configure.ac: Release 4.15.3

Signed-off-by: Alejandro Colomar <alx@kernel.org>

Makefile.am

@@ -15,4 +15,15 @@ SUBDIRS += man
 endif
 
 CLEANFILES = man/8.out man/po/remove-potcdate.* man/*/login.defs.d man/*/*.mo
+
 EXTRA_DIST = tests/
+
+dist-hook:
+	chmod -R u+w $(distdir)/tests
+	chmod u+w $(distdir)
+	mv $(distdir)/tests/unit $(distdir)/realunittest
+	mv $(distdir)/tests/tests $(distdir)/realtests
+	rm -rf $(distdir)/tests
+	mv $(distdir)/realtests $(distdir)/tests
+	rm -rf $(distdir)/tests/unit $(distdir)/tests/Makefile*
+	mv $(distdir)/realunittest $(distdir)/tests/unit

configure.ac

@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
 m4_define([libsubid_abi_minor], 0)
 m4_define([libsubid_abi_micro], 0)
 m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
-AC_INIT([shadow], [4.15.2], [pkg-shadow-devel@lists.alioth.debian.org], [],
+AC_INIT([shadow], [4.15.3], [pkg-shadow-devel@lists.alioth.debian.org], [],
 	[https://github.com/shadow-maint/shadow])
 AM_INIT_AUTOMAKE([1.11 foreign dist-xz subdir-objects tar-pax])
 AC_CONFIG_MACRO_DIRS([m4])

lib/subordinateio.c

@@ -274,40 +274,8 @@ static const struct subordinate_range *find_range(struct commonio_db *db,
 	return NULL;
 }
 
-/*
- * have_range: check whether @owner is authorized to use the range
- *             (@start .. @start+@count-1).
- * @db: database to check
- * @owner: owning uid being queried
- * @start: start of range
- * @count: number of uids in range
- *
- * Returns true if @owner is authorized to use the range, false otherwise.
- */
 static bool have_range(struct commonio_db *db,
-		       const char *owner, unsigned long start, unsigned long count)
+		       const char *owner, unsigned long start, unsigned long count);
-{
-	const struct subordinate_range *range;
-	unsigned long end;
-
-	if (count == 0)
-		return false;
-
-	end = start + count - 1;
-	range = find_range (db, owner, start);
-	while (range) {
-		unsigned long last;
-
-		last = range->start + range->count - 1;
-		if (last >= (start + count - 1))
-			return true;
-
-		count = end - last;
-		start = last + 1;
-		range = find_range(db, owner, start);
-	}
-	return false;
-}
 
 static bool append_range(struct subid_range **ranges, const struct subordinate_range *new, int n)
 {
@@ -574,6 +542,64 @@ static struct commonio_db subordinate_uid_db = {
 	false			/* setname */
 };
 
+/*
+ * have_range: check whether @owner is authorized to use the range
+ *             (@start .. @start+@count-1).
+ * @db: database to check
+ * @owner: owning uid being queried
+ * @start: start of range
+ * @count: number of uids in range
+ *
+ * Returns true if @owner is authorized to use the range, false otherwise.
+ */
+static bool have_range(struct commonio_db *db,
+		       const char *owner, unsigned long start, unsigned long count)
+{
+	const struct subordinate_range *range;
+	unsigned long end;
+	bool doclose = false;
+	bool ret = false;
+	int rc;
+
+	if (count == 0)
+		return false;
+
+	if (!db->isopen) {
+		doclose = true;
+		if (db == &subordinate_uid_db)
+			rc = sub_uid_open(O_RDONLY);
+		else
+			rc = sub_gid_open(O_RDONLY);
+		if (rc < 0)
+			return false;
+	}
+
+	end = start + count - 1;
+	range = find_range (db, owner, start);
+	while (range) {
+		unsigned long last;
+
+		last = range->start + range->count - 1;
+		if (last >= (start + count - 1)) {
+			ret = true;
+			break;
+		}
+
+		count = end - last;
+		start = last + 1;
+		range = find_range(db, owner, start);
+	}
+
+	if (doclose) {
+		if (db == &subordinate_uid_db)
+			sub_uid_close();
+		else
+			sub_gid_close();
+	}
+
+	return ret;
+}
+
 int sub_uid_setdbname (const char *filename)
 {
 	return commonio_setname (&subordinate_uid_db, filename);

tests/common/config.sh

@@ -2,14 +2,16 @@
 
 set -e
 
-build_path=$(pwd)
+if [ -n "${BUILD_BASE_DIR}" ]; then
-while [ "${build_path}" != "/" -a ! -e "${build_path}/.git" ]; do
+    build_path="${BUILD_BASE_DIR}"
-	build_path=$(dirname ${build_path})
+else
-done
+    build_path=$(git rev-parse --show-toplevel)
-if [ ! -e "${build_path}/.git" ]; then
-	echo "Not inside git directory" 1>&2
-	exit 1
 fi
+if [ -z "${build_path}" ]; then
+    echo "Failed to find build base path"
+    exit 1
+fi
+export build_path
 
 # Save the configuration files in tmp.
 save_config ()

tests/libsubid/04_nss/Makefile

@@ -1,12 +1,15 @@
 all: test_nss libsubid_zzz.so
 
-test_nss: test_nss.c ../../../lib/nss.c
+BASE_TEST_DIR ?= $(shell git rev-parse --show-toplevel)
-	gcc -c -I../../../lib/ -I../../.. -o test_nss.o test_nss.c
+basedir := $(BASE_TEST_DIR)
-	gcc -o test_nss test_nss.o ../../../lib/.libs/libshadow.a -ldl
+
+test_nss: test_nss.c $(basedir)/lib/nss.c
+	gcc -c -I$(basedir)/lib/ -I$(basedir) -o test_nss.o test_nss.c
+	gcc -o test_nss test_nss.o $(basedir)/lib/.libs/libshadow.a -ldl
 
 libsubid_zzz.so: libsubid_zzz.c
-	gcc -c -I../../../lib/ -I../../.. -I../../../libsubid libsubid_zzz.c
+	gcc -c -I$(basedir)/lib/ -I$(basedir) -I$(basedir)/libsubid libsubid_zzz.c
-	gcc -L../../../libsubid -shared -o libsubid_zzz.so libsubid_zzz.o ../../../lib/.libs/libshadow.a -ldl
+	gcc -L$(basedir)/libsubid -shared -o libsubid_zzz.so libsubid_zzz.o $(basedir)/lib/.libs/libshadow.a -ldl
 
 clean:
 	rm -f *.o *.so test_nss

tests/libsubid/04_nss/subidnss.test

@@ -9,7 +9,7 @@ cd $(dirname $0)
 
 make
 
-export LD_LIBRARY_PATH=.:../../../lib/.libs:$LD_LIBRARY_PATH
+export LD_LIBRARY_PATH=.:${build_path}/lib/.libs:$LD_LIBRARY_PATH
 
 ./test_nss 1
 ./test_nss 2

tests/libsubid/04_nss/test_range

@@ -11,23 +11,23 @@ cleanup1() {
     umount /etc/nsswitch.conf
 }
 trap cleanup1 EXIT HUP INT TERM
-../../../src/check_subid_range user1 u 100000 65535
+${build_path}/src/check_subid_range user1 u 100000 65535
 if [ $? -ne 0 ]; then
     exit 1
 fi
-../../../src/check_subid_range user2 u 100000 65535
+${build_path}/src/check_subid_range user2 u 100000 65535
 if [ $? -eq 0 ]; then
     exit 1
 fi
-../../../src/check_subid_range unknown u 100000 65535
+${build_path}/src/check_subid_range unknown u 100000 65535
 if [ $? -eq 0 ]; then
     exit 1
 fi
-../../../src/check_subid_range error u 100000 65535
+${build_path}/src/check_subid_range error u 100000 65535
 if [ $? -eq 0 ]; then
     exit 1
 fi
-../../../src/check_subid_range user1 u 1000 65535
+${build_path}/src/check_subid_range user1 u 1000 65535
 if [ $? -eq 0 ]; then
     exit 1
 fi
@@ -43,7 +43,7 @@ cleanup2() {
     umount /etc/nsswitch.conf
 }
 trap cleanup2 EXIT HUP INT TERM
-../../../src/check_subid_range user1 u 100000 65535
+${build_path}/src/check_subid_range user1 u 100000 65535
 if [ $? -eq 0 ]; then
     exit 1
 fi

tests/run_some

@@ -7,6 +7,22 @@ unset LANG
 unset LANGUAGE
 . common/config.sh
 
+# When we unshare -Ur, we must be able to descend the build path.
+# But $HOME might not be world x.  Fix that.
+fixup_home_perms() {
+       p="${build_path}"
+       d=""
+       echo "$p" | tr '/' '\n' | while read f; do
+               if [ -z "$f" ]; then
+                       continue
+               fi
+               d="$d/$f"
+               chmod ugo+x "$d"
+       done
+}
+
+fixup_home_perms
+
 USE_PAM="yes"
 FAILURE_TESTS="yes"
 

tests/unit/test_xasprintf.c

@@ -5,6 +5,7 @@
 
 
 #include <setjmp.h>
+#include <stdarg.h>
 #include <stddef.h>
 #include <stdlib.h>
 #include <string.h>
@@ -28,13 +29,29 @@
 static jmp_buf  jmpb;
 
 
-/**********************
- * WRAPPERS
- **********************/
 int __real_vasprintf(char **restrict p, const char *restrict fmt, va_list ap);
 int __wrap_vasprintf(char **restrict p, const char *restrict fmt, va_list ap);
 void __wrap_exit(int status);
 
+[[gnu::noipa]]
+static int xasprintf_volatile(char *volatile *restrict s,
+    const char *restrict fmt, ...);
+
+static void test_xasprintf_exit(void **state);
+static void test_xasprintf_ok(void **state);
+
+
+int
+main(void)
+{
+	const struct CMUnitTest  tests[] = {
+		cmocka_unit_test(test_xasprintf_exit),
+		cmocka_unit_test(test_xasprintf_ok),
+	};
+
+	return cmocka_run_group_tests(tests, NULL, NULL);
+}
+
 
 int
 __wrap_vasprintf(char **restrict p, const char *restrict fmt, va_list ap)
@@ -50,11 +67,16 @@ __wrap_exit(int status)
 }
 
 
-/**********************
+static int
- * TEST
+xasprintf_volatile(char *volatile *restrict s, const char *restrict fmt, ...)
- **********************/
+{
-static void test_xasprintf_exit(void **state);
+	int      len;
-static void test_xasprintf_ok(void **state);
+	va_list  ap;
+
+	va_start(ap, fmt);
+	len = xvasprintf((char **) s, fmt, ap);
+	va_end(ap);
+}
 
 
 static void
@@ -70,7 +92,7 @@ test_xasprintf_exit(void **state)
 	switch (setjmp(jmpb)) {
 	case 0:
 		len = XASPRINTF_CALLED;
-		len = xasprintf(&p, "foo%s", "bar");
+		len = xasprintf_volatile(&p, "foo%s", "bar");
 		assert_unreachable();
 		break;
 	case EXIT_CALLED:
@@ -100,15 +122,3 @@ test_xasprintf_ok(void **state)
 	assert_string_equal(p, "foo1bar");
 	free(p);
 }
-
-
-int
-main(void)
-{
-    const struct CMUnitTest  tests[] = {
-        cmocka_unit_test(test_xasprintf_exit),
-        cmocka_unit_test(test_xasprintf_ok),
-    };
-
-    return cmocka_run_group_tests(tests, NULL, NULL);
-}