summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarol Lewandowski <k.lewandowsk@samsung.com>2022-05-30 13:16:56 +0200
committerDongHun Kwak <dh0128.kwak@samsung.com>2022-09-01 11:01:34 +0900
commitc706f690936f43d6d9fa0cea6b323eabffe7487d (patch)
tree0edbcd9521deeb526960f44cdecb227f919613f2
parentffeb020429b40891a5967532fbb017c2a780f927 (diff)
downloadlibtar-tizen_9.0.tar.gz
libtar-tizen_9.0.tar.bz2
libtar-tizen_9.0.zip
Change-Id: I3b81302f8547d983f99e50da5b1d0e4c84b94106 Signed-off-by: DongHun Kwak <dh0128.kwak@samsung.com>
-rw-r--r--packaging/Use-reentrant-versions-of-getpwnam-getgrnam.patch75
-rw-r--r--packaging/libtar.spec2
2 files changed, 77 insertions, 0 deletions
diff --git a/packaging/Use-reentrant-versions-of-getpwnam-getgrnam.patch b/packaging/Use-reentrant-versions-of-getpwnam-getgrnam.patch
new file mode 100644
index 0000000..9713f4c
--- /dev/null
+++ b/packaging/Use-reentrant-versions-of-getpwnam-getgrnam.patch
@@ -0,0 +1,75 @@
+From 22f5e6df48f8ba3f303221d14e47afb712433d4a Mon Sep 17 00:00:00 2001
+From: Karol Lewandowski <k.lewandowsk@samsung.com>
+Date: Mon, 30 May 2022 13:16:56 +0200
+Subject: [PATCH] Use reentrant versions of getpwnam & getgrnam functions for
+ thread safety
+
+Change-Id: I3b81302f8547d983f99e50da5b1d0e4c84b94106
+---
+ lib/decode.c | 31 +++++++++++++++++++++----------
+ 1 file changed, 21 insertions(+), 10 deletions(-)
+
+diff --git a/lib/decode.c b/lib/decode.c
+index c16ea2d..43cd17b 100644
+--- a/lib/decode.c
++++ b/lib/decode.c
+@@ -21,6 +21,10 @@
+ # include <string.h>
+ #endif
+
++/* Hardcoded buffer limit to avoid calling sysconf() where it can not
++ * reliably fail */
++#define GET_PWGR_SIZE_MAX 16384
++
+
+ /* determine full path name */
+ char *
+@@ -42,16 +46,22 @@ th_get_pathname(TAR *t)
+ return filename;
+ }
+
+-
+ uid_t
+ th_get_uid(TAR *t)
+ {
+ int uid;
+- struct passwd *pw;
+-
+- pw = getpwnam(t->th_buf.uname);
+- if (pw != NULL)
+- return pw->pw_uid;
++ struct passwd pw, *pwresult = NULL;
++ /* Theoretically this function should use sysconf(_SC_GETPW_R_SIZE_MAX)
++ * to get buffer size for getpwnam_r() and allocate this size. Unfortunately,
++ * this function has not possibility to return any error, including OOM.
++ * Due to this we allocate static buffer size to avoid the need to handle
++ * these kinds of errors.
++ */
++ char buf[GET_PWGR_SIZE_MAX] = "";
++
++ (void)getpwnam_r(t->th_buf.uname, &pw, buf, sizeof(buf), &pwresult);
++ if (pwresult != NULL)
++ return pwresult->pw_uid;
+
+ /* if the password entry doesn't exist */
+ sscanf(t->th_buf.uid, "%o", &uid);
+@@ -63,11 +73,12 @@ gid_t
+ th_get_gid(TAR *t)
+ {
+ int gid;
+- struct group *gr;
++ struct group gr, *grresult = NULL;
++ char buf[GET_PWGR_SIZE_MAX] = ""; /* See note in th_get_uid() */
+
+- gr = getgrnam(t->th_buf.gname);
+- if (gr != NULL)
+- return gr->gr_gid;
++ (void)getgrnam_r(t->th_buf.gname, &gr, buf, sizeof(buf), &grresult);
++ if (grresult != NULL)
++ return grresult->gr_gid;
+
+ /* if the group entry doesn't exist */
+ sscanf(t->th_buf.gid, "%o", &gid);
+--
+2.25.1
+
diff --git a/packaging/libtar.spec b/packaging/libtar.spec
index cb30a08..59a013f 100644
--- a/packaging/libtar.spec
+++ b/packaging/libtar.spec
@@ -9,6 +9,7 @@ License: NCSA
Group: Development/ROS
Source0: %{name}-%{version}.tar.gz
+Source10: Use-reentrant-versions-of-getpwnam-getgrnam.patch
Source1001: %{name}.manifest
# ==========================================================
@@ -32,6 +33,7 @@ Library for manipulating tar files from within C programs(devel)
%prep
%setup -q
+%{__patch} -p1 < %{SOURCE10}
cp %{SOURCE1001} .
# ==========================================================