-/* Copyright (C) 1998, 1999, 2000, 2002, 2003 Free Software Foundation, Inc.
+/* Copyright (C) 1998-2024 Free Software Foundation, Inc.
This file is part of the GNU C Library.
- Contributed by Thorsten Kukuk <kukuk@uni-paderborn.de>, 1998.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
- License along with the GNU C Library; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- 02111-1307 USA. */
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+#include <alloca.h>
+#include <assert.h>
#include <errno.h>
#include <grp.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/uio.h>
#include <sys/un.h>
+#include <not-cancel.h>
+#include <_itoa.h>
+#include <scratch_buffer.h>
#include "nscd-client.h"
#include "nscd_proto.h"
static int nscd_getgr_r (const char *key, size_t keylen, request_type type,
struct group *resultbuf, char *buffer,
- size_t buflen) internal_function;
+ size_t buflen, struct group **result);
int
__nscd_getgrnam_r (const char *name, struct group *resultbuf, char *buffer,
- size_t buflen)
+ size_t buflen, struct group **result)
{
return nscd_getgr_r (name, strlen (name) + 1, GETGRBYNAME, resultbuf,
- buffer, buflen);
+ buffer, buflen, result);
}
int
__nscd_getgrgid_r (gid_t gid, struct group *resultbuf, char *buffer,
- size_t buflen)
+ size_t buflen, struct group **result)
{
- char buf[12];
- size_t n;
+ char buf[3 * sizeof (gid_t)];
+ buf[sizeof (buf) - 1] = '\0';
+ char *cp = _itoa_word (gid, buf + sizeof (buf) - 1, 10, 0);
+
+ return nscd_getgr_r (cp, buf + sizeof (buf) - cp, GETGRBYGID, resultbuf,
+ buffer, buflen, result);
+}
- n = __snprintf (buf, sizeof (buf), "%d", gid) + 1;
- return nscd_getgr_r (buf, n, GETGRBYGID, resultbuf, buffer, buflen);
+libc_locked_map_ptr (,__gr_map_handle) attribute_hidden;
+/* Note that we only free the structure if necessary. The memory
+ mapping is not removed since it is not visible to the malloc
+ handling. */
+void
+__nscd_gr_map_freemem (void)
+{
+ if (__gr_map_handle.mapped != NO_MAPPING)
+ {
+ void *p = __gr_map_handle.mapped;
+ __gr_map_handle.mapped = NO_MAPPING;
+ free (p);
+ }
}
static int
-internal_function
nscd_getgr_r (const char *key, size_t keylen, request_type type,
- struct group *resultbuf, char *buffer, size_t buflen)
+ struct group *resultbuf, char *buffer, size_t buflen,
+ struct group **result)
{
- int sock = __nscd_open_socket ();
- request_header req;
+ int gc_cycle;
+ int nretries = 0;
+ const uint32_t *len = NULL;
+ struct scratch_buffer lenbuf;
+ scratch_buffer_init (&lenbuf);
+
+ /* If the mapping is available, try to search there instead of
+ communicating with the nscd. */
+ struct mapped_database *mapped = __nscd_get_map_ref (GETFDGR, "group",
+ &__gr_map_handle,
+ &gc_cycle);
+ retry:;
+ const char *gr_name = NULL;
+ size_t gr_name_len = 0;
+ int retval = -1;
+ const char *recend = (const char *) ~UINTMAX_C (0);
gr_response_header gr_resp;
- ssize_t nbytes;
- struct iovec vec[2];
- int result = -1;
- if (sock == -1)
+ if (mapped != NO_MAPPING)
{
- __nss_not_use_nscd_group = 1;
- return -1;
+ struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
+ sizeof gr_resp);
+ if (found != NULL)
+ {
+ len = (const uint32_t *) (&found->data[0].grdata + 1);
+ gr_resp = found->data[0].grdata;
+ gr_name = ((const char *) len
+ + gr_resp.gr_mem_cnt * sizeof (uint32_t));
+ gr_name_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
+ recend = (const char *) found->data + found->recsize;
+ /* Now check if we can trust gr_resp fields. If GC is
+ in progress, it can contain anything. */
+ if (mapped->head->gc_cycle != gc_cycle)
+ {
+ retval = -2;
+ goto out;
+ }
+
+ /* The alignment is always sufficient, unless GC is in progress. */
+ assert (((uintptr_t) len & (__alignof__ (*len) - 1)) == 0);
+ }
}
- req.version = NSCD_VERSION;
- req.type = type;
- req.key_len = keylen;
-
- vec[0].iov_base = &req;
- vec[0].iov_len = sizeof (request_header);
- vec[1].iov_base = (void *) key;
- vec[1].iov_len = keylen;
-
- nbytes = TEMP_FAILURE_RETRY (__writev (sock, vec, 2));
- if (nbytes != (ssize_t) (sizeof (request_header) + keylen))
- goto out;
+ int sock = -1;
+ if (gr_name == NULL)
+ {
+ sock = __nscd_open_socket (key, keylen, type, &gr_resp,
+ sizeof (gr_resp));
+ if (sock == -1)
+ {
+ __nss_not_use_nscd_group = 1;
+ goto out;
+ }
+ }
- nbytes = TEMP_FAILURE_RETRY (__read (sock, &gr_resp,
- sizeof (gr_response_header)));
- if (nbytes != (ssize_t) sizeof (gr_response_header))
- goto out;
+ /* No value found so far. */
+ *result = NULL;
- if (gr_resp.found == -1)
+ if (__glibc_unlikely (gr_resp.found == -1))
{
/* The daemon does not cache this database. */
__nss_not_use_nscd_group = 1;
- goto out;
+ goto out_close;
}
if (gr_resp.found == 1)
{
- uint32_t *len;
+ struct iovec vec[2];
char *p = buffer;
size_t total_len;
uintptr_t align;
/* Now allocate the buffer the array for the group members. We must
align the pointer. */
- align = ((__alignof__ (char *) - (p - ((char *) 0)))
+ align = ((__alignof__ (char *) - ((uintptr_t) p))
& (__alignof__ (char *) - 1));
- total_len = align + (1 + gr_resp.gr_mem_cnt) * sizeof (char *)
- + gr_resp.gr_name_len + gr_resp.gr_passwd_len;
- if (__builtin_expect (buflen < total_len, 0))
+ total_len = (align + (1 + gr_resp.gr_mem_cnt) * sizeof (char *)
+ + gr_resp.gr_name_len + gr_resp.gr_passwd_len);
+ if (__glibc_unlikely (buflen < total_len))
{
no_room:
__set_errno (ERANGE);
- result = ERANGE;
- goto out;
+ retval = ERANGE;
+ goto out_close;
}
buflen -= total_len;
/* Fill in what we know now. */
resultbuf->gr_gid = gr_resp.gr_gid;
- /* Allocate array to store lengths. */
- len = (uint32_t *) alloca (gr_resp.gr_mem_cnt * sizeof (uint32_t));
-
- total_len = gr_resp.gr_mem_cnt * sizeof (uint32_t);
- vec[0].iov_base = len;
- vec[0].iov_len = total_len;
- vec[1].iov_base = resultbuf->gr_name;
- vec[1].iov_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
- total_len += gr_resp.gr_name_len + gr_resp.gr_passwd_len;
-
- /* Get this data. */
- size_t n = TEMP_FAILURE_RETRY (__readv (sock, vec, 2));
- if (__builtin_expect (n != total_len, 0))
- goto out;
+ /* Read the length information, group name, and password. */
+ if (gr_name == NULL)
+ {
+ /* Handle a simple, usual case: no group members. */
+ if (__glibc_likely (gr_resp.gr_mem_cnt == 0))
+ {
+ size_t n = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
+ if (__builtin_expect (__readall (sock, resultbuf->gr_name, n)
+ != (ssize_t) n, 0))
+ goto out_close;
+ }
+ else
+ {
+ /* Allocate array to store lengths. */
+ if (!scratch_buffer_set_array_size
+ (&lenbuf, gr_resp.gr_mem_cnt, sizeof (uint32_t)))
+ goto out_close;
+ len = lenbuf.data;
+
+ vec[0].iov_base = (void *) len;
+ vec[0].iov_len = gr_resp.gr_mem_cnt * sizeof (uint32_t);
+ vec[1].iov_base = resultbuf->gr_name;
+ vec[1].iov_len = gr_resp.gr_name_len + gr_resp.gr_passwd_len;
+ total_len = vec[0].iov_len + vec[1].iov_len;
+
+ /* Get this data. */
+ size_t n = __readvall (sock, vec, 2);
+ if (__glibc_unlikely (n != total_len))
+ goto out_close;
+ }
+ }
+ else
+ /* We already have the data. Just copy the group name and
+ password. */
+ memcpy (resultbuf->gr_name, gr_name,
+ gr_resp.gr_name_len + gr_resp.gr_passwd_len);
/* Clear the terminating entry. */
resultbuf->gr_mem[gr_resp.gr_mem_cnt] = NULL;
p += len[cnt];
}
- if (__builtin_expect (total_len > buflen, 0))
- goto no_room;
+ if (__glibc_unlikely (gr_name + gr_name_len + total_len > recend))
+ {
+ /* len array might contain garbage during nscd GC cycle,
+ retry rather than fail in that case. */
+ if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
+ retval = -2;
+ goto out_close;
+ }
+ if (__glibc_unlikely (total_len > buflen))
+ {
+ /* len array might contain garbage during nscd GC cycle,
+ retry rather than fail in that case. */
+ if (gr_name != NULL && mapped->head->gc_cycle != gc_cycle)
+ {
+ retval = -2;
+ goto out_close;
+ }
+ else
+ goto no_room;
+ }
+
+ retval = 0;
- result = 0;
- n = TEMP_FAILURE_RETRY (__read (sock, resultbuf->gr_mem[0],
- total_len));
- if (__builtin_expect (n != total_len, 0))
+ /* If there are no group members TOTAL_LEN is zero. */
+ if (gr_name == NULL)
{
- /* The `errno' to some value != ERANGE. */
- __set_errno (ENOENT);
- result = ENOENT;
+ if (total_len > 0
+ && __builtin_expect (__readall (sock, resultbuf->gr_mem[0],
+ total_len) != total_len, 0))
+ {
+ /* The `errno' to some value != ERANGE. */
+ __set_errno (ENOENT);
+ retval = ENOENT;
+ }
+ else
+ *result = resultbuf;
+ }
+ else
+ {
+ /* Copy the group member names. */
+ memcpy (resultbuf->gr_mem[0], gr_name + gr_name_len, total_len);
+
+ /* Try to detect corrupt databases. */
+ if (resultbuf->gr_name[gr_name_len - 1] != '\0'
+ || resultbuf->gr_passwd[gr_resp.gr_passwd_len - 1] != '\0'
+ || ({for (cnt = 0; cnt < gr_resp.gr_mem_cnt; ++cnt)
+ if (resultbuf->gr_mem[cnt][len[cnt] - 1] != '\0')
+ break;
+ cnt < gr_resp.gr_mem_cnt; }))
+ {
+ /* We cannot use the database. */
+ retval = mapped->head->gc_cycle != gc_cycle ? -2 : -1;
+ goto out_close;
+ }
+
+ *result = resultbuf;
}
}
else
{
- /* The `errno' to some value != ERANGE. */
- __set_errno (ENOENT);
- result = ENOENT;
+ /* Set errno to 0 to indicate no error, just no found record. */
+ __set_errno (0);
+ /* Even though we have not found anything, the result is zero. */
+ retval = 0;
}
+ out_close:
+ if (sock != -1)
+ __close_nocancel_nostatus (sock);
out:
- __close (sock);
+ if (__nscd_drop_map_ref (mapped, &gc_cycle) != 0)
+ {
+ /* When we come here this means there has been a GC cycle while we
+ were looking for the data. This means the data might have been
+ inconsistent. Retry if possible. */
+ if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1)
+ {
+ /* nscd is just running gc now. Disable using the mapping. */
+ if (atomic_fetch_add_relaxed (&mapped->counter, -1) == 1)
+ __nscd_unmap (mapped);
+ mapped = NO_MAPPING;
+ }
+
+ if (retval != -1)
+ goto retry;
+ }
+
+ scratch_buffer_free (&lenbuf);
- return result;
+ return retval;
}