diff options
author | Jakub Jelinek <jakub@redhat.com> | 2009-05-15 21:17:08 -0700 |
---|---|---|
committer | Petr Baudis <pasky@suse.cz> | 2009-05-22 04:54:50 +0200 |
commit | b9e0df9847f3460c67e27e631af8662e7906ed6b (patch) | |
tree | 2b7f681156ce2671b60a1afb60bdbcb11bd43440 /ChangeLog | |
parent | f27dc66bb946b74df6817768758b1de49d4be887 (diff) |
Robustify libc-side nscd database reader.
The nscd database mapped in processes can change at any time. We
have to be more vigilant when it comes to using that memory. Test
the data entries are valid in their entire size, don't read data
again from memory once we verified it, and make sure the trailing
pointer is not going off the deep end.
(cherry picked from commit cfe1fc1013d0e7e4863c974fa0e78891cc0a2ed2)
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 25 |
1 files changed, 19 insertions, 6 deletions
@@ -1,16 +1,29 @@ -2009-05-12 Jakub Jelinek <jakub@redhat.com> - - * include/atomic.h: Formatting. - (catomic_compare_and_exchange_val_acq): Don't define if already - defined by bits/atomic.h. - 2009-05-14 Jakub Jelinek <jakub@redhat.com> + * nscd/nscd_helper.c: Include stddef.h. + (__nscd_cache_search): Add datalen argument. Use atomic_forced_read + in a couple of places. Return NULL if trail is not less than + datasize, don't consider dataheads with length smaller than + offsetof (struct datahead, data) + datalen. + * nscd/nscd_client.h (__nscd_cache_search): Adjust prototype. + * nscd/nscd_gethst_r.c (nscd_gethst_r): Adjust callers. + * nscd/nscd_getpw_r.c (nscd_getpw_r): Likewise. + * nscd/nscd_getgr_r.c (nscd_getgr_r): Likewise. + * nscd/nscd_getai.c (__nscd_getai): Likewise. + * nscd/nscd_initgroups.c (__nscd_getgrouplist): Likewise. + * nscd/nscd_getserv_r.c (nscd_getserv_r): Likewise. + * nscd/selinux.c (nscd_avc_destroy): Removed. * nscd/selinux.h (nscd_avc_destroy): Likewise. * nscd/nscd.c (termination_handler): Don't call nscd_avc_destroy. +2009-05-12 Jakub Jelinek <jakub@redhat.com> + + * include/atomic.h: Formatting. + (catomic_compare_and_exchange_val_acq): Don't define if already + defined by bits/atomic.h. + 2009-05-10 Ulrich Drepper <drepper@redhat.com> * version.h (VERSION): Bump to 2.10.1. |