Patchwork [bz,22342] patch: fix netgroup cache keys

login
register
mail settings
Submitter DJ Delorie
Date March 1, 2018, 10:11 p.m.
Message ID <xnh8pzsayx.fsf@greed.delorie.com>
Download mbox | patch
Permalink /patch/26145/
State New
Headers show

Comments

DJ Delorie - March 1, 2018, 10:11 p.m.
Functionality tested on RHEL 7.  Regression tested on Fedora 26.

	[BZ #22342]
	* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
	key value.
Carlos O'Donell - March 1, 2018, 11:12 p.m.
On 03/01/2018 02:11 PM, DJ Delorie wrote:
> Functionality tested on RHEL 7.  Regression tested on Fedora 26.
> 
> 	[BZ #22342]
> 	* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
> 	key value.
> 
> diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
> index b832c9315f..2f187b208c 100644
> --- a/nscd/netgroupcache.c
> +++ b/nscd/netgroupcache.c
> @@ -480,7 +480,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
>  {
>    const char *group = key;
>    key = (char *) rawmemchr (key, '\0') + 1;
> -  size_t group_len = key - group - 1;
> +  size_t group_len = key - group;
>    const char *host = *key++ ? key : NULL;
>    if (host != NULL)
>      key = (char *) rawmemchr (key, '\0') + 1;
> 

Why is this correct?

A good submission includes a justification that the
fix is logically what is required.

We do not want to paper over a problem just by testing
that a given change makes things better.

Do we understand what the problem is?

The bug report appears to make the claim that there are
two paths in the code, one which adds to the cache with
the null included in the length, and another which doesn't,
which obviously results in a cache miss.

Is that the final case we are fixing here? Can you describe
this a bit more for the commit message?

Please post a v2 with the commit message you intend to use
please.

Patch

diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index b832c9315f..2f187b208c 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -480,7 +480,7 @@  addinnetgrX (struct database_dyn *db, int fd, request_header *req,
 {
   const char *group = key;
   key = (char *) rawmemchr (key, '\0') + 1;
-  size_t group_len = key - group - 1;
+  size_t group_len = key - group;
   const char *host = *key++ ? key : NULL;
   if (host != NULL)
     key = (char *) rawmemchr (key, '\0') + 1;