nscd_getgr_r.c source code [glibc/nscd/nscd_getgr_r.c]

1	/ Copyright (C) 1998-2024 Free Software Foundation, Inc.*
2	This file is part of the GNU C Library.
3
4	The GNU C Library is free software; you can redistribute it and/or
5	modify it under the terms of the GNU Lesser General Public
6	License as published by the Free Software Foundation; either
7	version 2.1 of the License, or (at your option) any later version.
8
9	The GNU C Library is distributed in the hope that it will be useful,
10	but WITHOUT ANY WARRANTY; without even the implied warranty of
11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12	Lesser General Public License for more details.
13
14	You should have received a copy of the GNU Lesser General Public
15	License along with the GNU C Library; if not, see
16	<https://www.gnu.org/licenses/>. /*
17
18	#include <alloca.h>
19	#include <assert.h>
20	#include <errno.h>
21	#include <grp.h>
22	#include <stdint.h>
23	#include <stdio.h>
24	#include <stdlib.h>
25	#include <string.h>
26	#include <unistd.h>
27	#include <sys/mman.h>
28	#include <sys/socket.h>
29	#include <sys/uio.h>
30	#include <sys/un.h>
31	#include <not-cancel.h>
32	#include <_itoa.h>
33	#include <scratch_buffer.h>
34
35	#include "nscd-client.h"
36	#include "nscd_proto.h"
37
38	int __nss_not_use_nscd_group;
39
40	static int nscd_getgr_r (const char *key, size_t keylen, request_type type,
41	struct group resultbuf, char* *buffer,
42	size_t buflen, struct group **result);
43
44
45	int
46	__nscd_getgrnam_r (const char name, struct* group resultbuf, char* *buffer,
47	size_t buflen, struct group **result)
48	{
49	return nscd_getgr_r (key: name, keylen: strlen (name) + `1`, type: GETGRBYNAME, resultbuf,
50	buffer, buflen, result);
51	}
52
53
54	int
55	__nscd_getgrgid_r (gid_t gid, struct group resultbuf, char* *buffer,
56	size_t buflen, struct group **result)
57	{
58	char buf[`3` * sizeof (gid_t)];
59	buf[sizeof (buf) - `1`] = `'\0'`;
60	char cp = _itoa_word (value: gid, buflim: buf + sizeof* (buf) - `1`, base: `10`, upper_case: `0`);
61
62	return nscd_getgr_r (key: cp, keylen: buf + sizeof (buf) - cp, type: GETGRBYGID, resultbuf,
63	buffer, buflen, result);
64	}
65
66
67	libc_locked_map_ptr (,__gr_map_handle) attribute_hidden;
68	/ Note that we only free the structure if necessary. The memory*
69	mapping is not removed since it is not visible to the malloc
70	handling. /*
71	void
72	__nscd_gr_map_freemem (void)
73	{
74	if (__gr_map_handle.mapped != NO_MAPPING)
75	{
76	void *p = __gr_map_handle.mapped;
77	__gr_map_handle.mapped = NO_MAPPING;
78	free (ptr: p);
79	}
80	}
81
82
83	static int
84	nscd_getgr_r (const char *key, size_t keylen, request_type type,
85	struct group resultbuf, char* *buffer, size_t buflen,
86	struct group **result)
87	{
88	int gc_cycle;
89	int nretries = `0`;
90	const uint32_t *len = NULL;
91	struct scratch_buffer lenbuf;
92	scratch_buffer_init (buffer: &lenbuf);
93
94	/ If the mapping is available, try to search there instead of*
95	communicating with the nscd. /*
96	struct mapped_database *mapped = __nscd_get_map_ref (type: GETFDGR, name: "group",
97	mapptr: &__gr_map_handle,
98	gc_cyclep: &gc_cycle);
99	retry:;
100	const char *gr_name = NULL;
101	size_t gr_name_len = `0`;
102	int retval = -`1`;
103	const char recend = (const* char *) ~UINTMAX_C (`0`);
104	gr_response_header gr_resp;
105
106	if (mapped != NO_MAPPING)
107	{
108	struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
109	datalen: sizeof gr_resp);
110	if (found != NULL)
111	{
112	len = (const uint32_t *) (&found->data[`0`].grdata + `1`);
113	gr_resp = found->data[`0`].grdata;
114	gr_name = ((const char *) len
115	+ gr_resp.gr_mem_cnt * sizeof (uint32_t));
116	gr_name_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
117	recend = (const char *) found->data + found->recsize;
118	/ Now check if we can trust gr_resp fields. If GC is*
119	in progress, it can contain anything. /*
120	if (mapped->head->gc_cycle != gc_cycle)
121	{
122	retval = -`2`;
123	goto out;
124	}
125
126	/ The alignment is always sufficient, unless GC is in progress. /
127	assert (((uintptr_t) len & (__alignof__ (*len) - `1`)) == `0`);
128	}
129	}
130
131	int sock = -`1`;
132	if (gr_name == NULL)
133	{
134	sock = __nscd_open_socket (key, keylen, type, response: &gr_resp,
135	responselen: sizeof (gr_resp));
136	if (sock == -`1`)
137	{
138	__nss_not_use_nscd_group = `1`;
139	goto out;
140	}
141	}
142
143	/ No value found so far. /
144	*result = NULL;
145
146	if (__glibc_unlikely (gr_resp.found == -`1`))
147	{
148	/ The daemon does not cache this database. /
149	__nss_not_use_nscd_group = `1`;
150	goto out_close;
151	}
152
153	if (gr_resp.found == `1`)
154	{
155	struct iovec vec[`2`];
156	char *p = buffer;
157	size_t total_len;
158	uintptr_t align;
159	nscd_ssize_t cnt;
160
161	/ Now allocate the buffer the array for the group members. We must*
162	align the pointer. /*
163	align = ((__alignof__ (char *) - ((uintptr_t) p))
164	& (__alignof__ (char *) - `1`));
165	total_len = (align + (`1` + gr_resp.gr_mem_cnt) * sizeof (char *)
166	+ gr_resp.gr_name_len + gr_resp.gr_passwd_len);
167	if (__glibc_unlikely (buflen < total_len))
168	{
169	no_room:
170	__set_errno (ERANGE);
171	retval = ERANGE;
172	goto out_close;
173	}
174	buflen -= total_len;
175
176	p += align;
177	resultbuf->gr_mem = (char **) p;
178	p += (`1` + gr_resp.gr_mem_cnt) * sizeof (char *);
179
180	/ Set pointers for strings. /
181	resultbuf->gr_name = p;
182	p += gr_resp.gr_name_len;
183	resultbuf->gr_passwd = p;
184	p += gr_resp.gr_passwd_len;
185
186	/ Fill in what we know now. /
187	resultbuf->gr_gid = gr_resp.gr_gid;
188
189	/ Read the length information, group name, and password. /
190	if (gr_name == NULL)
191	{
192	/ Handle a simple, usual case: no group members. /
193	if (__glibc_likely (gr_resp.gr_mem_cnt == `0`))
194	{
195	size_t n = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
196	if (__builtin_expect (__readall (fd: sock, buf: resultbuf->gr_name, len: n)
197	!= (ssize_t) n, `0`))
198	goto out_close;
199	}
200	else
201	{
202	/ Allocate array to store lengths. /
203	if (!scratch_buffer_set_array_size
204	(buffer: &lenbuf, nelem: gr_resp.gr_mem_cnt, size: sizeof (uint32_t)))
205	goto out_close;
206	len = lenbuf.data;
207
208	vec[`0`].iov_base = (void *) len;
209	vec[`0`].iov_len = gr_resp.gr_mem_cnt * sizeof (uint32_t);
210	vec[`1`].iov_base = resultbuf->gr_name;
211	vec[`1`].iov_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
212	total_len = vec[`0`].iov_len + vec[`1`].iov_len;
213
214	/ Get this data. /
215	size_t n = __readvall (fd: sock, iov: vec, iovcnt: `2`);
216	if (__glibc_unlikely (n != total_len))
217	goto out_close;
218	}
219	}
220	else
221	/ We already have the data. Just copy the group name and*
222	password. /*
223	memcpy (resultbuf->gr_name, gr_name,
224	gr_resp.gr_name_len + gr_resp.gr_passwd_len);
225
226	/ Clear the terminating entry. /
227	resultbuf->gr_mem[gr_resp.gr_mem_cnt] = NULL;
228
229	/ Prepare reading the group members. /
230	total_len = `0`;
231	for (cnt = `0`; cnt < gr_resp.gr_mem_cnt; ++cnt)
232	{
233	resultbuf->gr_mem[cnt] = p;
234	total_len += len[cnt];
235	p += len[cnt];
236	}
237
238	if (__glibc_unlikely (gr_name + gr_name_len + total_len > recend))
239	{
240	/ len array might contain garbage during nscd GC cycle,*
241	retry rather than fail in that case. /*
242	if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
243	retval = -`2`;
244	goto out_close;
245	}
246	if (__glibc_unlikely (total_len > buflen))
247	{
248	/ len array might contain garbage during nscd GC cycle,*
249	retry rather than fail in that case. /*
250	if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
251	{
252	retval = -`2`;
253	goto out_close;
254	}
255	else
256	goto no_room;
257	}
258
259	retval = `0`;
260
261	/ If there are no group members TOTAL_LEN is zero. /
262	if (gr_name == NULL)
263	{
264	if (total_len > `0`
265	&& __builtin_expect (__readall (fd: sock, buf: resultbuf->gr_mem[`0`],
266	len: total_len) != total_len, `0`))
267	{
268	/ The `errno' to some value != ERANGE. /
269	__set_errno (ENOENT);
270	retval = ENOENT;
271	}
272	else
273	*result = resultbuf;
274	}
275	else
276	{
277	/ Copy the group member names. /
278	memcpy (resultbuf->gr_mem[`0`], gr_name + gr_name_len, total_len);
279
280	/ Try to detect corrupt databases. /
281	if (resultbuf->gr_name[gr_name_len - `1`] != `'\0'`
282	\|\| resultbuf->gr_passwd[gr_resp.gr_passwd_len - `1`] != `'\0'`
283	\|\| ({for (cnt = `0`; cnt < gr_resp.gr_mem_cnt; ++cnt)
284	if (resultbuf->gr_mem[cnt][len[cnt] - `1`] != `'\0'`)
285	break;
286	cnt < gr_resp.gr_mem_cnt; }))
287	{
288	/ We cannot use the database. /
289	retval = mapped->head->gc_cycle != gc_cycle ? -`2` : -`1`;
290	goto out_close;
291	}
292
293	*result = resultbuf;
294	}
295	}
296	else
297	{
298	/ Set errno to 0 to indicate no error, just no found record. /
299	__set_errno (`0`);
300	/ Even though we have not found anything, the result is zero. /
301	retval = `0`;
302	}
303
304	out_close:
305	if (sock != -`1`)
306	__close_nocancel_nostatus (fd: sock);
307	out:
308	if (__nscd_drop_map_ref (map: mapped, gc_cycle: &gc_cycle) != `0`)
309	{
310	/ When we come here this means there has been a GC cycle while we*
311	were looking for the data. This means the data might have been
312	inconsistent. Retry if possible. /*
313	if ((gc_cycle & `1`) != `0` \|\| ++nretries == `5` \|\| retval == -`1`)
314	{
315	/ nscd is just running gc now. Disable using the mapping. /
316	if (atomic_fetch_add_relaxed (&mapped->counter, -`1`) == `1`)
317	__nscd_unmap (mapped);
318	mapped = NO_MAPPING;
319	}
320
321	if (retval != -`1`)
322	goto retry;
323	}
324
325	scratch_buffer_free (buffer: &lenbuf);
326
327	return retval;
328	}
329

source code of glibc/nscd/nscd_getgr_r.c