nscd_getgr_r.c source code [glibc/nscd/nscd_getgr_r.c]

1	/ Copyright (C) 1998-2022 Free Software Foundation, Inc.*
2	This file is part of the GNU C Library.
3
4	The GNU C Library is free software; you can redistribute it and/or
5	modify it under the terms of the GNU Lesser General Public
6	License as published by the Free Software Foundation; either
7	version 2.1 of the License, or (at your option) any later version.
8
9	The GNU C Library is distributed in the hope that it will be useful,
10	but WITHOUT ANY WARRANTY; without even the implied warranty of
11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12	Lesser General Public License for more details.
13
14	You should have received a copy of the GNU Lesser General Public
15	License along with the GNU C Library; if not, see
16	<https://www.gnu.org/licenses/>. /*
17
18	#include <alloca.h>
19	#include <assert.h>
20	#include <errno.h>
21	#include <grp.h>
22	#include <stdint.h>
23	#include <stdio.h>
24	#include <stdlib.h>
25	#include <string.h>
26	#include <unistd.h>
27	#include <sys/mman.h>
28	#include <sys/socket.h>
29	#include <sys/uio.h>
30	#include <sys/un.h>
31	#include <not-cancel.h>
32	#include <_itoa.h>
33	#include <scratch_buffer.h>
34
35	#include "nscd-client.h"
36	#include "nscd_proto.h"
37
38	int __nss_not_use_nscd_group;
39
40	static int nscd_getgr_r (const char *key, size_t keylen, request_type type,
41	struct group resultbuf, char* *buffer,
42	size_t buflen, struct group **result);
43
44
45	int
46	__nscd_getgrnam_r (const char name, struct* group resultbuf, char* *buffer,
47	size_t buflen, struct group **result)
48	{
49	return nscd_getgr_r (key: name, keylen: strlen (name) + `1`, type: GETGRBYNAME, resultbuf,
50	buffer, buflen, result);
51	}
52
53
54	int
55	__nscd_getgrgid_r (gid_t gid, struct group resultbuf, char* *buffer,
56	size_t buflen, struct group **result)
57	{
58	char buf[`3` * sizeof (gid_t)];
59	buf[sizeof (buf) - `1`] = `'\0'`;
60	char cp = _itoa_word (value: gid, buflim: buf + sizeof* (buf) - `1`, base: `10`, upper_case: `0`);
61
62	return nscd_getgr_r (key: cp, keylen: buf + sizeof (buf) - cp, type: GETGRBYGID, resultbuf,
63	buffer, buflen, result);
64	}
65
66
67	libc_locked_map_ptr (,__gr_map_handle) attribute_hidden;
68	/ Note that we only free the structure if necessary. The memory*
69	mapping is not removed since it is not visible to the malloc
70	handling. /*
71	libc_freeres_fn (gr_map_free)
72	{
73	if (__gr_map_handle.mapped != NO_MAPPING)
74	{
75	void *p = __gr_map_handle.mapped;
76	__gr_map_handle.mapped = NO_MAPPING;
77	free (ptr: p);
78	}
79	}
80
81
82	static int
83	nscd_getgr_r (const char *key, size_t keylen, request_type type,
84	struct group resultbuf, char* *buffer, size_t buflen,
85	struct group **result)
86	{
87	int gc_cycle;
88	int nretries = `0`;
89	const uint32_t *len = NULL;
90	struct scratch_buffer lenbuf;
91	scratch_buffer_init (buffer: &lenbuf);
92
93	/ If the mapping is available, try to search there instead of*
94	communicating with the nscd. /*
95	struct mapped_database *mapped = __nscd_get_map_ref (type: GETFDGR, name: "group",
96	mapptr: &__gr_map_handle,
97	gc_cyclep: &gc_cycle);
98	retry:;
99	const char *gr_name = NULL;
100	size_t gr_name_len = `0`;
101	int retval = -`1`;
102	const char recend = (const* char *) ~UINTMAX_C (`0`);
103	gr_response_header gr_resp;
104
105	if (mapped != NO_MAPPING)
106	{
107	struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
108	datalen: sizeof gr_resp);
109	if (found != NULL)
110	{
111	len = (const uint32_t *) (&found->data[`0`].grdata + `1`);
112	gr_resp = found->data[`0`].grdata;
113	gr_name = ((const char *) len
114	+ gr_resp.gr_mem_cnt * sizeof (uint32_t));
115	gr_name_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
116	recend = (const char *) found->data + found->recsize;
117	/ Now check if we can trust gr_resp fields. If GC is*
118	in progress, it can contain anything. /*
119	if (mapped->head->gc_cycle != gc_cycle)
120	{
121	retval = -`2`;
122	goto out;
123	}
124
125	/ The alignment is always sufficient, unless GC is in progress. /
126	assert (((uintptr_t) len & (__alignof__ (*len) - `1`)) == `0`);
127	}
128	}
129
130	int sock = -`1`;
131	if (gr_name == NULL)
132	{
133	sock = __nscd_open_socket (key, keylen, type, response: &gr_resp,
134	responselen: sizeof (gr_resp));
135	if (sock == -`1`)
136	{
137	__nss_not_use_nscd_group = `1`;
138	goto out;
139	}
140	}
141
142	/ No value found so far. /
143	*result = NULL;
144
145	if (__glibc_unlikely (gr_resp.found == -`1`))
146	{
147	/ The daemon does not cache this database. /
148	__nss_not_use_nscd_group = `1`;
149	goto out_close;
150	}
151
152	if (gr_resp.found == `1`)
153	{
154	struct iovec vec[`2`];
155	char *p = buffer;
156	size_t total_len;
157	uintptr_t align;
158	nscd_ssize_t cnt;
159
160	/ Now allocate the buffer the array for the group members. We must*
161	align the pointer. /*
162	align = ((__alignof__ (char ) - (p - ((char* *) `0`)))
163	& (__alignof__ (char *) - `1`));
164	total_len = (align + (`1` + gr_resp.gr_mem_cnt) * sizeof (char *)
165	+ gr_resp.gr_name_len + gr_resp.gr_passwd_len);
166	if (__glibc_unlikely (buflen < total_len))
167	{
168	no_room:
169	__set_errno (ERANGE);
170	retval = ERANGE;
171	goto out_close;
172	}
173	buflen -= total_len;
174
175	p += align;
176	resultbuf->gr_mem = (char **) p;
177	p += (`1` + gr_resp.gr_mem_cnt) * sizeof (char *);
178
179	/ Set pointers for strings. /
180	resultbuf->gr_name = p;
181	p += gr_resp.gr_name_len;
182	resultbuf->gr_passwd = p;
183	p += gr_resp.gr_passwd_len;
184
185	/ Fill in what we know now. /
186	resultbuf->gr_gid = gr_resp.gr_gid;
187
188	/ Read the length information, group name, and password. /
189	if (gr_name == NULL)
190	{
191	/ Handle a simple, usual case: no group members. /
192	if (__glibc_likely (gr_resp.gr_mem_cnt == `0`))
193	{
194	size_t n = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
195	if (__builtin_expect (__readall (fd: sock, buf: resultbuf->gr_name, len: n)
196	!= (ssize_t) n, `0`))
197	goto out_close;
198	}
199	else
200	{
201	/ Allocate array to store lengths. /
202	if (!scratch_buffer_set_array_size
203	(buffer: &lenbuf, nelem: gr_resp.gr_mem_cnt, size: sizeof (uint32_t)))
204	goto out_close;
205	len = lenbuf.data;
206
207	vec[`0`].iov_base = (void *) len;
208	vec[`0`].iov_len = gr_resp.gr_mem_cnt * sizeof (uint32_t);
209	vec[`1`].iov_base = resultbuf->gr_name;
210	vec[`1`].iov_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
211	total_len = vec[`0`].iov_len + vec[`1`].iov_len;
212
213	/ Get this data. /
214	size_t n = __readvall (fd: sock, iov: vec, iovcnt: `2`);
215	if (__glibc_unlikely (n != total_len))
216	goto out_close;
217	}
218	}
219	else
220	/ We already have the data. Just copy the group name and*
221	password. /*
222	memcpy (resultbuf->gr_name, gr_name,
223	gr_resp.gr_name_len + gr_resp.gr_passwd_len);
224
225	/ Clear the terminating entry. /
226	resultbuf->gr_mem[gr_resp.gr_mem_cnt] = NULL;
227
228	/ Prepare reading the group members. /
229	total_len = `0`;
230	for (cnt = `0`; cnt < gr_resp.gr_mem_cnt; ++cnt)
231	{
232	resultbuf->gr_mem[cnt] = p;
233	total_len += len[cnt];
234	p += len[cnt];
235	}
236
237	if (__glibc_unlikely (gr_name + gr_name_len + total_len > recend))
238	{
239	/ len array might contain garbage during nscd GC cycle,*
240	retry rather than fail in that case. /*
241	if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
242	retval = -`2`;
243	goto out_close;
244	}
245	if (__glibc_unlikely (total_len > buflen))
246	{
247	/ len array might contain garbage during nscd GC cycle,*
248	retry rather than fail in that case. /*
249	if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
250	{
251	retval = -`2`;
252	goto out_close;
253	}
254	else
255	goto no_room;
256	}
257
258	retval = `0`;
259
260	/ If there are no group members TOTAL_LEN is zero. /
261	if (gr_name == NULL)
262	{
263	if (total_len > `0`
264	&& __builtin_expect (__readall (fd: sock, buf: resultbuf->gr_mem[`0`],
265	len: total_len) != total_len, `0`))
266	{
267	/ The `errno' to some value != ERANGE. /
268	__set_errno (ENOENT);
269	retval = ENOENT;
270	}
271	else
272	*result = resultbuf;
273	}
274	else
275	{
276	/ Copy the group member names. /
277	memcpy (resultbuf->gr_mem[`0`], gr_name + gr_name_len, total_len);
278
279	/ Try to detect corrupt databases. /
280	if (resultbuf->gr_name[gr_name_len - `1`] != `'\0'`
281	\|\| resultbuf->gr_passwd[gr_resp.gr_passwd_len - `1`] != `'\0'`
282	\|\| ({for (cnt = `0`; cnt < gr_resp.gr_mem_cnt; ++cnt)
283	if (resultbuf->gr_mem[cnt][len[cnt] - `1`] != `'\0'`)
284	break;
285	cnt < gr_resp.gr_mem_cnt; }))
286	{
287	/ We cannot use the database. /
288	retval = mapped->head->gc_cycle != gc_cycle ? -`2` : -`1`;
289	goto out_close;
290	}
291
292	*result = resultbuf;
293	}
294	}
295	else
296	{
297	/ Set errno to 0 to indicate no error, just no found record. /
298	__set_errno (`0`);
299	/ Even though we have not found anything, the result is zero. /
300	retval = `0`;
301	}
302
303	out_close:
304	if (sock != -`1`)
305	__close_nocancel_nostatus (fd: sock);
306	out:
307	if (__nscd_drop_map_ref (map: mapped, gc_cycle: &gc_cycle) != `0`)
308	{
309	/ When we come here this means there has been a GC cycle while we*
310	were looking for the data. This means the data might have been
311	inconsistent. Retry if possible. /*
312	if ((gc_cycle & `1`) != `0` \|\| ++nretries == `5` \|\| retval == -`1`)
313	{
314	/ nscd is just running gc now. Disable using the mapping. /
315	if (atomic_decrement_val (&mapped->counter) == `0`)
316	__nscd_unmap (mapped);
317	mapped = NO_MAPPING;
318	}
319
320	if (retval != -`1`)
321	goto retry;
322	}
323
324	scratch_buffer_free (buffer: &lenbuf);
325
326	return retval;
327	}
328

source code of glibc/nscd/nscd_getgr_r.c