diff --git a/package/autofs/patches/autofs-5.1.7-add-buffer-length-check-to-rmdir_path.patch b/package/autofs/patches/autofs-5.1.7-add-buffer-length-check-to-rmdir_path.patch new file mode 100644 index 00000000..87e832d7 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-add-buffer-length-check-to-rmdir_path.patch @@ -0,0 +1,51 @@ +autofs-5.1.7 - add buffer length check to rmdir_path() + +From: Ian Kent + +Add a length check before copying the incoming path string to the work +buffer. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 8 ++++++-- + 2 files changed, 7 insertions(+), 2 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index ded0f00f..38304720 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -86,6 +86,7 @@ + - add mapent path length check in handle_packet_expire_direct(). + - add copy length check in umount_autofs_indirect(). + - add some buffer length checks to master map parser. ++- add buffer length check to rmdir_path(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/automount.c b/daemon/automount.c +index 45e0833f..114b013a 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -241,15 +241,19 @@ int mkdir_path(const char *path, mode_t mode) + int rmdir_path(struct autofs_point *ap, const char *path, dev_t dev) + { + int len = strlen(path); +- char buf[PATH_MAX]; ++ char buf[PATH_MAX + 1]; + char *cp; + int first = 1; + struct stat st; + struct statfs fs; + ++ if (len > PATH_MAX) { ++ error(ap->logopt, "path longer than maximum length"); ++ return -1; ++ } + strcpy(buf, path); +- cp = buf + len; + ++ cp = buf + len; + do { + *cp = '\0'; + diff --git a/package/autofs/patches/autofs-5.1.7-add-buffer-length-checks-to-autofs-mount_mount.patch b/package/autofs/patches/autofs-5.1.7-add-buffer-length-checks-to-autofs-mount_mount.patch new file mode 100644 index 00000000..3854df92 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-add-buffer-length-checks-to-autofs-mount_mount.patch @@ -0,0 +1,108 @@ +autofs-5.1.7 - add buffer length checks to autofs mount_mount() + +From: Ian Kent + + +--- + CHANGELOG | 1 + + modules/mount_autofs.c | 59 +++++++++++++++++++++++++++++++++--------------- + 2 files changed, 41 insertions(+), 19 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 6ab4813d..17926916 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -88,6 +88,7 @@ + - add some buffer length checks to master map parser. + - add buffer length check to rmdir_path(). + - eliminate buffer usage from handle_mounts_cleanup(). ++- add buffer length checks to autofs mount_mount(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/mount_autofs.c b/modules/mount_autofs.c +index 0bcbb343..b2233573 100644 +--- a/modules/mount_autofs.c ++++ b/modules/mount_autofs.c +@@ -50,8 +50,8 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, + { + struct startup_cond suc; + pthread_t thid; +- char realpath[PATH_MAX]; +- char mountpoint[PATH_MAX]; ++ char realpath[PATH_MAX + 1]; ++ char mountpoint[PATH_MAX + 1]; + const char **argv; + int argc, status; + int nobind = ap->flags & MOUNT_FLAG_NOBIND; +@@ -68,32 +68,53 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, + struct mnt_list *mnt; + char buf[MAX_ERR_BUF]; + char *options, *p; +- int len, ret; ++ int err, ret; + int hosts = 0; + + /* Root offset of multi-mount */ +- len = strlen(root); +- if (root[len - 1] == '/') { +- strcpy(realpath, ap->path); +- strcat(realpath, "/"); +- strcat(realpath, name); +- len--; +- strncpy(mountpoint, root, len); +- mountpoint[len] = '\0'; ++ if (root[strlen(root) - 1] == '/') { ++ err = snprintf(realpath, PATH_MAX + 1, "%s/%s", ap->path, name); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for realpath"); ++ return 1; ++ } ++ err = snprintf(mountpoint, PATH_MAX + 1, "%s", root); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for mountpoint"); ++ return 1; ++ } ++ mountpoint[err - 1] = 0; + } else if (*name == '/') { + if (ap->flags & MOUNT_FLAG_REMOUNT) { +- strcpy(mountpoint, name); +- strcpy(realpath, name); ++ err = snprintf(mountpoint, PATH_MAX + 1, "%s", name); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for mountpoint"); ++ return 1; ++ } ++ err = snprintf(realpath, PATH_MAX + 1, "%s", name); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for realpath"); ++ return 1; ++ } + } else { +- strcpy(mountpoint, root); +- strcpy(realpath, name); ++ err = snprintf(mountpoint, PATH_MAX + 1, "%s", root); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for mountpoint"); ++ return 1; ++ } ++ err = snprintf(realpath, PATH_MAX + 1, "%s", name); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for realpath"); ++ return 1; ++ } + } + } else { +- strcpy(mountpoint, root); +- strcat(mountpoint, "/"); ++ err = snprintf(mountpoint, PATH_MAX + 1, "%s/%s", root, name); ++ if (err > PATH_MAX) { ++ error(ap->logopt, MODPREFIX "string too long for mountpoint"); ++ return 1; ++ } + strcpy(realpath, mountpoint); +- strcat(mountpoint, name); +- strcat(realpath, name); + } + + options = NULL; diff --git a/package/autofs/patches/autofs-5.1.7-add-copy-length-check-in-umount_autofs_indirect.patch b/package/autofs/patches/autofs-5.1.7-add-copy-length-check-in-umount_autofs_indirect.patch new file mode 100644 index 00000000..dd7ba8ff --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-add-copy-length-check-in-umount_autofs_indirect.patch @@ -0,0 +1,51 @@ +autofs-5.1.7 - add copy length check in umount_autofs_indirect() + +From: Ian Kent + +Add a source length check before copying to a work buffer in +umount_autofs_indirect(). + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/indirect.c | 13 +++++++++++-- + 2 files changed, 12 insertions(+), 2 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 5fdb4c0a..be0b9d85 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -84,6 +84,7 @@ + - fix use of possibly NULL var in lookup_program.c:match_key(). + - fix incorrect print format specifiers in get_pkt(). + - add mapent path length check in handle_packet_expire_direct(). ++- add copy length check in umount_autofs_indirect(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/indirect.c b/daemon/indirect.c +index 9f2ca6a0..b73c2781 100644 +--- a/daemon/indirect.c ++++ b/daemon/indirect.c +@@ -238,10 +238,19 @@ int umount_autofs_indirect(struct autofs_point *ap, const char *root) + int rv, retries; + unsigned int unused; + +- if (root) ++ if (root) { ++ if (strlen(root) > PATH_MAX) { ++ error(ap->logopt, "mountpoint path too long"); ++ return 1; ++ } + strcpy(mountpoint, root); +- else ++ } else { ++ if (ap->len > PATH_MAX) { ++ error(ap->logopt, "mountpoint path too long"); ++ return 1; ++ } + strcpy(mountpoint, ap->path); ++ } + + /* If we are trying to shutdown make sure we can umount */ + rv = ops->askumount(ap->logopt, ap->ioctlfd, &unused); diff --git a/package/autofs/patches/autofs-5.1.7-add-mapent-path-length-check-in-handle_packet_expire_direct.patch b/package/autofs/patches/autofs-5.1.7-add-mapent-path-length-check-in-handle_packet_expire_direct.patch new file mode 100644 index 00000000..e5bfef86 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-add-mapent-path-length-check-in-handle_packet_expire_direct.patch @@ -0,0 +1,60 @@ +autofs-5.1.7 - add mapent path length check in handle_packet_expire_direct() + +From: Ian Kent + +Since direct mount expire requests from the kernel need to look up their +map entry and copy the path to a request processing struct fix length +char array the copy length should be checked. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/direct.c | 12 ++++++++---- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 0dac7318..5fdb4c0a 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -83,6 +83,7 @@ + - use default stack size for threads. + - fix use of possibly NULL var in lookup_program.c:match_key(). + - fix incorrect print format specifiers in get_pkt(). ++- add mapent path length check in handle_packet_expire_direct(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/direct.c b/daemon/direct.c +index d37dd676..4a56486b 100644 +--- a/daemon/direct.c ++++ b/daemon/direct.c +@@ -1039,13 +1039,18 @@ int handle_packet_expire_direct(struct autofs_point *ap, autofs_packet_expire_di + map = map->next; + } + +- if (!me) { ++ if (!me || me->len >= PATH_MAX) { + /* + * Shouldn't happen as we have been sent this following + * successful thread creation and lookup. + */ +- crit(ap->logopt, "can't find map entry for (%lu,%lu)", +- (unsigned long) pkt->dev, (unsigned long) pkt->ino); ++ if (!me) ++ crit(ap->logopt, "can't find map entry for (%lu,%lu)", ++ (unsigned long) pkt->dev, (unsigned long) pkt->ino); ++ else { ++ cache_unlock(mc); ++ crit(ap->logopt, "lookup key is too long"); ++ } + master_source_unlock(ap->entry); + pthread_setcancelstate(state, NULL); + return 1; +@@ -1091,7 +1096,6 @@ int handle_packet_expire_direct(struct autofs_point *ap, autofs_packet_expire_di + mt->ap = ap; + mt->ioctlfd = me->ioctlfd; + mt->mc = mc; +- /* TODO: check length here */ + strcpy(mt->name, me->key); + mt->dev = me->dev; + mt->type = NFY_EXPIRE; diff --git a/package/autofs/patches/autofs-5.1.7-add-some-buffer-length-checks-to-master-map-parser.patch b/package/autofs/patches/autofs-5.1.7-add-some-buffer-length-checks-to-master-map-parser.patch new file mode 100644 index 00000000..96cab2d1 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-add-some-buffer-length-checks-to-master-map-parser.patch @@ -0,0 +1,257 @@ +autofs-5.1.7 - add some buffer length checks to master map parser + +From: Ian Kent + +Add some checks for buffer overflow to the master map parser. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/master_parse.y | 38 +++++++++++++++----------- + daemon/master_tok.l | 73 ++++++++++++++++++++++++++++++++++++++++++++----- + 3 files changed, 88 insertions(+), 24 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index be0b9d85..ded0f00f 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -85,6 +85,7 @@ + - fix incorrect print format specifiers in get_pkt(). + - add mapent path length check in handle_packet_expire_direct(). + - add copy length check in umount_autofs_indirect(). ++- add some buffer length checks to master map parser. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/master_parse.y b/daemon/master_parse.y +index 7480c36a..2d78f082 100644 +--- a/daemon/master_parse.y ++++ b/daemon/master_parse.y +@@ -29,6 +29,7 @@ + #include "master.h" + + #define MAX_ERR_LEN 512 ++#define STRTYPE_LEN 2048 + + extern struct master *master_list; + +@@ -79,6 +80,7 @@ static int local_argc; + static unsigned int propagation; + + static char errstr[MAX_ERR_LEN]; ++static int errlen; + + static unsigned int verbose; + static unsigned int debug; +@@ -521,10 +523,11 @@ dnattrs: DNATTR EQUAL DNNAME + strcasecmp($1, "ou") && + strcasecmp($1, "automountMapName") && + strcasecmp($1, "nisMapName")) { +- strcpy(errstr, $1); +- strcat(errstr, "="); +- strcat(errstr, $3); +- master_notify(errstr); ++ errlen = snprintf(errstr, MAX_ERR_LEN, "%s=%s", $1, $3); ++ if (errlen < MAX_ERR_LEN) ++ master_notify(errstr); ++ else ++ master_notify("error string too long"); + YYABORT; + } + strcpy($$, $1); +@@ -537,10 +540,11 @@ dnattrs: DNATTR EQUAL DNNAME + strcasecmp($1, "ou") && + strcasecmp($1, "automountMapName") && + strcasecmp($1, "nisMapName")) { +- strcpy(errstr, $1); +- strcat(errstr, "="); +- strcat(errstr, $3); +- master_notify(errstr); ++ errlen = snprintf(errstr, MAX_ERR_LEN, "%s=%s", $1, $3); ++ if (errlen < MAX_ERR_LEN) ++ master_notify(errstr); ++ else ++ master_notify("error string too long"); + YYABORT; + } + strcpy($$, $1); +@@ -565,10 +569,11 @@ dnattr: DNATTR EQUAL DNNAME + { + if (!strcasecmp($1, "automountMapName") || + !strcasecmp($1, "nisMapName")) { +- strcpy(errstr, $1); +- strcat(errstr, "="); +- strcat(errstr, $3); +- master_notify(errstr); ++ errlen = snprintf(errstr, MAX_ERR_LEN, "%s=%s", $1, $3); ++ if (errlen < MAX_ERR_LEN) ++ master_notify(errstr); ++ else ++ master_notify("error string too long"); + YYABORT; + } + strcpy($$, $1); +@@ -579,10 +584,11 @@ dnattr: DNATTR EQUAL DNNAME + { + if (!strcasecmp($1, "automountMapName") || + !strcasecmp($1, "nisMapName")) { +- strcpy(errstr, $1); +- strcat(errstr, "="); +- strcat(errstr, $3); +- master_notify(errstr); ++ errlen = snprintf(errstr, MAX_ERR_LEN, "%s=%s", $1, $3); ++ if (errlen < MAX_ERR_LEN) ++ master_notify(errstr); ++ else ++ master_notify("error string too long"); + YYABORT; + } + strcpy($$, $1); +diff --git a/daemon/master_tok.l b/daemon/master_tok.l +index 87a6b958..e2d15bce 100644 +--- a/daemon/master_tok.l ++++ b/daemon/master_tok.l +@@ -23,6 +23,7 @@ + #endif /* ECHO */ + static void master_echo(void); /* forward definition */ + #define ECHO master_echo() ++static void master_error(char *s); + + #include + #include +@@ -80,6 +81,8 @@ char *bptr; + char *optr = buff; + unsigned int tlen; + ++#define STRTYPE_LEN 2048 ++ + %} + + %option nounput +@@ -217,7 +220,13 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + bptr += tlen; + yyless(tlen); + } else { +- strcpy(master_lval.strtype, master_text); ++ if (tlen <= STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("MULTITYPE: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return(MULTITYPE); + } + } +@@ -239,7 +248,13 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + bptr += tlen; + yyless(tlen); + } else { +- strcpy(master_lval.strtype, master_text); ++ if (tlen <= STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("MAPTYPE: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return(MAPTYPE); + } + } +@@ -327,12 +342,24 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + {OPTWS}\\\n{OPTWS} {} + + {DNSERVERSTR} { +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("DNSERVER: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return DNSERVER; + } + + {DNATTRSTR}/"=" { +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("DNATTR: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return DNATTR; + } + +@@ -341,12 +368,24 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + } + + {DNNAMESTR1}/","{DNATTRSTR}"=" { +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("DNNAME: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return DNNAME; + } + + {DNNAMESTR2} { +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("DNNAME: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return DNNAME; + } + +@@ -357,7 +396,13 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + {WS}"=" | + "="{WS} { + BEGIN(INITIAL); +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("SPACE: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return SPACE; + } + +@@ -419,7 +464,13 @@ MODE (--mode{OPTWS}|--mode{OPTWS}={OPTWS}) + } + + {OPTIONSTR} { +- strcpy(master_lval.strtype, master_text); ++ if (master_leng < STRTYPE_LEN) ++ strcpy(master_lval.strtype, master_text); ++ else { ++ master_error("OPTION: value too large, truncated"); ++ strncpy(master_lval.strtype, master_text, STRTYPE_LEN - 2); ++ master_lval.strtype[STRTYPE_LEN - 1] = 0; ++ } + return(OPTION); + } + +@@ -459,6 +510,12 @@ static void master_echo(void) + return; + } + ++static void master_error(char *s) ++{ ++ logmsg("%s"); ++ return; ++} ++ + #ifdef FLEX_SCANNER + + void master_set_scan_buffer(const char *buffer) diff --git a/package/autofs/patches/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch b/package/autofs/patches/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch new file mode 100644 index 00000000..460d9a0e --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch @@ -0,0 +1,38 @@ +autofs-5.1.7 - also require TCP_REQUESTED when setting NFS port + +From: Ian Kent + +Set the NFS service port to the default (2049) only if tcp protocol is +being used and not alternate port has been given. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/replicated.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 5d2c2c88..fd5b800a 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -91,6 +91,7 @@ + - add buffer length checks to autofs mount_mount(). + - make NFS version check flags consistent. + - refactor get_nfs_info(). ++- also require TCP_REQUESTED when setting NFS port. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/replicated.c b/modules/replicated.c +index e03c9d25..09075dd0 100644 +--- a/modules/replicated.c ++++ b/modules/replicated.c +@@ -291,7 +291,7 @@ static unsigned int get_nfs_info(unsigned logopt, struct host *host, + + rpc_info->proto = proto; + if (port < 0) { +- if (version & NFS4_REQUESTED) ++ if ((version & NFS4_REQUESTED) && (version & TCP_REQUESTED)) + rpc_info->port = NFS_PORT; + else + port = 0; diff --git a/package/autofs/patches/autofs-5.1.7-eliminate-buffer-usage-from-handle_mounts_cleanup.patch b/package/autofs/patches/autofs-5.1.7-eliminate-buffer-usage-from-handle_mounts_cleanup.patch new file mode 100644 index 00000000..6926b945 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-eliminate-buffer-usage-from-handle_mounts_cleanup.patch @@ -0,0 +1,86 @@ +autofs-5.1.7 - eliminate buffer usage from handle_mounts_cleanup() + +From: Ian Kent + +This buffer was originally added because a SEGV was seen accessing +the ap->path field on shutdown. + +But this was actually caused by calling master_remove_mapent() too +early which adds the map entry to the master map join list that leads +to freeing the autofs_point (ap in the code) which also frees ap->path. + +But the master map join list is protected by the master map mutex which +is held until after all the accesses are completed. So whatever the +problem was it doesn't appear to be present any more. + +Nevertheless, to be sure, delay the call to master_remove_mapent() until +after all accesses to ap->path are completed. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 13 ++++++------- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 38304720..6ab4813d 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -87,6 +87,7 @@ + - add copy length check in umount_autofs_indirect(). + - add some buffer length checks to master map parser. + - add buffer length check to rmdir_path(). ++- eliminate buffer usage from handle_mounts_cleanup(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/automount.c b/daemon/automount.c +index 114b013a..cc286892 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -1716,7 +1716,6 @@ void handle_mounts_startup_cond_destroy(void *arg) + static void handle_mounts_cleanup(void *arg) + { + struct autofs_point *ap; +- char path[PATH_MAX + 1]; + char buf[MAX_ERR_BUF]; + unsigned int clean = 0, submount, logopt; + unsigned int pending = 0; +@@ -1726,7 +1725,6 @@ static void handle_mounts_cleanup(void *arg) + logopt = ap->logopt; + submount = ap->submount; + +- strcpy(path, ap->path); + if (!submount && strcmp(ap->path, "/-") && + ap->flags & MOUNT_FLAG_DIR_CREATED) + clean = 1; +@@ -1751,8 +1749,8 @@ static void handle_mounts_cleanup(void *arg) + /* Don't signal the handler if we have already done so */ + if (!list_empty(&master_list->completed)) + pending = 1; +- master_remove_mapent(ap->entry); +- master_source_unlock(ap->entry); ++ ++ info(logopt, "shut down path %s", ap->path); + + destroy_logpri_fifo(ap); + +@@ -1768,14 +1766,15 @@ static void handle_mounts_cleanup(void *arg) + } + + if (clean) { +- if (rmdir(path) == -1) { ++ if (rmdir(ap->path) == -1) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + warn(logopt, "failed to remove dir %s: %s", +- path, estr); ++ ap->path, estr); + } + } + +- info(logopt, "shut down path %s", path); ++ master_remove_mapent(ap->entry); ++ master_source_unlock(ap->entry); + + /* + * If we are not a submount send a signal to the signal handler diff --git a/package/autofs/patches/autofs-5.1.7-eliminate-some-more-alloca-usage.patch b/package/autofs/patches/autofs-5.1.7-eliminate-some-more-alloca-usage.patch new file mode 100644 index 00000000..e329f658 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-eliminate-some-more-alloca-usage.patch @@ -0,0 +1,216 @@ +autofs-5.1.7 - eliminate some more alloca usage + +From: Ian Kent + +Quite a bit of the alloca(3) usage has been eliminated over time. +Use malloc(3) for some more cases that might need to allocate a largish +amount of storage. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/lookup_program.c | 11 ++++++++++- + modules/lookup_yp.c | 22 +++++++++++++++++++--- + modules/parse_sun.c | 18 ++++++++++++++---- + modules/replicated.c | 19 ++++++------------- + 5 files changed, 50 insertions(+), 21 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 8d050552..2b7cfaa0 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -79,6 +79,7 @@ + - add missing description of null map option. + - fix nonstrict offset mount fail handling. + - fix concat_options() error handling. ++- eliminate some more alloca usage. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/lookup_program.c b/modules/lookup_program.c +index 6cab52c8..028580e5 100644 +--- a/modules/lookup_program.c ++++ b/modules/lookup_program.c +@@ -636,7 +636,14 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void * + char *ent = NULL; + + if (me->mapent) { +- ent = alloca(strlen(me->mapent) + 1); ++ ent = malloc(strlen(me->mapent) + 1); ++ if (!ent) { ++ char buf[MAX_ERR_BUF]; ++ char *estr = strerror_r(errno, buf, MAX_ERR_BUF); ++ error(ap->logopt, MODPREFIX "malloc: %s", estr); ++ cache_unlock(mc); ++ goto out_free; ++ } + strcpy(ent, me->mapent); + } + cache_unlock(mc); +@@ -644,6 +651,8 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void * + ap->entry->current = source; + ret = ctxt->parse->parse_mount(ap, name, + name_len, ent, ctxt->parse->context); ++ if (ent) ++ free(ent); + goto out_free; + } else { + if (IS_MM(me) && !IS_MM_ROOT(me)) { +diff --git a/modules/lookup_yp.c b/modules/lookup_yp.c +index 8bccb72f..d2a4b5a5 100644 +--- a/modules/lookup_yp.c ++++ b/modules/lookup_yp.c +@@ -254,7 +254,7 @@ int yp_all_master_callback(int status, char *ypkey, int ypkeylen, + + len = ypkeylen + 1 + vallen + 2; + +- buffer = alloca(len); ++ buffer = malloc(len); + if (!buffer) { + error(logopt, MODPREFIX "could not malloc parse buffer"); + return 0; +@@ -267,6 +267,8 @@ int yp_all_master_callback(int status, char *ypkey, int ypkeylen, + + master_parse_entry(buffer, timeout, logging, age); + ++ free(buffer); ++ + return 0; + } + +@@ -368,7 +370,12 @@ int yp_all_callback(int status, char *ypkey, int ypkeylen, + return 0; + } + +- mapent = alloca(vallen + 1); ++ mapent = malloc(vallen + 1); ++ if (!mapent) { ++ error(logopt, MODPREFIX "could not malloc mapent buffer"); ++ free(key); ++ return 0; ++ } + strncpy(mapent, val, vallen); + *(mapent + vallen) = '\0'; + +@@ -377,6 +384,7 @@ int yp_all_callback(int status, char *ypkey, int ypkeylen, + cache_unlock(mc); + + free(key); ++ free(mapent); + + if (ret == CHE_FAIL) + return -1; +@@ -904,7 +912,14 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void * + } + if (me && (me->source == source || *me->key == '/')) { + mapent_len = strlen(me->mapent); +- mapent = alloca(mapent_len + 1); ++ mapent = malloc(mapent_len + 1); ++ if (!mapent) { ++ char *estr = strerror_r(errno, buf, MAX_ERR_BUF); ++ error(ap->logopt, MODPREFIX "malloc: %s", estr); ++ cache_unlock(mc); ++ free(lkp_key); ++ return NSS_STATUS_TRYAGAIN; ++ } + strcpy(mapent, me->mapent); + } + } +@@ -929,6 +944,7 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void * + + ret = ctxt->parse->parse_mount(ap, key, key_len, + mapent, ctxt->parse->context); ++ free(mapent); + if (ret) { + /* Don't update negative cache when re-connecting */ + if (ap->flags & MOUNT_FLAG_REMOUNT) +diff --git a/modules/parse_sun.c b/modules/parse_sun.c +index 9190165d..d9ac0c94 100644 +--- a/modules/parse_sun.c ++++ b/modules/parse_sun.c +@@ -668,9 +668,16 @@ static int sun_mount(struct autofs_point *ap, const char *root, + } + } + ++ what = malloc(loclen + 1); ++ if (!what) { ++ char buf[MAX_ERR_BUF]; ++ char *estr = strerror_r(errno, buf, MAX_ERR_BUF); ++ error(ap->logopt, MODPREFIX "malloc: %s", estr); ++ return 1; ++ } ++ + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cur_state); + if (!strcmp(fstype, "nfs") || !strcmp(fstype, "nfs4")) { +- what = alloca(loclen + 1); + memcpy(what, loc, loclen); + what[loclen] = '\0'; + +@@ -706,10 +713,10 @@ static int sun_mount(struct autofs_point *ap, const char *root, + rv = mount_nfs->mount_mount(ap, root, name, namelen, + what, fstype, options, mount_nfs->context); + } else { +- if (!loclen) ++ if (!loclen) { ++ free(what); + what = NULL; +- else { +- what = alloca(loclen + 1); ++ } else { + if (*loc == ':') { + loclen--; + memcpy(what, loc + 1, loclen); +@@ -728,6 +735,9 @@ static int sun_mount(struct autofs_point *ap, const char *root, + /* Generic mount routine */ + rv = do_mount(ap, root, name, namelen, what, fstype, options); + } ++ if (what) ++ free(what); ++ + pthread_setcancelstate(cur_state, NULL); + + if (nonstrict && rv) +diff --git a/modules/replicated.c b/modules/replicated.c +index 03d4ba1e..ffaf519f 100644 +--- a/modules/replicated.c ++++ b/modules/replicated.c +@@ -1041,25 +1041,18 @@ done: + return ret; + } + +-static int add_path(struct host *hosts, const char *path, int len) ++static int add_path(struct host *hosts, const char *path) + { + struct host *this; +- char *tmp, *tmp2; +- +- tmp = alloca(len + 1); +- if (!tmp) +- return 0; +- +- strncpy(tmp, path, len); +- tmp[len] = '\0'; ++ char *tmp; + + this = hosts; + while (this) { + if (!this->path) { +- tmp2 = strdup(tmp); +- if (!tmp2) ++ tmp = strdup(path); ++ if (!tmp) + return 0; +- this->path = tmp2; ++ this->path = tmp; + } + this = this->next; + } +@@ -1188,7 +1181,7 @@ int parse_location(unsigned logopt, struct host **hosts, + } + } + +- if (!add_path(*hosts, path, strlen(path))) { ++ if (!add_path(*hosts, path)) { + free_host_list(hosts); + free(str); + return 0; diff --git a/package/autofs/patches/autofs-5.1.7-fix-concat_options-error-handling.patch b/package/autofs/patches/autofs-5.1.7-fix-concat_options-error-handling.patch new file mode 100644 index 00000000..2b170ba6 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-fix-concat_options-error-handling.patch @@ -0,0 +1,124 @@ +autofs-5.1.7 - fix concat_options() error handling + +From: Ian Kent + +There's a possibility of a memory leak in the mount options processing +when calling concat_options() in parse_mount() of the Sun format map +entry parsing. + +There's also a case in do_init() of the Sun map format parsing where +a previously freed value is used in a logging statement without being +set to MULL. + +So ensure concat_options() always frees it's arguments so that the +handling can be consistent in all places. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/parse_sun.c | 24 +++++++++++------------- + 2 files changed, 12 insertions(+), 13 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index ecffa933..8d050552 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -78,6 +78,7 @@ + - fix direct mount deadlock. + - add missing description of null map option. + - fix nonstrict offset mount fail handling. ++- fix concat_options() error handling. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/parse_sun.c b/modules/parse_sun.c +index cdf515c6..9190165d 100644 +--- a/modules/parse_sun.c ++++ b/modules/parse_sun.c +@@ -380,7 +380,8 @@ static int do_init(int argc, const char *const *argv, struct parse_context *ctxt + if (!tmp) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + logerr(MODPREFIX "concat_options: %s", estr); +- free(gbl_options); ++ /* freed in concat_options */ ++ ctxt->optstr = NULL; + } else + ctxt->optstr = tmp; + } else { +@@ -492,12 +493,16 @@ static char *concat_options(char *left, char *right) + char *ret; + + if (left == NULL || *left == '\0') { ++ if (!right || *right == '\0') ++ return NULL; + ret = strdup(right); + free(right); + return ret; + } + + if (right == NULL || *right == '\0') { ++ if (left == NULL || *left == '\0') ++ return NULL; + ret = strdup(left); + free(left); + return ret; +@@ -508,6 +513,8 @@ static char *concat_options(char *left, char *right) + if (ret == NULL) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + logerr(MODPREFIX "malloc: %s", estr); ++ free(left); ++ free(right); + return NULL; + } + +@@ -989,14 +996,13 @@ static int parse_mapent(const char *ent, char *g_options, char **options, char * + if (newopt && strstr(newopt, myoptions)) { + free(myoptions); + myoptions = newopt; +- } else { ++ } else if (newopt) { + tmp = concat_options(myoptions, newopt); + if (!tmp) { + char *estr; + estr = strerror_r(errno, buf, MAX_ERR_BUF); + error(logopt, MODPREFIX + "concat_options: %s", estr); +- free(myoptions); + return 0; + } + myoptions = tmp; +@@ -1358,16 +1364,12 @@ dont_expand: + if (mnt_options && noptions && strstr(noptions, mnt_options)) { + free(mnt_options); + mnt_options = noptions; +- } else { ++ } else if (noptions) { + tmp = concat_options(mnt_options, noptions); + if (!tmp) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + error(ap->logopt, + MODPREFIX "concat_options: %s", estr); +- if (noptions) +- free(noptions); +- if (mnt_options) +- free(mnt_options); + free(options); + free(pmapent); + return 1; +@@ -1387,15 +1389,11 @@ dont_expand: + if (options && mnt_options && strstr(mnt_options, options)) { + free(options); + options = mnt_options; +- } else { ++ } else if (mnt_options) { + tmp = concat_options(options, mnt_options); + if (!tmp) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + error(ap->logopt, MODPREFIX "concat_options: %s", estr); +- if (options) +- free(options); +- if (mnt_options) +- free(mnt_options); + free(pmapent); + return 1; + } diff --git a/package/autofs/patches/autofs-5.1.7-fix-incorrect-print-format-specifiers.patch b/package/autofs/patches/autofs-5.1.7-fix-incorrect-print-format-specifiers.patch new file mode 100644 index 00000000..7ed7e9c3 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-fix-incorrect-print-format-specifiers.patch @@ -0,0 +1,44 @@ +autofs-5.1.7 - fix incorrect print format specifiers in get_pkt() + +From: Ian Kent + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 4 ++-- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 680dbbd7..0dac7318 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -82,6 +82,7 @@ + - eliminate some more alloca usage. + - use default stack size for threads. + - fix use of possibly NULL var in lookup_program.c:match_key(). ++- fix incorrect print format specifiers in get_pkt(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/automount.c b/daemon/automount.c +index d7432350..45e0833f 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -1116,7 +1116,7 @@ static int get_pkt(struct autofs_point *ap, union autofs_v5_packet_union *pkt) + estr = strerror_r(errno, buf, MAX_ERR_BUF); + error(ap->logopt, + "read error on state pipe, " +- "read %u, error %s", ++ "read %lu, error %s", + read, estr); + st_mutex_unlock(); + continue; +@@ -1134,7 +1134,7 @@ static int get_pkt(struct autofs_point *ap, union autofs_v5_packet_union *pkt) + estr = strerror_r(errno, buf, MAX_ERR_BUF); + error(ap->logopt, + "read error on request pipe, " +- "read %u, expected %u error %s", ++ "read %lu, expected %lu error %s", + read, kpkt_len, estr); + } + return read; diff --git a/package/autofs/patches/autofs-5.1.7-fix-use-of-possibly-NULL-var-in-lookup_program_c-match_key.patch b/package/autofs/patches/autofs-5.1.7-fix-use-of-possibly-NULL-var-in-lookup_program_c-match_key.patch new file mode 100644 index 00000000..a6b1ac06 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-fix-use-of-possibly-NULL-var-in-lookup_program_c-match_key.patch @@ -0,0 +1,43 @@ +autofs-5.1.7 - fix use of possibly NULL var in lookup_program.c:match_key() + +From: Ian Kent + +The lookup key used in match_key() should not be NULL. + +A check for a malloc() failure of the lookup key is missing in one of +the two cases in match_key() so add it. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/lookup_program.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/CHANGELOG b/CHANGELOG +index 61f3547a..680dbbd7 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -81,6 +81,7 @@ + - fix concat_options() error handling. + - eliminate some more alloca usage. + - use default stack size for threads. ++- fix use of possibly NULL var in lookup_program.c:match_key(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/lookup_program.c b/modules/lookup_program.c +index 028580e5..691abedb 100644 +--- a/modules/lookup_program.c ++++ b/modules/lookup_program.c +@@ -468,6 +468,11 @@ static int match_key(struct autofs_point *ap, + + if (!is_amd_format) { + lkp_key = strdup(name); ++ if (!lkp_key) { ++ char *estr = strerror_r(errno, buf, MAX_ERR_BUF); ++ error(ap->logopt, MODPREFIX "malloc: %s", estr); ++ return NSS_STATUS_UNAVAIL; ++ } + lkp_len = name_len; + } else { + size_t len; diff --git a/package/autofs/patches/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch b/package/autofs/patches/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch new file mode 100644 index 00000000..0726f0eb --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch @@ -0,0 +1,69 @@ +autofs-5.1.7 - make NFS version check flags consistent + +From: Ian Kent + +Several of the NFS connection macros have the same value so that they +can be used as internal code documentation of what is being done. + +Adjust the protocol macro naming to be consistent in a few places. + +Also make sure the correct flags are set for the function they indicate. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/mount_nfs.c | 16 +++++++++------- + 2 files changed, 10 insertions(+), 7 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 17926916..c27973bb 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -89,6 +89,7 @@ + - add buffer length check to rmdir_path(). + - eliminate buffer usage from handle_mounts_cleanup(). + - add buffer length checks to autofs mount_mount(). ++- make NFS version check flags consistent. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/mount_nfs.c b/modules/mount_nfs.c +index 0314a78f..0ab87dcf 100644 +--- a/modules/mount_nfs.c ++++ b/modules/mount_nfs.c +@@ -178,18 +178,20 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int + port = 0; + } else if (_strncmp("proto=udp", cp, o_len) == 0 || + _strncmp("udp", cp, o_len) == 0) { +- vers &= ~TCP_SUPPORTED; ++ vers &= ~TCP_REQUESTED; ++ vers |= UDP_REQUESTED; + } else if (_strncmp("proto=udp6", cp, o_len) == 0 || + _strncmp("udp6", cp, o_len) == 0) { +- vers &= ~TCP_SUPPORTED; +- vers |= UDP6_REQUESTED; ++ vers &= ~(TCP_REQUESTED|TCP6_REQUESTED); ++ vers |= (UDP_REQUESTED|UDP6_REQUESTED); + } else if (_strncmp("proto=tcp", cp, o_len) == 0 || + _strncmp("tcp", cp, o_len) == 0) { +- vers &= ~UDP_SUPPORTED; ++ vers &= ~UDP_REQUESTED; ++ vers |= TCP_REQUESTED; + } else if (_strncmp("proto=tcp6", cp, o_len) == 0 || + _strncmp("tcp6", cp, o_len) == 0) { +- vers &= ~UDP_SUPPORTED; +- vers |= TCP6_REQUESTED; ++ vers &= ~(UDP_REQUESTED|UDP6_REQUESTED); ++ vers |= TCP_REQUESTED|TCP6_REQUESTED; + } + /* Check for options that also make sense + with bind mounts */ +@@ -246,7 +248,7 @@ int mount_mount(struct autofs_point *ap, const char *root, const char *name, int + mount_default_proto == 4 && + (vers & NFS_VERS_MASK) != 0 && + (vers & NFS4_VERS_MASK) != 0 && +- !(vers & UDP6_REQUESTED)) { ++ !(vers & (UDP_REQUESTED|UDP6_REQUESTED))) { + unsigned int v4_probe_ok = 0; + struct host *tmp = new_host(hosts->name, 0, + hosts->addr, hosts->addr_len, diff --git a/package/autofs/patches/autofs-5.1.7-refactor-get_nfs_info.patch b/package/autofs/patches/autofs-5.1.7-refactor-get_nfs_info.patch new file mode 100644 index 00000000..bdcdeb23 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-refactor-get_nfs_info.patch @@ -0,0 +1,206 @@ +autofs-5.1.7 - refactor get_nfs_info() + +From: Ian Kent + +Make getting a portmap client and getting a service port from portmap +helper functions and simplify the return handling. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + modules/replicated.c | 135 ++++++++++++++++++++++++++++---------------------- + 2 files changed, 76 insertions(+), 60 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index c27973bb..5d2c2c88 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -90,6 +90,7 @@ + - eliminate buffer usage from handle_mounts_cleanup(). + - add buffer length checks to autofs mount_mount(). + - make NFS version check flags consistent. ++- refactor get_nfs_info(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/modules/replicated.c b/modules/replicated.c +index ffaf519f..e03c9d25 100644 +--- a/modules/replicated.c ++++ b/modules/replicated.c +@@ -223,6 +223,49 @@ void free_host_list(struct host **list) + *list = NULL; + } + ++static unsigned int get_portmap_client(unsigned logopt, ++ struct conn_info *pm_info, struct host *host, ++ int proto) ++{ ++ unsigned int status; ++ ++ /* On success client is stored in pm_info->client */ ++ status = rpc_portmap_getclient(pm_info, ++ host->name, host->addr, host->addr_len, ++ proto, RPC_CLOSE_DEFAULT); ++ if (status == -EHOSTUNREACH) ++ debug(logopt, ++ "host not reachable getting portmap client"); ++ else if (status) ++ debug(logopt, "error 0x%d getting portmap client"); ++ ++ return status; ++} ++ ++static unsigned int get_portmap_port(unsigned logopt, ++ struct conn_info *pm_info, struct pmap *parms, ++ unsigned long vers, unsigned int version, ++ short unsigned int *port) ++{ ++ unsigned int status; ++ short unsigned int nfs_port; ++ ++ parms->pm_vers = vers; ++ status = rpc_portmap_getport(pm_info, parms, &nfs_port); ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { ++ debug(logopt, ++ "host not reachable or timed out getting service port"); ++ } else if (status < 0) { ++ if (!(version & NFS_VERS_MASK)) ++ debug(logopt, "error 0x%d getting service port"); ++ } ++ ++ if (!status) ++ *port = nfs_port; ++ ++ return status; ++} ++ + static unsigned int get_nfs_info(unsigned logopt, struct host *host, + struct conn_info *pm_info, struct conn_info *rpc_info, + int proto, unsigned int version, int port) +@@ -263,33 +306,20 @@ static unsigned int get_nfs_info(unsigned logopt, struct host *host, + goto v3_ver; + + if (!port) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) { +- debug(logopt, "error 0x%d getting portmap client"); ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; + } +- parms.pm_vers = NFS4_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; +- goto done_ver; +- } else if (status < 0) { +- if (version & NFS_VERS_MASK) ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS4_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; ++ if (status < 0 && version & NFS_VERS_MASK) + goto v3_ver; /* MOUNT_NFS_DEFAULT_PROTOCOL=4 */ +- else { +- debug(logopt, +- "error 0x%d getting service port"); +- goto done_ver; +- } ++ goto done_ver; + } + } + +@@ -334,31 +364,22 @@ v3_ver: + goto v2_ver; + + if (!port && !pm_info->client) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) { +- debug(logopt, +- "error 0x%d getting getting portmap client"); ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; + } + } + + if (!port) { +- parms.pm_vers = NFS3_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS3_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; + goto done_ver; +- } else if (status < 0) +- goto v2_ver; ++ } + } + + if (rpc_info->proto == IPPROTO_UDP) +@@ -399,28 +420,22 @@ v2_ver: + goto done_ver; + + if (!port && !pm_info->client) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; ++ } + } + + if (!port) { +- parms.pm_vers = NFS2_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; +- goto done_ver; +- } else if (status < 0) ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS2_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; + goto done_ver; ++ } + } + + if (rpc_info->proto == IPPROTO_UDP) diff --git a/package/autofs/patches/autofs-5.1.7-use-default-stack-size-for-threads.patch b/package/autofs/patches/autofs-5.1.7-use-default-stack-size-for-threads.patch new file mode 100644 index 00000000..09b776a4 --- /dev/null +++ b/package/autofs/patches/autofs-5.1.7-use-default-stack-size-for-threads.patch @@ -0,0 +1,128 @@ +autofs-5.1.7 - use default stack size for threads + +From: Ian Kent + +autofs uses PTHREAD_STACK_MIN to set the stack size for threads it +creates. + +In two cases it is used to reduce the stack size for long running +service threads while it's used to allocate a larger stack for worker +threads that can have larger memory requirements. + +In recent glibc releases PTHREAD_STACK_MIN is no longer a constant +which can lead to unexpectedly different stack sizes on different +architectures and the autofs assumption it's a constant causes a +compile failure. + +The need to alter the stack size was due to observed stack overflow +which was thought to be due the thread stack being too small for autofs +and glibc alloca(3) usage. + +Quite a bit of that alloca(3) usage has been eliminated from autofs now, +particularly those that might be allocating largish amounts of storage, +and there has been a lot of change in glibc too so using the thread +default stack should be ok. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 29 ----------------------------- + daemon/state.c | 6 +----- + lib/alarm.c | 6 +----- + 4 files changed, 3 insertions(+), 39 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 2b7cfaa0..61f3547a 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -80,6 +80,7 @@ + - fix nonstrict offset mount fail handling. + - fix concat_options() error handling. + - eliminate some more alloca usage. ++- use default stack size for threads. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +diff --git a/daemon/automount.c b/daemon/automount.c +index 23235a7d..d7432350 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -84,7 +84,6 @@ static size_t kpkt_len; + /* Attributes for creating detached and joinable threads */ + pthread_attr_t th_attr; + pthread_attr_t th_attr_detached; +-size_t detached_thread_stack_size = PTHREAD_STACK_MIN * 144; + + struct master_readmap_cond mrc = { + PTHREAD_MUTEX_INITIALIZER, PTHREAD_COND_INITIALIZER, 0, NULL, 0, 0, 0, 0}; +@@ -2620,34 +2619,6 @@ int main(int argc, char *argv[]) + exit(1); + } + +-#ifdef _POSIX_THREAD_ATTR_STACKSIZE +- if (pthread_attr_setstacksize( +- &th_attr_detached, detached_thread_stack_size)) { +- logerr("%s: failed to set stack size thread attribute!", +- program); +- if (start_pipefd[1] != -1) { +- res = write(start_pipefd[1], pst_stat, sizeof(*pst_stat)); +- close(start_pipefd[1]); +- } +- release_flag_file(); +- macro_free_global_table(); +- exit(1); +- } +-#endif +- +- if (pthread_attr_getstacksize( +- &th_attr_detached, &detached_thread_stack_size)) { +- logerr("%s: failed to get detached thread stack size!", +- program); +- if (start_pipefd[1] != -1) { +- res = write(start_pipefd[1], pst_stat, sizeof(*pst_stat)); +- close(start_pipefd[1]); +- } +- release_flag_file(); +- macro_free_global_table(); +- exit(1); +- } +- + info(logging, "Starting automounter version %s, master map %s", + version, master_list->name); + info(logging, "using kernel protocol version %d.%02d", +diff --git a/daemon/state.c b/daemon/state.c +index 5156bb21..5df05619 100644 +--- a/daemon/state.c ++++ b/daemon/state.c +@@ -1177,12 +1177,8 @@ int st_start_handler(void) + status = pthread_attr_init(pattrs); + if (status) + pattrs = NULL; +- else { ++ else + pthread_attr_setdetachstate(pattrs, PTHREAD_CREATE_DETACHED); +-#ifdef _POSIX_THREAD_ATTR_STACKSIZE +- pthread_attr_setstacksize(pattrs, PTHREAD_STACK_MIN*4); +-#endif +- } + + status = pthread_create(&thid, pattrs, st_queue_handler, NULL); + +diff --git a/lib/alarm.c b/lib/alarm.c +index f27e13c4..1631a9bc 100755 +--- a/lib/alarm.c ++++ b/lib/alarm.c +@@ -270,12 +270,8 @@ int alarm_start_handler(void) + status = pthread_attr_init(pattrs); + if (status) + pattrs = NULL; +- else { ++ else + pthread_attr_setdetachstate(pattrs, PTHREAD_CREATE_DETACHED); +-#ifdef _POSIX_THREAD_ATTR_STACKSIZE +- pthread_attr_setstacksize(pattrs, PTHREAD_STACK_MIN*4); +-#endif +- } + + status = pthread_condattr_init(&condattrs); + if (status) diff --git a/package/autofs/patches/patch_order_5.1.7 b/package/autofs/patches/patch_order_5.1.7 index 9f107c30..0b203ce6 100644 --- a/package/autofs/patches/patch_order_5.1.7 +++ b/package/autofs/patches/patch_order_5.1.7 @@ -77,3 +77,17 @@ autofs-5.1.7-fix-hosts-map-offset-order.patch autofs-5.1.7-fix-direct-mount-deadlock.patch autofs-5.1.7-add-missing-description-of-null-map-option.patch autofs-5.1.7-fix-nonstrict-offset-mount-fail-handling.patch +autofs-5.1.7-fix-concat_options-error-handling.patch +autofs-5.1.7-eliminate-some-more-alloca-usage.patch +autofs-5.1.7-use-default-stack-size-for-threads.patch +autofs-5.1.7-fix-use-of-possibly-NULL-var-in-lookup_program_c-match_key.patch +autofs-5.1.7-fix-incorrect-print-format-specifiers.patch +autofs-5.1.7-add-mapent-path-length-check-in-handle_packet_expire_direct.patch +autofs-5.1.7-add-copy-length-check-in-umount_autofs_indirect.patch +autofs-5.1.7-add-some-buffer-length-checks-to-master-map-parser.patch +autofs-5.1.7-add-buffer-length-check-to-rmdir_path.patch +autofs-5.1.7-eliminate-buffer-usage-from-handle_mounts_cleanup.patch +autofs-5.1.7-add-buffer-length-checks-to-autofs-mount_mount.patch +autofs-5.1.7-make-NFS-version-check-flags-consistent.patch +autofs-5.1.7-refactor-get_nfs_info.patch +autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch