nsswitch: handle missing actions properly

Temporary fix for https://bugzilla.redhat.com/show_bug.cgi?id=1906066
This commit is contained in:
DJ Delorie 2020-12-10 01:29:30 -05:00
parent e7821ea716
commit ff63fb2e4b
2 changed files with 66 additions and 1 deletions

59
glibc-rh1906066.patch Normal file
View File

@ -0,0 +1,59 @@
From d74a39158ab4aafa8af874e996bf5ddbde593bc0 Mon Sep 17 00:00:00 2001
From: DJ Delorie <dj@redhat.com>
Date: Wed, 9 Dec 2020 21:46:30 -0500
Subject: nsswitch: handle missing actions properly
Some internal functions need to know if a database has a nonzero
list of actions; success getting the database does not guarantee
that. Add checks for such as needed.
Skip the ":" in each nsswitch.conf line so as not to add a dummy
action libnss_:.so
diff --git a/grp/initgroups.c b/grp/initgroups.c
index a60ca1c395..a0a836d862 100644
--- a/grp/initgroups.c
+++ b/grp/initgroups.c
@@ -72,11 +72,13 @@ internal_getgrouplist (const char *user, gid_t group, long int *size,
nss_action_list nip;
- if (__nss_database_get (nss_database_initgroups, &nip))
+ if (__nss_database_get (nss_database_initgroups, &nip)
+ && nip != NULL)
{
use_initgroups_entry = true;
}
- else if (__nss_database_get (nss_database_group, &nip))
+ else if (__nss_database_get (nss_database_group, &nip)
+ && nip != NULL)
{
use_initgroups_entry = false;
}
diff --git a/nss/nss_database.c b/nss/nss_database.c
index e8c307d1f3..a036e95fbf 100644
--- a/nss/nss_database.c
+++ b/nss/nss_database.c
@@ -212,7 +212,8 @@ process_line (struct nss_database_data *data, char *line)
if (line[0] == '\0' || name == line)
/* Syntax error. Skip this line. */
return true;
- *line++ = '\0';
+ while (line[0] != '\0' && (isspace (line[0]) || line[0] == ':'))
+ *line++ = '\0';
int db = name_to_database_index (name);
if (db < 0)
diff --git a/nss/nsswitch.c b/nss/nsswitch.c
index 40109c744d..921062e04f 100644
--- a/nss/nsswitch.c
+++ b/nss/nsswitch.c
@@ -81,7 +81,7 @@ __nss_database_lookup2 (const char *database, const char *alternate_name,
if (database_names[database_id] == NULL)
return -1;
- if (__nss_database_get (database_id, ni))
+ if (__nss_database_get (database_id, ni) && *ni)
{
/* Success. */
return 0;

View File

@ -100,7 +100,7 @@
Summary: The GNU libc libraries Summary: The GNU libc libraries
Name: glibc Name: glibc
Version: %{glibcversion} Version: %{glibcversion}
Release: 19%{?dist} Release: 20%{?dist}
# In general, GPLv2+ is used by programs, LGPLv2+ is used for # In general, GPLv2+ is used by programs, LGPLv2+ is used for
# libraries. # libraries.
@ -162,6 +162,9 @@ Patch29: glibc-fedora-nsswitch.patch
Patch30: glibc-deprecated-selinux-makedb.patch Patch30: glibc-deprecated-selinux-makedb.patch
Patch31: glibc-deprecated-selinux-nscd.patch Patch31: glibc-deprecated-selinux-nscd.patch
# Temporary until official patch is committed upstream
Patch99: glibc-rh1906066.patch
############################################################################## ##############################################################################
# Continued list of core "glibc" package information: # Continued list of core "glibc" package information:
############################################################################## ##############################################################################
@ -2258,6 +2261,9 @@ fi
%files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared
%changelog %changelog
* Wed Dec 09 2020 DJ Delorie <dj@redhat.com> - 2.32.9000-20
- nsswitch: handle missing actions properly (temporary fix for 1906066)
* Mon Dec 07 2020 Arjun Shankar <arjun@redhat.com> - 2.32.9000-19 * Mon Dec 07 2020 Arjun Shankar <arjun@redhat.com> - 2.32.9000-19
- Auto-sync with upstream branch master, - Auto-sync with upstream branch master,
commit 088e9625378f25607acff3daf7a79cbdee497043: commit 088e9625378f25607acff3daf7a79cbdee497043: