|
Message-Id: <20210901182727.10090-1-ericonr@disroot.org> Date: Wed, 1 Sep 2021 15:27:27 -0300 From: Érico Nogueira <ericonr@...root.org> To: musl@...ts.openwall.com Cc: Érico Nogueira <ericonr@...root.org> Subject: [PATCH v2] fix nscd querying when the daemon is disabled for some query types for example, glibc's nscd, configured with `enable-cache passwd no`, will still answer passwd queries, but with a message that simply indicates it's disabled passwd querying. this is done by setting the passwdbuf[PWFOUND] field to -1, which we used to evaluate as "true" for the entry having been found, and then errored out when the rest of the query response had the length fields set to 0 instead of 1 (which is what we expect from empty fields, since they should contain an empty string). this is the case for group and initgroups queries as well. from our point of view, buf[xxFOUND] being -1 can be treated the same as if it was 0: a -1 response is equivalent to no nscd daemon running at all, and we treat daemon unavailability the same as the daemon not knowing about our query. to simplify the code, we discard any answers with negative buf[xxFOUND]. --- src/passwd/getgr_a.c | 2 +- src/passwd/getgrouplist.c | 2 +- src/passwd/getpw_a.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/passwd/getgr_a.c b/src/passwd/getgr_a.c index afeb1ece..dbb9a4a1 100644 --- a/src/passwd/getgr_a.c +++ b/src/passwd/getgr_a.c @@ -64,7 +64,7 @@ int __getgr_a(const char *name, gid_t gid, struct group *gr, char **buf, size_t f = __nscd_query(req, key, groupbuf, sizeof groupbuf, &swap); if (!f) { rv = errno; goto done; } - if (!groupbuf[GRFOUND]) { rv = 0; goto cleanup_f; } + if (groupbuf[GRFOUND] <= 0) { rv = 0; goto cleanup_f; } if (!groupbuf[GRNAMELEN] || !groupbuf[GRPASSWDLEN]) { rv = EIO; diff --git a/src/passwd/getgrouplist.c b/src/passwd/getgrouplist.c index 301824ce..91e29612 100644 --- a/src/passwd/getgrouplist.c +++ b/src/passwd/getgrouplist.c @@ -28,7 +28,7 @@ int getgrouplist(const char *user, gid_t gid, gid_t *groups, int *ngroups) f = __nscd_query(GETINITGR, user, resp, sizeof resp, &swap); if (!f) goto cleanup; - if (resp[INITGRFOUND]) { + if (resp[INITGRFOUND] > 0) { nscdbuf = calloc(resp[INITGRNGRPS], sizeof(uint32_t)); if (!nscdbuf) goto cleanup; size_t nbytes = sizeof(*nscdbuf)*resp[INITGRNGRPS]; diff --git a/src/passwd/getpw_a.c b/src/passwd/getpw_a.c index 15a70c03..2479f7d2 100644 --- a/src/passwd/getpw_a.c +++ b/src/passwd/getpw_a.c @@ -65,7 +65,7 @@ int __getpw_a(const char *name, uid_t uid, struct passwd *pw, char **buf, size_t f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){0}); if (!f) { rv = errno; goto done; } - if(!passwdbuf[PWFOUND]) { rv = 0; goto cleanup_f; } + if(passwdbuf[PWFOUND] <= 0) { rv = 0; goto cleanup_f; } /* A zero length response from nscd is invalid. We ignore * invalid responses and just report an error, rather than -- 2.33.0
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.