core: use readdir(3) with glibc, and associated cleanup

Starting with glibc-2.23 (i.e. what's in Fedora 25), readdir_r(3)
is marked as deprecated. Specifically the function decl in <dirent.h>
has the deprecated attribute, and now warnings are thrown during the
compile on Fedora 25 builds.

The readdir(_r)(3) man page (on Fedora 25 at least) and World+Dog say
that glibc's readdir(3) is, and always has been, MT-SAFE as long as
only one thread is accessing the directory object returned by opendir().
World+Dog also says there is a potential buffer overflow in readdir_r().
World+Dog suggests that it is preferable to simply use readdir(). There's
an implication that eventually readdir_r(3) will be removed from glibc.
POSIX has, apparently deprecated it in the standard, or even removed it
entirely.

Over and above that, our source near the various uses of readdir(_r)(3)
has a few unsafe uses of strcpy()+strcat().

(AFAIK nobody has looked at the readdir(3) implemenation in *BSD to see
if the same is true on those platforms, and we can't be sure of MacOS
even though we know it's based on *BSD.)

Change-Id: I5481f18ba1eebe7ee177895eecc9a80a71b60568
BUG: 1356998
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/14838
Smoke: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Kotresh HR <khiremat@redhat.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>

6 files changed, 32 insertions, 12 deletions

diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
index b2d5a279dc8..3529ad7f897 100644
--- a/libglusterfs/src/common-utils.c
+++ b/libglusterfs/src/common-utils.c
@@ -4084,6 +4084,7 @@ recursive_rmdir (const char *delete_path)
         struct stat     st              = {0,};
         DIR            *dir             = NULL;
         struct dirent  *entry           = NULL;
+        struct dirent   scratch[2]      = {{0,},};
         xlator_t       *this            = NULL;
 
         this = THIS;
@@ -4098,7 +4099,7 @@ recursive_rmdir (const char *delete_path)
                 goto out;
         }
 
-        GF_FOR_EACH_ENTRY_IN_DIR (entry, dir);
+        GF_FOR_EACH_ENTRY_IN_DIR (entry, dir, scratch);
         while (entry) {
                 snprintf (path, PATH_MAX, "%s/%s", delete_path, entry->d_name);
                 ret = sys_lstat (path, &st);
@@ -4121,7 +4122,7 @@ recursive_rmdir (const char *delete_path)
                 gf_msg_debug (this->name, 0, "%s %s", ret ?
                               "Failed to remove" : "Removed", entry->d_name);
 
-                GF_FOR_EACH_ENTRY_IN_DIR (entry, dir);
+                GF_FOR_EACH_ENTRY_IN_DIR (entry, dir, scratch);
         }
 
         ret = sys_closedir (dir);
diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h
index d7277e6e834..aacf2c5a32c 100644
--- a/libglusterfs/src/common-utils.h
+++ b/libglusterfs/src/common-utils.h
@@ -396,15 +396,15 @@ union gf_sock_union {
 
 #define IOV_MIN(n) min(IOV_MAX,n)
 
-#define GF_FOR_EACH_ENTRY_IN_DIR(entry, dir) \
+#define GF_FOR_EACH_ENTRY_IN_DIR(entry, dir, scr) \
         do {\
                 entry = NULL;\
                 if (dir) { \
-                        entry = sys_readdir (dir); \
+                        entry = sys_readdir (dir, scr); \
                         while (entry && (!strcmp (entry->d_name, ".") || \
                             !fnmatch ("*.tmp", entry->d_name, 0) || \
                             !strcmp (entry->d_name, ".."))) { \
-                                entry = sys_readdir (dir); \
+                                entry = sys_readdir (dir, scr); \
                         } \
                 } \
         } while (0)
diff --git a/libglusterfs/src/inode.c b/libglusterfs/src/inode.c
index 6d79ac2d3f9..6e1234e9ce2 100644
--- a/libglusterfs/src/inode.c
+++ b/libglusterfs/src/inode.c
@@ -852,10 +852,7 @@ inode_grep_for_gfid (inode_table_t *table, inode_t *parent, const char *name,
 gf_boolean_t
 __is_root_gfid (uuid_t gfid)
 {
-        uuid_t  root;
-
-        memset (root, 0, 16);
-        root[15] = 1;
+        static uuid_t root = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1};
 
         if (gf_uuid_compare (gfid, root) == 0)
                 return _gf_true;
diff --git a/libglusterfs/src/run.c b/libglusterfs/src/run.c
index c625a5b99de..ff587f7e4de 100644
--- a/libglusterfs/src/run.c
+++ b/libglusterfs/src/run.c
@@ -277,11 +277,16 @@ runner_start (runner_t *runner)
 #ifdef GF_LINUX_HOST_OS
                         DIR *d = NULL;
                         struct dirent *de = NULL;
+                        struct dirent  scratch[2] = {{0,},};
                         char *e = NULL;
 
                         d = sys_opendir ("/proc/self/fd");
                         if (d) {
-                                while ((de = sys_readdir (d))) {
+                                for (;;) {
+                                        errno = 0;
+                                        de = sys_readdir (d, scratch);
+                                        if (!de || errno != 0)
+                                                break;
                                         i = strtoul (de->d_name, &e, 10);
                                         if (*e == '\0' && i > 2 &&
                                             i != dirfd (d) && i != xpi[1])
diff --git a/libglusterfs/src/syscall.c b/libglusterfs/src/syscall.c
index 316d80452fb..93838e285a4 100644
--- a/libglusterfs/src/syscall.c
+++ b/libglusterfs/src/syscall.c
@@ -94,9 +94,26 @@ int sys_mkdirat(int dirfd, const char *pathname, mode_t mode)
 }
 
 struct dirent *
-sys_readdir (DIR *dir)
+sys_readdir (DIR *dir, struct dirent *de)
 {
+#if !defined(__GLIBC__)
+        /*
+         * World+Dog says glibc's readdir(3) is MT-SAFE as long as
+         * two threads are not accessing the same DIR; there's a
+         * potential buffer overflow in glibc's readdir_r(3); and
+         * glibc's readdir_r(3) is deprecated after version 2.22
+         * with presumed eventual removal.
+         * Given all that, World+Dog says everyone should just use
+         * readdir(3). But it's unknown, unclear whether the same
+         * is also true for *BSD, MacOS, and, etc.
+        */
+        struct dirent *entry = NULL;
+
+        (void) readdir_r (dir, de, &entry);
+        return entry;
+#else
         return readdir (dir);
+#endif
 }
 
 
diff --git a/libglusterfs/src/syscall.h b/libglusterfs/src/syscall.h
index b549f6a1b3c..6fee9bd5c5c 100644
--- a/libglusterfs/src/syscall.h
+++ b/libglusterfs/src/syscall.h
@@ -69,7 +69,7 @@ sys_openat (int dirfd, const char *pathname, int flags, ...);
 DIR *sys_opendir (const char *name);
 
 struct dirent *
-sys_readdir (DIR *dir);
+sys_readdir (DIR *dir, struct dirent *de);
 
 ssize_t
 sys_readlink (const char *path, char *buf, size_t bufsiz);