diff options
| author | Jeremie Courreges-Anglas <jca@cvs.openbsd.org> | 2024-11-04 21:59:16 +0000 |
|---|---|---|
| committer | Jeremie Courreges-Anglas <jca@cvs.openbsd.org> | 2024-11-04 21:59:16 +0000 |
| commit | 440fa9681669edc3ab6d57985886cf874651b334 (patch) | |
| tree | ac3c3c98c034b667ef754d42a03ad6c3754d5ce3 /usr.sbin | |
| parent | fb9348cbdf5296f2eaba2d14073d6cb6b3cb1e41 (diff) | |
Ignore extra groups that don't fit in the buffer passed to getgrouplist(3)
Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups. With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3). That behavior is explicitely described in initgroups(3).
ok millert@ gilles@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/authpf/authpf.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c index 67d2f723705..bc410c0631c 100644 --- a/usr.sbin/authpf/authpf.c +++ b/usr.sbin/authpf/authpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authpf.c,v 1.129 2022/01/28 06:33:26 guenther Exp $ */ +/* $OpenBSD: authpf.c,v 1.130 2024/11/04 21:59:15 jca Exp $ */ /* * Copyright (C) 1998 - 2007 Bob Beck (beck@openbsd.org). @@ -528,8 +528,17 @@ allowed_luser(struct passwd *pw) } if (!gl_init) { - (void) getgrouplist(pw->pw_name, + int maxgroups, ret; + + maxgroups = ngroups; + ret = getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups); + if (ret == -1) { + /* + * Silently truncate group list + */ + ngroups = maxgroups; + } gl_init++; } |