From: Siddhesh Poyarekar <siddhesh@redhat.com>
getnetgrent is supposed to return NULL for values that are wildcards
in the (host, user, domain) triplet. This works correctly with nscd
disabled, but with it enabled, it returns a blank ("") instead of a
NULL. This is easily seen with the output of `getent netgroup foonet`
for a netgroup foonet defined as follows in /etc/netgroup:
foonet (,foo,)
The output with nscd disabled is:
foonet ( ,foo,)
while with nscd enabled, it is:
foonet (,foo,)
The extra space with nscd disabled is due to the fact that `getent
netgroup` adds it if the return value from getnetgrent is NULL for
either host or user.
(cherry picked from commit dd3022d75e6fb8957843d6d84257a5d8457822d5)
---
ChangeLog | 4 ++++
NEWS | 6 +++---
inet/getnetgrent_r.c | 14 +++++++++++---
3 files changed, 18 insertions(+), 6 deletions(-)
@@ -4,6 +4,10 @@
* nscd/netgroupcache.c (addinnetgrX): Succeed if triplet has
blank values.
+ [BZ #16759]
+ * inet/getnetgrent_r.c (get_nonempty_val): New function.
+ (nscd_getnetgrent): Use it.
+
2015-11-24 Andreas Schwab <schwab@suse.de>
[BZ #17062]
@@ -9,9 +9,9 @@ Version 2.19.1
* The following bugs are resolved with this release:
- 15946, 16545, 16574, 16623, 16657, 16695, 16743, 16758, 16878, 16882,
- 16885, 16916, 16932, 16943, 16958, 17048, 17062, 17069, 17079, 17137,
- 17153, 17213, 17263, 17269, 17325, 17555, 18007, 18032, 18287.
+ 15946, 16545, 16574, 16623, 16657, 16695, 16743, 16758, 16759, 16878,
+ 16882, 16885, 16916, 16932, 16943, 16958, 17048, 17062, 17069, 17079,
+ 17137, 17153, 17213, 17263, 17269, 17325, 17555, 18007, 18032, 18287.
* A buffer overflow in gethostbyname_r and related functions performing DNS
requests has been fixed. If the NSS functions were called with a
@@ -235,6 +235,14 @@ endnetgrent (void)
}
#ifdef USE_NSCD
+static const char *
+get_nonempty_val (const char *in)
+{
+ if (*in == '\0')
+ return NULL;
+ return in;
+}
+
static enum nss_status
nscd_getnetgrent (struct __netgrent *datap, char *buffer, size_t buflen,
int *errnop)
@@ -243,11 +251,11 @@ nscd_getnetgrent (struct __netgrent *datap, char *buffer, size_t buflen,
return NSS_STATUS_UNAVAIL;
datap->type = triple_val;
- datap->val.triple.host = datap->cursor;
+ datap->val.triple.host = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
- datap->val.triple.user = datap->cursor;
+ datap->val.triple.user = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
- datap->val.triple.domain = datap->cursor;
+ datap->val.triple.domain = get_nonempty_val (datap->cursor);
datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
return NSS_STATUS_SUCCESS;