diff options
author | Jeremie Courreges-Anglas <jca@cvs.openbsd.org> | 2024-11-04 21:59:16 +0000 |
---|---|---|
committer | Jeremie Courreges-Anglas <jca@cvs.openbsd.org> | 2024-11-04 21:59:16 +0000 |
commit | 440fa9681669edc3ab6d57985886cf874651b334 (patch) | |
tree | ac3c3c98c034b667ef754d42a03ad6c3754d5ce3 /usr.bin/ssh | |
parent | fb9348cbdf5296f2eaba2d14073d6cb6b3cb1e41 (diff) |
Ignore extra groups that don't fit in the buffer passed to getgrouplist(3)
Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups. With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3). That behavior is explicitely described in initgroups(3).
ok millert@ gilles@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r-- | usr.bin/ssh/groupaccess.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/usr.bin/ssh/groupaccess.c b/usr.bin/ssh/groupaccess.c index 69fd007fe15..5303688ba03 100644 --- a/usr.bin/ssh/groupaccess.c +++ b/usr.bin/ssh/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.18 2024/11/04 21:59:15 jca Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -48,15 +48,18 @@ int ga_init(const char *user, gid_t base) { gid_t groups_bygid[NGROUPS_MAX + 1]; - int i, j; + int i, j, maxgroups; struct group *gr; if (ngroups > 0) ga_free(); - ngroups = sizeof(groups_bygid) / sizeof(gid_t); - if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) + maxgroups = ngroups = sizeof(groups_bygid) / sizeof(gid_t); + if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) { logit("getgrouplist: groups list too small"); + /* Truncate group list */ + ngroups = maxgroups; + } for (i = 0, j = 0; i < ngroups; i++) if ((gr = getgrgid(groups_bygid[i])) != NULL) groups_byname[j++] = xstrdup(gr->gr_name); |