From: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Thu, 2 Jan 2014 04:33:12 +0000 (+0530)
Subject: Fix infinite loop in nscd when netgroup is empty (bz #16365)
X-Git-Tag: glibc-2.19~175
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d41242129ba693cdbc8db85b846fcaccf9f0b7c4;p=thirdparty%2Fglibc.git

Fix infinite loop in nscd when netgroup is empty (bz #16365)

Currently, when a user looks up a netgroup that does not have any
members, nscd goes into an infinite loop trying to find members in the
group.  This is because it does not handle cases when getnetgrent
returns an NSS_STATUS_NOTFOUND (which is what it does on empty group).
Fixed to handle this in the same way as NSS_STATUS_RETURN, similar to
what getgrent does by itself.
---

diff --git a/ChangeLog b/ChangeLog
index 7f4015758c0..dd7bd669704 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-01-02  Siddhesh Poyarekar  <siddhesh@redhat.com>
+
+	[BZ # 16365]
+	* nscd/netgroupcache.c (addgetnetgrentX): Break if status is
+	NSS_STATUS_NOTFOUND.
+
 2014-01-01  Joseph Myers  <joseph@codesourcery.com>
 
 	* sysdeps/i386/fpu/libm-test-ulps: Regenerated.
diff --git a/NEWS b/NEWS
index 94bcd3aaf01..869d3b9096c 100644
--- a/NEWS
+++ b/NEWS
@@ -23,7 +23,7 @@ Version 2.19
   16038, 16041, 16055, 16071, 16072, 16074, 16077, 16078, 16103, 16112,
   16143, 16144, 16146, 16150, 16151, 16153, 16167, 16172, 16195, 16214,
   16245, 16271, 16274, 16283, 16289, 16293, 16314, 16316, 16330, 16337,
-  16338, 16356, 16369, 16372, 16375, 16379.
+  16338, 16356, 16365, 16369, 16372, 16375, 16379.
 
 * Slovenian translations for glibc messages have been contributed by the
   Translation Project's Slovenian team of translators.
diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index baebdd7e4e1..50936ee7eb5 100644
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -180,9 +180,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
 		    int e;
 		    status = getfct.f (&data, buffer + buffilled,
 				       buflen - buffilled, &e);
-		    if (status == NSS_STATUS_RETURN)
-		      /* This was the last one for this group.  Look
-			 at next group if available.  */
+		    if (status == NSS_STATUS_RETURN
+			|| status == NSS_STATUS_NOTFOUND)
+		      /* This was either the last one for this group or the
+			 group was empty.  Look at next group if available.  */
 		      break;
 		    if (status == NSS_STATUS_SUCCESS)
 		      {