Fw: Please evaluate my patch for Winbind
Hannes Schmidt
mail at schmidt-net.via.t-online.de
Fri Jul 26 14:20:02 GMT 2002
----- Original Message -----
From: "Hannes Schmidt" <mail at schmidt-net.via.t-online.de>
To: <samba at lists.samba.org>
Sent: Thursday, July 25, 2002 6:43 PM
Subject: [Samba] Please evaluate my patch for Winbind
> Yesterday I posted a problem report with some diagnostics. I seem to have
found a solution on my own
> and provide a patch here. [I didn't post this as a follow-up because
nobody responded to my original post
> and I wanted to make sure someone reads at least this one.]
>
> The patch makes the winbind client (libnss_winbind.so) code more robust.
>
> Consider the following fragment of broken application code.
>
> if( fork() == 0 ) {
> /* child */
> close( 0 ); /* next open() will return 0 (stdin) */
> getpwent(...); /* pid changed, so wb_common.c will open the
pipe to winbindd, the handle will be 0 */
> fd = open( ... ); /* returned fd isn't 0 although the code assumes
this */
> execve( ... ); /* executed program reads from stdin which -
unintentionally - is the winbind pipe */
> } else {
> /* parent */
> ...
> }
>
> Obviously, this code is broken and could be easily fixed by doing the
getpwent() before the close(). Unfortunately
> the version of cron installed on my system is broken in a more complex but
similar way. There is probably more
> broken code like this in other standard unix software, especially since
it's such a subtle mistake.
>
> The provided patch to wb_common.c makes sure that the handle to the
winbindd pipe is not 0, 1 or 2.
> Even if this is complete crap, I would appreciate any feedback.
>
> *** /root/samba-2.2.5/source/nsswitch/wb_common.c Wed Jun 19 03:13:44 2002
> --- wb_common.c Thu Jul 25 16:36:39 2002
> ***************
> *** 94,99 ****
> --- 94,120 ----
> }
> }
>
> + /* Returns a duplicate of the given file descriptor that is guranteed
> + not to be 0, 1 or 2 (stdin, stdout or stderr respectively), unless
> + an error occurs. If the given fd is invalid, it will be returned
> + unchanged. If a different error occurs, the returned file handle
> + will still be valid but it may be 0, 1 or 2. If a valid file
> + handle is returned and the returned handle is different to the
> + original one, the original one will be closed. If dup() is broken,
> + this function might never return. */
> +
> + int make_nonstd_fd(int fd)
> + {
> + int saved_fd;
> + if (0 >= fd && fd <= 2) {
> + fd = dup(saved_fd = fd);
> + if (fd == -1) return saved_fd;
> + fd = make_nonstd_fd(fd);
> + close(saved_fd);
> + }
> + return fd;
> + }
> +
> /* Connect to winbindd socket */
>
> int winbind_open_pipe_sock(void)
> ***************
> *** 158,164 ****
> if ((winbindd_fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
> return -1;
> }
> !
> if (connect(winbindd_fd, (struct sockaddr *)&sunaddr,
> sizeof(sunaddr)) == -1) {
> close_sock();
> --- 179,188 ----
> if ((winbindd_fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
> return -1;
> }
> !
> ! winbindd_fd = make_nonstd_fd( winbindd_fd );
> !
> !
> if (connect(winbindd_fd, (struct sockaddr *)&sunaddr,
> sizeof(sunaddr)) == -1) {
> close_sock();
> ***************
> *** 167,172 ****
> --- 191,197 ----
>
> return winbindd_fd;
> }
> +
>
> /* Write data to winbindd socket */
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba-technical
mailing list