mirror/glibc
2
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-04-12 14:21:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
glibc/nss
History
Florian Weimer 676599b36a Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724] 
This prevents injection of ':' and '\n' into output functions which
use the NSS files database syntax.  Critical fields (user/group names
and file system paths) are checked strictly.  For backwards
compatibility, the GECOS field is rewritten instead.

The getent program is adjusted to use the put*ent functions in libc,
instead of local copies.  This changes the behavior of getent if user
names start with '-' or '+'.
2015-10-02 11:34:13 +02:00
..
nss_db
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
nss_files
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
alias-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
bug17079.c
Fix inconsistent passwd compensation in nss/bug17079.c
2015-09-25 20:20:33 +02:00
bug-erange.c
databases.def
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
db-Makefile
fix non-portable echo -n usage
2015-08-09 04:19:12 -04:00
Depend
digits_dots.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
ethers-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
function.def
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
getent.c
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
getnssent_r.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
getnssent.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
getXXbyYY_r.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
getXXbyYY.c
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
getXXent_r.c
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
getXXent.c
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
grp-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
hosts-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
key-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
makedb.c
Update copyright dates not handled by scripts/update-copyrights.
2015-01-02 16:54:45 +00:00
Makefile
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
netgrp-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
network-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
nss_test1.c
Add self-contained test for NSS.
2010-08-11 07:25:02 -07:00
nss.h
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
nsswitch.c
Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912).
2015-09-08 21:11:03 +00:00
nsswitch.conf
More configurability for secondary group lookup
2011-05-10 00:36:29 -04:00
nsswitch.h
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
proto-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
pwd-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
rewrite_field.c
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
rpc-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
service-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
sgrp-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
spwd-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
test-digits-dots.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00
test-netdb.c
Split rpcent tests out of tst-netdb.
2015-03-04 15:55:38 -08:00
tst-field.c
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
tst-nss-getpwent.c
CVE-2014-8121: Do not close NSS files database during iteration [BZ #18007]
2015-04-29 14:41:26 +02:00
tst-nss-static.c
2012-04-06 Paul Pluzhnikov <ppluzhnikov@google.com>
2012-04-06 13:49:35 -07:00
tst-nss-test1.c
Fix nss/tst-nss-test1.c format warning.
2014-11-27 03:24:18 +00:00
valid_field.c
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
valid_list_field.c
Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]
2015-10-02 11:34:13 +02:00
Versions
Get canonical name in getaddrinfo from hosts file for AF_INET (fixes 16077)
2013-11-28 17:18:12 +05:30
XXX-lookup.c
Update copyright dates with scripts/update-copyrights.
2015-01-02 16:29:47 +00:00