From patchwork Thu Mar 10 16:18:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 51862 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 1D29C3858C83 for ; Thu, 10 Mar 2022 16:20:04 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 1D29C3858C83 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1646929204; bh=Bi+4vyuRBmb6Q1vw/GDb/ssQ49T5nWMeox8GvnsmZQI=; h=To:Subject:In-Reply-To:References:Date:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=arpUg1E3fyO1Y4OUHNQbwQlkNEM90LxC2fKqgJVhFg/P5qCKW5sgphmn2RMp/xVGD I0UnY+/parkrROFMgEIWO+fXHrzwhHTDmtS26SqEI1q1OsMKwNFSD7XdhtHdsGc8zo pn28xm1RGhRkC513AyTzL1wNvUU5DRuxQleSwZkM= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 4FB7B3858D39 for ; Thu, 10 Mar 2022 16:19:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 4FB7B3858D39 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-130-tEMU1qAUMQqKoiz7_bBkZQ-1; Thu, 10 Mar 2022 11:18:44 -0500 X-MC-Unique: tEMU1qAUMQqKoiz7_bBkZQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 32EA1800D55 for ; Thu, 10 Mar 2022 16:18:30 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.88]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7D42E838CF for ; Thu, 10 Mar 2022 16:18:29 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH v3 2/2] nss: Protect against errno changes in function lookup (bug 28953) In-Reply-To: <7ce5ab8833fc46897b05be07f243e10893571c2d.1646928950.git.fweimer@redhat.com> References: <7ce5ab8833fc46897b05be07f243e10893571c2d.1646928950.git.fweimer@redhat.com> X-From-Line: 8626b31117c24fbfe02e84564bd09d9297c1a4a3 Mon Sep 17 00:00:00 2001 Message-Id: <8626b31117c24fbfe02e84564bd09d9297c1a4a3.1646928950.git.fweimer@redhat.com> Date: Thu, 10 Mar 2022 17:18:27 +0100 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-11.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Florian Weimer via Libc-alpha From: Florian Weimer Reply-To: Florian Weimer Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" dlopen may clobber errno. The nss_test_errno module uses an ELF constructor to achieve that, but there could be internal errors during dlopen that cause this, too. Therefore, the NSS framework has to guard against such errno clobbers. __nss_module_get_function is currently the only function that calls __nss_module_load, so it is sufficient to save and restore errno around this call. Reviewed-by: Carlos O'Donell --- v3: Do not change errno on module load failure due to existing ambiguity. nss/Makefile | 15 ++++++++-- nss/nss_module.c | 12 +++++++- nss/nss_test_errno.c | 58 ++++++++++++++++++++++++++++++++++++++ nss/tst-nss-test_errno.c | 61 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 142 insertions(+), 4 deletions(-) create mode 100644 nss/nss_test_errno.c create mode 100644 nss/tst-nss-test_errno.c diff --git a/nss/Makefile b/nss/Makefile index 74e2c2426c..de439d4911 100644 --- a/nss/Makefile +++ b/nss/Makefile @@ -60,7 +60,8 @@ tests = test-netdb test-digits-dots tst-nss-getpwent bug17079 \ tst-nss-test1 \ tst-nss-test2 \ tst-nss-test4 \ - tst-nss-test5 + tst-nss-test5 \ + tst-nss-test_errno xtests = bug-erange tests-container = \ @@ -132,7 +133,7 @@ libnss_compat-inhibit-o = $(filter-out .os,$(object-suffixes)) ifeq ($(build-static-nss),yes) tests-static += tst-nss-static endif -extra-test-objs += nss_test1.os nss_test2.os +extra-test-objs += nss_test1.os nss_test2.os nss_test_errno.os include ../Rules @@ -166,19 +167,26 @@ rtld-tests-LDFLAGS += -Wl,--dynamic-list=nss_test.ver libof-nss_test1 = extramodules libof-nss_test2 = extramodules +libof-nss_test_errno = extramodules $(objpfx)/libnss_test1.so: $(objpfx)nss_test1.os $(link-libc-deps) $(build-module) $(objpfx)/libnss_test2.so: $(objpfx)nss_test2.os $(link-libc-deps) $(build-module) +$(objpfx)/libnss_test_errno.so: $(objpfx)nss_test_errno.os $(link-libc-deps) + $(build-module) $(objpfx)nss_test2.os : nss_test1.c # Use the nss_files suffix for these objects as well. $(objpfx)/libnss_test1.so$(libnss_files.so-version): $(objpfx)/libnss_test1.so $(make-link) $(objpfx)/libnss_test2.so$(libnss_files.so-version): $(objpfx)/libnss_test2.so $(make-link) +$(objpfx)/libnss_test_errno.so$(libnss_files.so-version): \ + $(objpfx)/libnss_test_errno.so + $(make-link) $(patsubst %,$(objpfx)%.out,$(tests) $(tests-container)) : \ $(objpfx)/libnss_test1.so$(libnss_files.so-version) \ - $(objpfx)/libnss_test2.so$(libnss_files.so-version) + $(objpfx)/libnss_test2.so$(libnss_files.so-version) \ + $(objpfx)/libnss_test_errno.so$(libnss_files.so-version) ifeq (yes,$(have-thread-library)) $(objpfx)tst-cancel-getpwuid_r: $(shared-thread-library) @@ -194,3 +202,4 @@ LDFLAGS-tst-nss-test2 = -Wl,--disable-new-dtags LDFLAGS-tst-nss-test3 = -Wl,--disable-new-dtags LDFLAGS-tst-nss-test4 = -Wl,--disable-new-dtags LDFLAGS-tst-nss-test5 = -Wl,--disable-new-dtags +LDFLAGS-tst-nss-test_errno = -Wl,--disable-new-dtags diff --git a/nss/nss_module.c b/nss/nss_module.c index f9a1263e5a..f00bbd9e1a 100644 --- a/nss/nss_module.c +++ b/nss/nss_module.c @@ -330,8 +330,18 @@ name_search (const void *left, const void *right) void * __nss_module_get_function (struct nss_module *module, const char *name) { + /* A successful dlopen might clobber errno. */ + int saved_errno = errno; + if (!__nss_module_load (module)) - return NULL; + { + /* Reporting module load failure is currently inaccurate. See + bug 22041. Not changing errno is the conservative choice. */ + __set_errno (saved_errno); + return NULL; + } + + __set_errno (saved_errno); function_name *name_entry = bsearch (name, nss_function_name_array, array_length (nss_function_name_array), diff --git a/nss/nss_test_errno.c b/nss/nss_test_errno.c new file mode 100644 index 0000000000..680f8a07b9 --- /dev/null +++ b/nss/nss_test_errno.c @@ -0,0 +1,58 @@ +/* NSS service provider with errno clobber. + Copyright (C) 2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +/* Catch misnamed and functions. */ +#pragma GCC diagnostic error "-Wmissing-prototypes" +NSS_DECLARE_MODULE_FUNCTIONS (test_errno) + +static void __attribute__ ((constructor)) +init (void) +{ + /* An arbitrary error code which is otherwise not used. */ + errno = ELIBBAD; +} + +/* Lookup functions for pwd follow that do not return any data. */ + +/* Catch misnamed function definitions. */ + +enum nss_status +_nss_test_errno_setpwent (int stayopen) +{ + setenv ("_nss_test_errno_setpwent", "yes", 1); + return NSS_STATUS_SUCCESS; +} + +enum nss_status +_nss_test_errno_getpwent_r (struct passwd *result, + char *buffer, size_t size, int *errnop) +{ + setenv ("_nss_test_errno_getpwent_r", "yes", 1); + return NSS_STATUS_NOTFOUND; +} + +enum nss_status +_nss_test_errno_endpwent (void) +{ + setenv ("_nss_test_errno_endpwent", "yes", 1); + return NSS_STATUS_SUCCESS; +} diff --git a/nss/tst-nss-test_errno.c b/nss/tst-nss-test_errno.c new file mode 100644 index 0000000000..d2c42dd363 --- /dev/null +++ b/nss/tst-nss-test_errno.c @@ -0,0 +1,61 @@ +/* getpwent failure when dlopen clobbers errno (bug 28953). + Copyright (C) 2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + __nss_configure_lookup ("passwd", "files test_errno"); + + errno = 0; + setpwent (); + TEST_COMPARE (errno, 0); + + bool root_seen = false; + while (true) + { + errno = 0; + struct passwd *e = getpwent (); + if (e == NULL) + break; + if (strcmp (e->pw_name, "root")) + root_seen = true; + } + + TEST_COMPARE (errno, 0); + TEST_VERIFY (root_seen); + + errno = 0; + endpwent (); + TEST_COMPARE (errno, 0); + + TEST_COMPARE_STRING (getenv ("_nss_test_errno_setpwent"), "yes"); + TEST_COMPARE_STRING (getenv ("_nss_test_errno_getpwent_r"), "yes"); + TEST_COMPARE_STRING (getenv ("_nss_test_errno_endpwent"), "yes"); + + return 0; +} + +#include