nscd/nscd_getpw_r.c

   1 /* Copyright (C) 1998-2023 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3
   4    The GNU C Library is free software; you can redistribute it and/or
   5    modify it under the terms of the GNU Lesser General Public
   6    License as published by the Free Software Foundation; either
   7    version 2.1 of the License, or (at your option) any later version.
   8
   9    The GNU C Library is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12    Lesser General Public License for more details.
  13
  14    You should have received a copy of the GNU Lesser General Public
  15    License along with the GNU C Library; if not, see
  16    <https://www.gnu.org/licenses/>.  */
  17
  18 #include <assert.h>
  19 #include <errno.h>
  20 #include <pwd.h>
  21 #include <stdint.h>
  22 #include <stdio.h>
  23 #include <stdlib.h>
  24 #include <string.h>
  25 #include <unistd.h>
  26 #include <sys/mman.h>
  27 #include <sys/socket.h>
  28 #include <sys/uio.h>
  29 #include <sys/un.h>
  30 #include <not-cancel.h>
  31 #include <_itoa.h>
  32
  33 #include "nscd-client.h"
  34 #include "nscd_proto.h"
  35
  36 int __nss_not_use_nscd_passwd;
  37
  38 static int nscd_getpw_r (const char *key, size_t keylen, request_type type,
  39                          struct passwd *resultbuf, char *buffer,
  40                          size_t buflen, struct passwd **result);
  41
  42 int
  43 __nscd_getpwnam_r (const char *name, struct passwd *resultbuf, char *buffer,
  44                    size_t buflen, struct passwd **result)
  45 {
  46   if (name == NULL)
  47     return -1;
  48
  49   return nscd_getpw_r (name, strlen (name) + 1, GETPWBYNAME, resultbuf,
  50                        buffer, buflen, result);
  51 }
  52
  53 int
  54 __nscd_getpwuid_r (uid_t uid, struct passwd *resultbuf, char *buffer,
  55                    size_t buflen, struct passwd **result)
  56 {
  57   char buf[3 * sizeof (uid_t)];
  58   buf[sizeof (buf) - 1] = '\0';
  59   char *cp = _itoa_word (uid, buf + sizeof (buf) - 1, 10, 0);
  60
  61   return nscd_getpw_r (cp, buf + sizeof (buf) - cp, GETPWBYUID, resultbuf,
  62                        buffer, buflen, result);
  63 }
  64
  65
  66 libc_locked_map_ptr (static, map_handle);
  67 /* Note that we only free the structure if necessary.  The memory
  68    mapping is not removed since it is not visible to the malloc
  69    handling.  */
  70 void
  71 __nscd_pw_map_freemem (void)
  72 {
  73   if (map_handle.mapped != NO_MAPPING)
  74     {
  75       void *p = map_handle.mapped;
  76       map_handle.mapped = NO_MAPPING;
  77       free (p);
  78     }
  79 }
  80
  81
  82 static int
  83 nscd_getpw_r (const char *key, size_t keylen, request_type type,
  84               struct passwd *resultbuf, char *buffer, size_t buflen,
  85               struct passwd **result)
  86 {
  87   int gc_cycle;
  88   int nretries = 0;
  89
  90   /* If the mapping is available, try to search there instead of
  91      communicating with the nscd.  */
  92   struct mapped_database *mapped;
  93   mapped = __nscd_get_map_ref (GETFDPW, "passwd", &map_handle, &gc_cycle);
  94
  95  retry:;
  96   const char *pw_name = NULL;
  97   int retval = -1;
  98   const char *recend = (const char *) ~UINTMAX_C (0);
  99   pw_response_header pw_resp;
 100
 101   if (mapped != NO_MAPPING)
 102     {
 103       struct datahead *found = __nscd_cache_search (type, key, keylen, mapped,
 104                                                     sizeof pw_resp);
 105       if (found != NULL)
 106         {
 107           pw_name = (const char *) (&found->data[0].pwdata + 1);
 108           pw_resp = found->data[0].pwdata;
 109           recend = (const char *) found->data + found->recsize;
 110           /* Now check if we can trust pw_resp fields.  If GC is
 111              in progress, it can contain anything.  */
 112           if (mapped->head->gc_cycle != gc_cycle)
 113             {
 114               retval = -2;
 115               goto out;
 116             }
 117         }
 118     }
 119
 120   int sock = -1;
 121   if (pw_name == NULL)
 122     {
 123       sock = __nscd_open_socket (key, keylen, type, &pw_resp,
 124                                  sizeof (pw_resp));
 125       if (sock == -1)
 126         {
 127           __nss_not_use_nscd_passwd = 1;
 128           goto out;
 129         }
 130     }
 131
 132   /* No value found so far.  */
 133   *result = NULL;
 134
 135   if (__glibc_unlikely (pw_resp.found == -1))
 136     {
 137       /* The daemon does not cache this database.  */
 138       __nss_not_use_nscd_passwd = 1;
 139       goto out_close;
 140     }
 141
 142   if (pw_resp.found == 1)
 143     {
 144       /* Set the information we already have.  */
 145       resultbuf->pw_uid = pw_resp.pw_uid;
 146       resultbuf->pw_gid = pw_resp.pw_gid;
 147
 148       char *p = buffer;
 149       /* get pw_name */
 150       resultbuf->pw_name = p;
 151       p += pw_resp.pw_name_len;
 152       /* get pw_passwd */
 153       resultbuf->pw_passwd = p;
 154       p += pw_resp.pw_passwd_len;
 155       /* get pw_gecos */
 156       resultbuf->pw_gecos = p;
 157       p += pw_resp.pw_gecos_len;
 158       /* get pw_dir */
 159       resultbuf->pw_dir = p;
 160       p += pw_resp.pw_dir_len;
 161       /* get pw_pshell */
 162       resultbuf->pw_shell = p;
 163       p += pw_resp.pw_shell_len;
 164
 165       ssize_t total = p - buffer;
 166       if (__glibc_unlikely (pw_name + total > recend))
 167         goto out_close;
 168       if (__glibc_unlikely (buflen < total))
 169         {
 170           __set_errno (ERANGE);
 171           retval = ERANGE;
 172           goto out_close;
 173         }
 174
 175       retval = 0;
 176       if (pw_name == NULL)
 177         {
 178           ssize_t nbytes = __readall (sock, buffer, total);
 179
 180           if (__glibc_unlikely (nbytes != total))
 181             {
 182               /* The `errno' to some value != ERANGE.  */
 183               __set_errno (ENOENT);
 184               retval = ENOENT;
 185             }
 186           else
 187             *result = resultbuf;
 188         }
 189       else
 190         {
 191           /* Copy the various strings.  */
 192           memcpy (resultbuf->pw_name, pw_name, total);
 193
 194           /* Try to detect corrupt databases.  */
 195           if (resultbuf->pw_name[pw_resp.pw_name_len - 1] != '\0'
 196               || resultbuf->pw_passwd[pw_resp.pw_passwd_len - 1] != '\0'
 197               || resultbuf->pw_gecos[pw_resp.pw_gecos_len - 1] != '\0'
 198               || resultbuf->pw_dir[pw_resp.pw_dir_len - 1] != '\0'
 199               || resultbuf->pw_shell[pw_resp.pw_shell_len - 1] != '\0')
 200             {
 201               /* We cannot use the database.  */
 202               retval = mapped->head->gc_cycle != gc_cycle ? -2 : -1;
 203               goto out_close;
 204             }
 205
 206           *result = resultbuf;
 207         }
 208     }
 209   else
 210     {
 211       /* Set errno to 0 to indicate no error, just no found record.  */
 212       __set_errno (0);
 213       /* Even though we have not found anything, the result is zero.  */
 214       retval = 0;
 215     }
 216
 217  out_close:
 218   if (sock != -1)
 219     __close_nocancel_nostatus (sock);
 220  out:
 221   if (__nscd_drop_map_ref (mapped, &gc_cycle) != 0)
 222     {
 223       /* When we come here this means there has been a GC cycle while we
 224          were looking for the data.  This means the data might have been
 225          inconsistent.  Retry if possible.  */
 226       if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1)
 227         {
 228           /* nscd is just running gc now.  Disable using the mapping.  */
 229           if (atomic_fetch_add_relaxed (&mapped->counter, -1) == 1)
 230             __nscd_unmap (mapped);
 231           mapped = NO_MAPPING;
 232         }
 233
 234       if (retval != -1)
 235         goto retry;
 236     }
 237
 238   return retval;
 239 }