!51 [sync] PR-47: quotaio_xfs: Fix error handling in xfs_read_dquot()

From: @openeuler-sync-bot 
Reviewed-by: @swf504 
Signed-off-by: @swf504

0004-quota_nld-Initialize-sa_mask-when-registering-PID-fi.patch

@@ -0,0 +1,34 @@
+From 25f16b1de313ce0d411f754572f94f051bfbe3c8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Tue, 16 Mar 2021 17:28:15 +0100
+Subject: [PATCH] quota_nld: Initialize sa_mask when registering PID file
+ removal
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+term_action.sa_mask is an automatic variable and and thus unitialized.
+This patch empties the signal mask.
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+Signed-off-by: Jan Kara <jack@suse.cz>
+---
+ quota_nld.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/quota_nld.c b/quota_nld.c
+index 72d99a9..09c4775 100644
+--- a/quota_nld.c
++++ b/quota_nld.c
+@@ -466,7 +466,7 @@ static void use_pid_file(void)
+ 
+ 	term_action.sa_handler = remove_pid;
+ 	term_action.sa_flags = 0;
+-	if (sigaction(SIGTERM, &term_action, NULL))
++	if (sigemptyset(&term_action.sa_mask) || sigaction(SIGTERM, &term_action, NULL))
+ 		errstr(_("Could not register PID file removal on SIGTERM.\n"));
+ 	if (store_pid())
+ 		errstr(_("Could not store my PID %jd.\n"), (intmax_t )getpid());
+-- 
+1.8.3.1
+

0005-quota-nld-fix-open-PID-file-failed-when-systemd-read.patch

@@ -0,0 +1,110 @@
+From 06b93e5c1caf5d36d51132cb85c11a96cbdae023 Mon Sep 17 00:00:00 2001
+From: "lihaoxiang (F)" <lihaoxiang9@huawei.com>
+Date: Thu, 1 Dec 2022 12:10:49 +0800
+Subject: [PATCH] quota-nld: fix open PID file failed when systemd read it
+
+Running quota_nld by systemd might cause the problem that systemd
+couldn't open the PID file generated by quota_nld. In fact, the PID
+file hasn't existed yet because it originates from the child process
+of quota_nld which is a daemon process. As the main process exit,
+systemd try to access the PID file but the daemon hadn't create it
+that time.
+
+In this situation, we move the procedure of creating PID file into the
+parent process to ensure the PID file must existed when quota_nld exit.
+After that, the above problem would never occur again.
+
+[JK: Fixed up SIGTERM handling and format strings]
+
+Signed-off-by: lihaoxiang <lihaoxiang9@huawei.com>
+Signed-off-by: Jan Kara <jack@suse.cz>
+---
+ quota_nld.c | 44 ++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 34 insertions(+), 10 deletions(-)
+
+diff --git a/quota_nld.c b/quota_nld.c
+index 09c4775..82e60c2 100644
+--- a/quota_nld.c
++++ b/quota_nld.c
+@@ -413,7 +413,7 @@ static char *build_pid_file_name(void)
+ }
+ 
+ /* Store daemon's PID to file */
+-static int store_pid(void)
++static int store_pid(pid_t pid)
+ {
+ 	FILE *pid_file;
+ 	char *pid_name;
+@@ -429,7 +429,7 @@ static int store_pid(void)
+ 		free(pid_name);
+ 		return -1;
+ 	}
+-	if (fprintf(pid_file, "%jd\n", (intmax_t)getpid()) < 0) {
++	if (fprintf(pid_file, "%d\n", (int)pid) < 0) {
+ 		errstr(_("Could not write daemon's PID into '%s'.\n"),
+ 			pid_name);
+ 		fclose(pid_file);
+@@ -460,7 +460,7 @@ static void remove_pid(int signal)
+ }
+ 
+ /* Store daemon's PID into file and register its removal on SIGTERM */
+-static void use_pid_file(void)
++static void setup_sigterm_handler(void)
+ {
+ 	struct sigaction term_action;
+ 
+@@ -468,8 +468,36 @@ static void use_pid_file(void)
+ 	term_action.sa_flags = 0;
+ 	if (sigemptyset(&term_action.sa_mask) || sigaction(SIGTERM, &term_action, NULL))
+ 		errstr(_("Could not register PID file removal on SIGTERM.\n"));
+-	if (store_pid())
+-		errstr(_("Could not store my PID %jd.\n"), (intmax_t )getpid());
++}
++
++static void fork_daemon(void)
++{
++	pid_t pid = fork();
++	if (pid < 0) {
++		errstr(_("Failed to daemonize: fork: %s\n"), strerror(errno));
++		exit(1);
++	} else if (pid != 0) {
++		if (store_pid(pid)) {
++			errstr(_("Could not store my PID %d.\n"), (int)pid);
++			kill(pid, SIGKILL);
++		}
++		exit(0);
++	}
++
++	setup_sigterm_handler();
++	if (setsid() < 0) {
++		errstr(_("Failed to daemonize: setsid: %s\n"), strerror(errno));
++		exit(1);
++	}
++	if (chdir("/") < 0)
++		errstr(_("Failed to chdir in daemonize\n"));
++	int fd = open("/dev/null", O_RDWR, 0);
++	if (fd >= 0) {
++		dup2(fd, STDIN_FILENO);
++		dup2(fd, STDOUT_FILENO);
++		dup2(fd, STDERR_FILENO);
++		close(fd);
++	}
+ }
+ 
+ int main(int argc, char **argv)
+@@ -485,11 +513,7 @@ int main(int argc, char **argv)
+ 		dhandle = init_dbus();
+ 	if (!(flags & FL_NODAEMON)) {
+ 		use_syslog();
+-		if (daemon(0, 0)) {
+-			errstr(_("Failed to daemonize: %s\n"), strerror(errno));
+-			exit(1);
+-		};
+-		use_pid_file();
++		fork_daemon();
+ 	}
+ 	run(nsock);
+ 	return 0;
+-- 
+1.8.3.1
+

0006-common.c-fix-strncat-usage.patch

@@ -0,0 +1,43 @@
+From b0f95e3954f85d97a99f8a08645418945484dbca Mon Sep 17 00:00:00 2001
+From: "Dmitry V. Levin" <ldv@altlinux.org>
+Date: Wed, 1 Sep 2021 08:00:00 +0000
+Subject: [PATCH] common.c: fix strncat usage
+
+When quota is configured using --enable-werror, gcc -flto fails with
+the following diagnostics:
+
+In function 'strncat',
+    inlined from 'sstrncat' at common.c:113:2,
+    inlined from 'get_proc_num' at quotastats.c:46:2:
+/usr/include/bits/string_fortified.h:122:10: error: '__builtin___strncat_chk' specified bound 4096 equals destination size [-Werror=str
+ingop-overflow=]
+  122 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
+      |          ^
+
+This diagnostics is correct: when "src" contains "len" or more bytes,
+strncat() writes "len"+1 bytes to "dest" ("len" from "src" plus
+the terminating null byte).
+
+Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
+Signed-off-by: Jan Kara <jack@suse.cz>
+---
+ common.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/common.c b/common.c
+index 8be0428..b3e5ad2 100644
+--- a/common.c
++++ b/common.c
+@@ -110,8 +110,7 @@ void sstrncpy(char *d, const char *s, size_t len)
+ 
+ void sstrncat(char *d, const char *s, size_t len)
+ {
+-	strncat(d, s, len);
+-	d[len - 1] = 0;
++	strncat(d, s, len - 1);
+ }
+ 
+ char *sstrdup(const char *s)
+-- 
+2.39.2
+

0007-quota-Use-realloc-3-instead-of-reallocarray-3.patch

@@ -0,0 +1,32 @@
+From 02b222a335527f1031cc9495d8c5ebc1bc5b1d4e Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Wed, 11 Nov 2020 15:00:47 +0100
+Subject: [PATCH] quota: Use realloc(3) instead of reallocarray(3)
+
+reallocarray(3) has been added to glibc relatively recently (version
+2.26, from 2017) and apparently not all users run new enough glibc. Just
+use realloc(3) for now since in this case there's no real risk of
+overflow.
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Signed-off-by: Jan Kara <jack@suse.cz>
+---
+ quota.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/quota.c b/quota.c
+index a6ed61f..a60de12 100644
+--- a/quota.c
++++ b/quota.c
+@@ -385,7 +385,7 @@ int main(int argc, char **argv)
+ 			  break;
+ 		  case 259:
+ 			  fscount++;
+-			  fsnames = reallocarray(fsnames, fscount, sizeof(char *));
++			  fsnames = realloc(fsnames, fscount * sizeof(char *));
+ 			  if (!fsnames)
+ 				die(1, _("Not enough memory for filesystem names"));
+ 			  fsnames[fscount - 1] = optarg;
+-- 
+2.33.0
+

0008-quotaio_xfs-Fix-error-handling-in-xfs_read_dquot.patch

@@ -0,0 +1,36 @@
+From dba8c5ca95516b9550fc44b2a476ceca60ee4b38 Mon Sep 17 00:00:00 2001
+From: Jan Kara <jack@suse.cz>
+Date: Tue, 7 May 2024 12:55:30 +0200
+Subject: [PATCH] quotaio_xfs: Fix error handling in xfs_read_dquot()
+
+When quotactl(2) fails, xfs_read_dquot() will happily return zero-filled
+structure. This is fine when the user structure does not exist but it is
+wrong when there's other error (like EACCESS). Fix the error handling.
+
+Signed-off-by: Jan Kara <jack@suse.cz>
+---
+ quotaio_xfs.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/quotaio_xfs.c b/quotaio_xfs.c
+index 5abb2c2..a91567d 100644
+--- a/quotaio_xfs.c
++++ b/quotaio_xfs.c
+@@ -175,7 +175,13 @@ static struct dquot *xfs_read_dquot(struct quota_handle *h, qid_t id)
+ 
+ 	qcmd = QCMD(Q_XFS_GETQUOTA, h->qh_type);
+ 	if (quotactl(qcmd, h->qh_quotadev, id, (void *)&xdqblk) < 0) {
+-		;
++		/*
++		 * ENOENT means the structure just does not exist - return all
++		 * zeros. Otherwise return failure.
++		 */
++		if (errno != ENOENT) {
++			return NULL;
++		}
+ 	}
+ 	else {
+ 		xfs_kern2utildqblk(&dquot->dq_dqb, &xdqblk);
+-- 
+2.33.0
+

0009-quotaio_xfs-Fix-memory-leak.patch

@@ -0,0 +1,30 @@
+From c59b85805ee64c7ee2937b91533eb96f56d87738 Mon Sep 17 00:00:00 2001
+From: Pavel Reichl <preichl@redhat.com>
+Date: Tue, 30 Jul 2024 00:18:13 +0200
+Subject: [PATCH] quotaio_xfs: Fix memory leak
+
+Error: RESOURCE_LEAK (CWE-772):
+quota-4.09/quotaio_xfs.c:162:2: alloc_fn: Storage is returned from allocation function "get_empty_dquot".
+quota-4.09/quotaio_xfs.c:162:2: var_assign: Assigning: "dquot" = storage returned from "get_empty_dquot()".
+quota-4.09/quotaio_xfs.c:180:4: leaked_storage: Variable "dquot" going out of scope leaks the storage it points to.
+
+Signed-off-by: Pavel Reichl <preichl@redhat.com>
+---
+ quotaio_xfs.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/quotaio_xfs.c b/quotaio_xfs.c
+index 2df27b5..5446bc5 100644
+--- a/quotaio_xfs.c
++++ b/quotaio_xfs.c
+@@ -174,6 +174,7 @@ static struct dquot *xfs_read_dquot(struct quota_handle *h, qid_t id)
+ 		 * zeros. Otherwise return failure.
+ 		 */
+ 		if (errno != ENOENT) {
++			free(dquot);
+ 			return NULL;
+ 		}
+ 	}
+-- 
+2.33.0
+

quota.spec

@@ -1,7 +1,7 @@
 Name:      quota
 Version:   4.06
 Epoch:     1
-Release:   5
+Release:   10
 Summary:   Linux Diskquota system as part of the Linux kernel
 License:   BSD and GPLv2 and GPLv2+ and LGPLv2+
 URL:       http://sourceforge.net/projects/linuxquota/
@@ -16,6 +16,12 @@ Patch0: 0000-Limit-number-of-comparison-characters-to-4.patch
 Patch1: 0001-Limit-maximum-of-RPC-port.patch
 Patch2: 0002-quotaio_xfs-Warn-when-large-kernel-timestamps-cannot.patch
 Patch3: 0003-quota-Add-sw64-architecture.patch
+Patch4:	0004-quota_nld-Initialize-sa_mask-when-registering-PID-fi.patch
+Patch5: 0005-quota-nld-fix-open-PID-file-failed-when-systemd-read.patch
+Patch6: 0006-common.c-fix-strncat-usage.patch
+Patch7: 0007-quota-Use-realloc-3-instead-of-reallocarray-3.patch
+Patch8: 0008-quotaio_xfs-Fix-error-handling-in-xfs_read_dquot.patch
+Patch9: 0009-quotaio_xfs-Fix-memory-leak.patch
 
 BuildRequires:     autoconf, automake, coreutils, rpcgen, systemd, gcc
 BuildRequires:     e2fsprogs-devel, gettext-devel, openldap-devel
@@ -124,6 +130,27 @@ make check
 %{_mandir}/man*/*
 
 %changelog
+* Wed May 7 2025 lvyy <lyunmail@163.com> - 1:4.06-10
+- DESC:Fix error handling in xfs_read_dquot() 
+
+* Mon Oct 14 2024 lvyy <lyunmail@163.com> - 1:4.06-9
+- DESC:Use realloc(3) instead of reallocarray(3) 
+
+* Tue Jul 30 2024 wuguanghao <wuguanghao3@huawei.com> - 1:4.06-8
+- common.c: fix strncat usage
+
+* Tue Dec 6 2022 lihaoxiang <lihaoxiang9@huawei.com> - 1:4.06-7
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:rebase upstream patch about fix systemd read PID file failed
+
+* Thu Dec 1 2022 lihaoxiang <lihaoxiang9@huawei.com> - 1:4.06-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix systemd read PID file failed
+
 * Wed Oct 26 2022 wuzx<wuzx1226@qq.com> - 1:4.06-5
 - Type:feature
 - CVE:NA