[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
TODO entry for getgrouplist
|
From: |
James Youngman |
|
Subject: |
TODO entry for getgrouplist |
|
Date: |
Sat, 16 Feb 2008 17:20:41 +0000 |
The current coreutils TODO file says:-
Implement Ulrich Drepper's suggestion to use getgrouplist rather than
getugroups. This affects both `id' and `setuidgid', but makes a big
difference on systems with many users and/or groups, and makes id usable
once again on systems where access restrictions make getugroups fail.
But first we'll need a run-test (either in an autoconf macro or at
run time) to avoid the segfault bug in libc-2.3.2's getgrouplist.
In that case, we'd revert to using a new (to-be-written) getgrouplist
module that does most of what `id' already does. Or just avoid the
buggy use of getgrouplist by never passing it a buffer of length zero.
See http://bugzilla.redhat.com/200327
This seems to me to imply that there are safe usages of getgrouplist()
on arbitrary systems. Specifically, that the problem is the zero
length of the buffer. However the manpage for that function says :
The glibc 2.3.2 implementation of this function is broken: it over‐
writes memory when the actual number of groups is larger than *ngroups.
So, is it safe to use getgrouplist() with an iniital value of 1 for
*ngrouplist? My belief is yes, since the relevant bugfix to glibc
seems to be this:
$ cvs diff -r1.33 -r1.34 -upN initgroups.c
Index: initgroups.c
===================================================================
RCS file: /cvs/glibc/libc/grp/initgroups.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -p -r1.33 -r1.34
--- initgroups.c 5 Oct 2004 15:36:26 -0000 1.33
+++ initgroups.c 29 Mar 2005 23:39:59 -0000 1.34
@@ -1,4 +1,4 @@
-/* Copyright (C) 1989,91,93,1996-2003, 2004 Free Software Foundation, Inc.
+/* Copyright (C) 1989,91,93,1996-2003, 2004, 2005 Free Software
Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -73,7 +73,9 @@ internal_getgrouplist (const char *user,
/* Start is one, because we have the first group as parameter. */
long int start = 1;
- (*groupsp)[0] = group;
+ /* Never store more than the starting *SIZE number of elements. */
+ if (*size > 0)
+ (*groupsp)[0] = group;
if (__nss_group_database != NULL)
{
My take on this is that the manual page is in fact wrong. I'm asking
on the list because I don't want to forge ahead and then introduce a
bug on a system which I can't test on.
James.
- TODO entry for getgrouplist,
James Youngman <=