addinitgroupsX): Likewise.
+ * nscd/netgroupcache.c (do_notfound): Likewise.
+ (addgetnetgrentX): Likewise.
+ (addinnetgrX): Likewise.
+ * nscd/pwdcache.c (cache_addpw): Likewise.
+ * nscd/servicescache.c (cache_addserv): Likewise.
+
+2014-04-30 Siddhesh Poyarekar <siddhesh@redhat.com>
Atsushi Onoe <atsushi@onoe.org>
[BZ #14308]
diff --git a/nscd/aicache.c b/nscd/aicache.c
index 98d40a1..d7966bd 100644
--- a/nscd/aicache.c
+++ b/nscd/aicache.c
@@ -383,17 +383,12 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req,
cp = family;
}
- /* Fill in the rest of the dataset. */
- dataset->head.allocsize = total + req->key_len;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- dataset->head.ttl = ttl == INT32_MAX ? db->postimeout : ttl;
- timeout = dataset->head.timeout = time (NULL) + dataset->head.ttl;
+ timeout = datahead_init_pos (&dataset->head, total + req->key_len,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ ttl == INT32_MAX ? db->postimeout : ttl);
+ /* Fill in the rest of the dataset. */
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
dataset->resp.naddrs = naddrs;
@@ -528,15 +523,9 @@ next_nip:
else if ((dataset = mempool_alloc (db, (sizeof (struct dataset)
+ req->key_len), 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = time (NULL) + db->negtimeout;
- dataset->head.ttl = db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ sizeof (struct dataset) + req->key_len,
+ total, db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index b5a33eb..df59fa7 100644
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -128,14 +128,10 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
}
else if ((dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len, 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ (sizeof (struct dataset)
+ + req->key_len), total,
+ db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
@@ -232,14 +228,10 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
dataset_temporary = true;
}
- dataset->head.allocsize = total + n;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->postimeout;
+ timeout = datahead_init_pos (&dataset->head, total + n,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ db->postimeout);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
diff --git a/nscd/hstcache.c b/nscd/hstcache.c
index a79b67a..d4f1ad2 100644
--- a/nscd/hstcache.c
+++ b/nscd/hstcache.c
@@ -152,15 +152,11 @@ cache_addhst (struct database_dyn *db, int fd, request_header *req,
else if ((dataset = mempool_alloc (db, (sizeof (struct dataset)
+ req->key_len), 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- dataset->head.ttl = ttl == INT32_MAX ? db->negtimeout : ttl;
- timeout = dataset->head.timeout = t + dataset->head.ttl;
+ timeout = datahead_init_neg (&dataset->head,
+ (sizeof (struct dataset)
+ + req->key_len), total,
+ (ttl == INT32_MAX
+ ? db->negtimeout : ttl));
/* This is the reply. */
memcpy (&dataset->resp, resp, total);
@@ -257,15 +253,10 @@ cache_addhst (struct database_dyn *db, int fd, request_header *req,
alloca_used = true;
}
- dataset->head.allocsize = total + req->key_len;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- dataset->head.ttl = ttl == INT32_MAX ? db->postimeout : ttl;
- timeout = dataset->head.timeout = t + dataset->head.ttl;
+ timeout = datahead_init_pos (&dataset->head, total + req->key_len,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ ttl == INT32_MAX ? db->postimeout : ttl);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
diff --git a/nscd/initgrcache.c b/nscd/initgrcache.c
index 1bf9f0d..361319f 100644
--- a/nscd/initgrcache.c
+++ b/nscd/initgrcache.c
@@ -213,14 +213,10 @@ addinitgroupsX (struct database_dyn *db, int fd, request_header *req,
else if ((dataset = mempool_alloc (db, (sizeof (struct dataset)
+ req->key_len), 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = time (NULL) + db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ (sizeof (struct dataset)
+ + req->key_len), total,
+ db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
@@ -276,14 +272,10 @@ addinitgroupsX (struct database_dyn *db, int fd, request_header *req,
alloca_used = true;
}
- dataset->head.allocsize = total + req->key_len;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = time (NULL) + db->postimeout;
+ timeout = datahead_init_pos (&dataset->head, total + req->key_len,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ db->postimeout);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index 820d823..b3d40e9 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -90,15 +90,9 @@ do_notfound (struct database_dyn *db, int fd, request_header *req,
/* If we cannot permanently store the result, so be it. */
if (dataset != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = time (NULL) + db->negtimeout;
- dataset->head.ttl = db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ sizeof (struct dataset) + req->key_len,
+ total, db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
@@ -359,13 +353,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
/* Fill in the dataset. */
dataset = (struct dataset *) buffer;
- dataset->head.allocsize = total + req->key_len;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
- dataset->head.ttl = db->postimeout;
- timeout = dataset->head.timeout = time (NULL) + dataset->head.ttl;
+ timeout = datahead_init_pos (&dataset->head, total + req->key_len,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ db->postimeout);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
@@ -541,12 +532,12 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
dataset = &dataset_mem;
}
- dataset->head.allocsize = sizeof (*dataset) + req->key_len;
- dataset->head.recsize = sizeof (innetgroup_response_header);
+ datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,
+ sizeof (innetgroup_response_header),
+ he == NULL ? 0 : dh->nreloads + 1, result->head.ttl);
+ /* Set the notfound status and timeout based on the result from
+ getnetgrent. */
dataset->head.notfound = result->head.notfound;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
- dataset->head.ttl = result->head.ttl;
dataset->head.timeout = timeout;
dataset->resp.version = NSCD_VERSION;
diff --git a/nscd/nscd-client.h b/nscd/nscd-client.h
index 98f77e7..c069bf6 100644
--- a/nscd/nscd-client.h
+++ b/nscd/nscd-client.h
@@ -236,6 +236,36 @@ struct datahead
} data[0];
};
+static inline time_t
+datahead_init_common (struct datahead *head, nscd_ssize_t allocsize,
+ nscd_ssize_t recsize, uint32_t ttl)
+{
+ head->allocsize = allocsize;
+ head->recsize = recsize;
+ head->usable = true;
+
+ head->ttl = ttl;
+ /* Compute the timeout time. */
+ return head->timeout = time (NULL) + ttl;
+}
+
+static inline time_t
+datahead_init_pos (struct datahead *head, nscd_ssize_t allocsize,
+ nscd_ssize_t recsize, uint8_t nreloads, uint32_t ttl)
+{
+ head->notfound = false;
+ head->nreloads = nreloads;
+ return datahead_init_common (head, allocsize, recsize, ttl);
+}
+
+static inline time_t
+datahead_init_neg (struct datahead *head, nscd_ssize_t allocsize,
+ nscd_ssize_t recsize, uint32_t ttl)
+{
+ head->notfound = true;
+ head->nreloads = 0;
+ return datahead_init_common (head, allocsize, recsize, ttl);
+}
/* Structure for one hash table entry. */
struct hashentry
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index fa355c3..41c245b 100644
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -135,14 +135,10 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
else if ((dataset = mempool_alloc (db, (sizeof (struct dataset)
+ req->key_len), 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ (sizeof (struct dataset)
+ + req->key_len), total,
+ db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
@@ -215,14 +211,10 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
alloca_used = true;
}
- dataset->head.allocsize = total + n;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->postimeout;
+ timeout = datahead_init_pos (&dataset->head, total + n,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ db->postimeout);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
diff --git a/nscd/servicescache.c b/nscd/servicescache.c
index 12ce9b2..95bdcfe 100644
--- a/nscd/servicescache.c
+++ b/nscd/servicescache.c
@@ -120,14 +120,10 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
else if ((dataset = mempool_alloc (db, (sizeof (struct dataset)
+ req->key_len), 1)) != NULL)
{
- dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
- dataset->head.recsize = total;
- dataset->head.notfound = true;
- dataset->head.nreloads = 0;
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->negtimeout;
+ timeout = datahead_init_neg (&dataset->head,
+ (sizeof (struct dataset)
+ + req->key_len), total,
+ db->negtimeout);
/* This is the reply. */
memcpy (&dataset->resp, ¬found, total);
@@ -207,14 +203,10 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
alloca_used = true;
}
- dataset->head.allocsize = total + req->key_len;
- dataset->head.recsize = total - offsetof (struct dataset, resp);
- dataset->head.notfound = false;
- dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
- dataset->head.usable = true;
-
- /* Compute the timeout time. */
- timeout = dataset->head.timeout = t + db->postimeout;
+ timeout = datahead_init_pos (&dataset->head, total + req->key_len,
+ total - offsetof (struct dataset, resp),
+ he == NULL ? 0 : dh->nreloads + 1,
+ db->postimeout);
dataset->resp.version = NSCD_VERSION;
dataset->resp.found = 1;
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 20 ++++++++++++++++++++
NEWS | 2 +-
nscd/aicache.c | 27 ++++++++-------------------
nscd/grpcache.c | 24 ++++++++----------------
nscd/hstcache.c | 27 +++++++++------------------
nscd/initgrcache.c | 24 ++++++++----------------
nscd/netgroupcache.c | 33 ++++++++++++---------------------
nscd/nscd-client.h | 42 ++++++++++++++++++++++++++++++++++++++++++
nscd/pwdcache.c | 24 ++++++++----------------
nscd/servicescache.c | 24 ++++++++----------------
10 files changed, 124 insertions(+), 123 deletions(-)
hooks/post-receive
--
GNU C Library master sources