From owner-svn-src-projects@FreeBSD.ORG Thu May 14 06:50:31 2009 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 865DB106566B; Thu, 14 May 2009 06:50:31 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 70FCB8FC19; Thu, 14 May 2009 06:50:31 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n4E6oVjx079922; Thu, 14 May 2009 06:50:31 GMT (envelope-from brooks@svn.freebsd.org) Received: (from brooks@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n4E6oURU079910; Thu, 14 May 2009 06:50:30 GMT (envelope-from brooks@svn.freebsd.org) Message-Id: <200905140650.n4E6oURU079910@svn.freebsd.org> From: Brooks Davis Date: Thu, 14 May 2009 06:50:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r192087 - in projects/ngroups: lib/libc/gen lib/libc/rpc lib/libc/sys usr.bin/id usr.bin/newgrp usr.bin/quota usr.sbin/chown usr.sbin/chroot usr.sbin/jail usr.sbin/jexec usr.sbin/lpr/lpc X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 May 2009 06:50:31 -0000 Author: brooks Date: Thu May 14 06:50:30 2009 New Revision: 192087 URL: http://svn.freebsd.org/changeset/base/192087 Log: Use to value returned by sysconf(_SC_NGROUPS_MAX) in favor of NGROUPS_MAX or NGROUPS since POSIX says that NGROUPS_MAX represents a lower bound on sysconf(_SC_NGROUPS_MAX). Modified: projects/ngroups/lib/libc/gen/initgroups.c projects/ngroups/lib/libc/rpc/auth_unix.c projects/ngroups/lib/libc/sys/getgroups.2 projects/ngroups/lib/libc/sys/setgroups.2 projects/ngroups/usr.bin/id/id.c projects/ngroups/usr.bin/newgrp/newgrp.c projects/ngroups/usr.bin/quota/quota.c projects/ngroups/usr.sbin/chown/chown.c projects/ngroups/usr.sbin/chroot/chroot.c projects/ngroups/usr.sbin/jail/jail.c projects/ngroups/usr.sbin/jexec/jexec.c projects/ngroups/usr.sbin/lpr/lpc/lpc.c Modified: projects/ngroups/lib/libc/gen/initgroups.c ============================================================================== --- projects/ngroups/lib/libc/gen/initgroups.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/lib/libc/gen/initgroups.c Thu May 14 06:50:30 2009 (r192087) @@ -35,10 +35,12 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include "namespace.h" #include #include "un-namespace.h" +#include #include int @@ -46,14 +48,20 @@ initgroups(uname, agroup) const char *uname; gid_t agroup; { - int ngroups; + int ngroups, ret; + gid_t *groups; + /* - * Provide space for one group more than NGROUPS to allow + * Provide space for one group more than possible to allow * setgroups to fail and set errno. */ - gid_t groups[NGROUPS + 1]; + ngroups = sysconf(_SC_NGROUPS_MAX) + 1; + groups = malloc(sizeof(gid_t)*ngroups); + if (groups == NULL) + return (ENOSPC); - ngroups = NGROUPS + 1; getgrouplist(uname, agroup, groups, &ngroups); - return (setgroups(ngroups, groups)); + ret = setgroups(ngroups, groups); + free(groups); + return(ret); } Modified: projects/ngroups/lib/libc/rpc/auth_unix.c ============================================================================== --- projects/ngroups/lib/libc/rpc/auth_unix.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/lib/libc/rpc/auth_unix.c Thu May 14 06:50:30 2009 (r192087) @@ -185,23 +185,28 @@ authunix_create(machname, uid, gid, len, AUTH * authunix_create_default() { - int len; + int ngids; char machname[MAXHOSTNAMELEN + 1]; uid_t uid; gid_t gid; - gid_t gids[NGROUPS_MAX]; + gid_t *gids; + + ngids = sysconf(_SC_NGROUPS_MAX); + gids = malloc(sizeof(gid_t) * ngids); + if (gids == NULL) + return (NULL); if (gethostname(machname, sizeof machname) == -1) abort(); machname[sizeof(machname) - 1] = 0; uid = geteuid(); gid = getegid(); - if ((len = getgroups(NGROUPS_MAX, gids)) < 0) + if ((ngids = getgroups(NGROUPS_MAX, gids)) < 0) abort(); - if (len > NGRPS) - len = NGRPS; + if (ngids > NGRPS) + ngids = NGRPS; /* XXX: interface problem; those should all have been unsigned */ - return (authunix_create(machname, (int)uid, (int)gid, len, + return (authunix_create(machname, (int)uid, (int)gid, ngids, (int *)gids)); } Modified: projects/ngroups/lib/libc/sys/getgroups.2 ============================================================================== --- projects/ngroups/lib/libc/sys/getgroups.2 Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/lib/libc/sys/getgroups.2 Thu May 14 06:50:30 2009 (r192087) @@ -59,7 +59,7 @@ system call returns the actual number of groups returned in .Fa gidset . No more than -.Dv NGROUPS_MAX +.Fn sysconf _SC_NGROUPS_MAX will ever be returned. If @@ -91,7 +91,8 @@ an invalid address. .El .Sh SEE ALSO .Xr setgroups 2 , -.Xr initgroups 3 +.Xr initgroups 3 , +.Xr sysconf 3 .Sh HISTORY The .Fn getgroups Modified: projects/ngroups/lib/libc/sys/setgroups.2 ============================================================================== --- projects/ngroups/lib/libc/sys/setgroups.2 Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/lib/libc/sys/setgroups.2 Thu May 14 06:50:30 2009 (r192087) @@ -53,9 +53,7 @@ The argument indicates the number of entries in the array and must be no more than -.Dv NGROUPS , -as defined in -.In sys/param.h . +.Fn sysconf _SC_NGROUPS_MAX . .Pp Only the super-user may set a new group list. .Sh RETURN VALUES @@ -71,7 +69,7 @@ The caller is not the super-user. The number specified in the .Fa ngroups argument is larger than the -.Dv NGROUPS +.Fn sysconf _SC_NGROUPS_MAX limit. .It Bq Er EFAULT The address specified for Modified: projects/ngroups/usr.bin/id/id.c ============================================================================== --- projects/ngroups/usr.bin/id/id.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.bin/id/id.c Thu May 14 06:50:30 2009 (r192087) @@ -257,8 +257,8 @@ id_print(struct passwd *pw, int use_ggl, struct group *gr; gid_t gid, egid, lastgid; uid_t uid, euid; - int cnt, ngroups; - gid_t groups[NGROUPS + 1]; + int cnt, ngroups, ngroups_max; + gid_t *groups; const char *fmt; if (pw != NULL) { @@ -270,12 +270,16 @@ id_print(struct passwd *pw, int use_ggl, gid = getgid(); } + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * (ngroups_max + 1))) == NULL) + err(1, "malloc"); + if (use_ggl && pw != NULL) { - ngroups = NGROUPS + 1; + ngroups = ngroups_max + 1; getgrouplist(pw->pw_name, gid, groups, &ngroups); } else { - ngroups = getgroups(NGROUPS + 1, groups); + ngroups = getgroups(ngroups_max + 1, groups); } if (pw != NULL) @@ -306,6 +310,7 @@ id_print(struct passwd *pw, int use_ggl, lastgid = gid; } printf("\n"); + free(groups); } #ifdef USE_BSM_AUDIT @@ -360,16 +365,20 @@ void group(struct passwd *pw, int nflag) { struct group *gr; - int cnt, id, lastid, ngroups; - gid_t groups[NGROUPS + 1]; + int cnt, id, lastid, ngroups, ngroups_max; + gid_t *groups; const char *fmt; + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * (ngroups_max + 1))) == NULL) + err(1, "malloc"); + if (pw) { - ngroups = NGROUPS + 1; + ngroups = ngroups_max + 1; (void) getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups); } else { groups[0] = getgid(); - ngroups = getgroups(NGROUPS, groups + 1) + 1; + ngroups = getgroups(ngroups_max, groups + 1) + 1; } fmt = nflag ? "%s" : "%u"; for (lastid = -1, cnt = 0; cnt < ngroups; ++cnt) { @@ -389,6 +398,7 @@ group(struct passwd *pw, int nflag) lastid = id; } (void)printf("\n"); + free(groups); } void Modified: projects/ngroups/usr.bin/newgrp/newgrp.c ============================================================================== --- projects/ngroups/usr.bin/newgrp/newgrp.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.bin/newgrp/newgrp.c Thu May 14 06:50:30 2009 (r192087) @@ -146,9 +146,9 @@ restoregrps(void) static void addgroup(const char *grpname) { - gid_t grps[NGROUPS_MAX]; + gid_t *grps; long lgid; - int dbmember, i, ngrps; + int dbmember, i, ngrps, ngrps_max; gid_t egid; struct group *grp; char *ep, *pass; @@ -185,7 +185,10 @@ addgroup(const char *grpname) } } - if ((ngrps = getgroups(NGROUPS_MAX, (gid_t *)grps)) < 0) { + ngrps_max = sysconf(_SC_NGROUPS_MAX); + if ((grps = malloc(sizeof(gid_t) * ngrps_max)) == NULL) + err(1, "malloc"); + if ((ngrps = getgroups(ngrps_max, (gid_t *)grps)) < 0) { warn("getgroups"); return; } @@ -217,7 +220,7 @@ addgroup(const char *grpname) /* Add old effective gid to supp. list if it does not exist. */ if (egid != grp->gr_gid && !inarray(egid, grps, ngrps)) { - if (ngrps == NGROUPS_MAX) + if (ngrps == ngrps_max) warnx("too many groups"); else { grps[ngrps++] = egid; @@ -231,6 +234,7 @@ addgroup(const char *grpname) } } + free(grps); } static int Modified: projects/ngroups/usr.bin/quota/quota.c ============================================================================== --- projects/ngroups/usr.bin/quota/quota.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.bin/quota/quota.c Thu May 14 06:50:30 2009 (r192087) @@ -117,7 +117,7 @@ int main(int argc, char *argv[]) { int ngroups; - gid_t mygid, gidset[NGROUPS]; + gid_t mygid, *gidset; int i, ch, gflag = 0, uflag = 0, errflag = 0; while ((ch = getopt(argc, argv, "f:ghlrquv")) != -1) { @@ -159,13 +159,17 @@ main(int argc, char *argv[]) errflag += showuid(getuid()); if (gflag) { mygid = getgid(); - ngroups = getgroups(NGROUPS, gidset); + ngroups = sysconf(_SC_NGROUPS_MAX); + if ((gidset = malloc(sizeof(gid_t) * ngroups)) == NULL) + err(1, "malloc"); + ngroups = getgroups(ngroups, gidset); if (ngroups < 0) err(1, "getgroups"); errflag += showgid(mygid); for (i = 0; i < ngroups; i++) if (gidset[i] != mygid) errflag += showgid(gidset[i]); + free(gidset); } return(errflag); } Modified: projects/ngroups/usr.sbin/chown/chown.c ============================================================================== --- projects/ngroups/usr.sbin/chown/chown.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.sbin/chown/chown.c Thu May 14 06:50:30 2009 (r192087) @@ -268,8 +268,8 @@ void chownerr(const char *file) { static uid_t euid = -1; - static int ngroups = -1; - gid_t groups[NGROUPS_MAX]; + static int ngroups = -1, ngroups_max; + gid_t *groups; /* Check for chown without being root. */ if (errno != EPERM || (uid != (uid_t)-1 && @@ -281,7 +281,10 @@ chownerr(const char *file) /* Check group membership; kernel just returns EPERM. */ if (gid != (gid_t)-1 && ngroups == -1 && euid == (uid_t)-1 && (euid = geteuid()) != 0) { - ngroups = getgroups(NGROUPS_MAX, groups); + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + ngroups = getgroups(ngroups_max, groups); while (--ngroups >= 0 && gid != groups[ngroups]); if (ngroups < 0) { warnx("you are not a member of group %s", gname); Modified: projects/ngroups/usr.sbin/chroot/chroot.c ============================================================================== --- projects/ngroups/usr.sbin/chroot/chroot.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.sbin/chroot/chroot.c Thu May 14 06:50:30 2009 (r192087) @@ -69,9 +69,9 @@ main(argc, argv) struct passwd *pw; char *endp, *p; const char *shell; - gid_t gid, gidlist[NGROUPS_MAX]; + gid_t gid, *gidlist; uid_t uid; - int ch, gids; + int ch, gids, ngroups_max; gid = 0; uid = 0; @@ -117,8 +117,11 @@ main(argc, argv) } } + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); for (gids = 0; - (p = strsep(&grouplist, ",")) != NULL && gids < NGROUPS_MAX; ) { + (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) { if (*p == '\0') continue; @@ -135,7 +138,7 @@ main(argc, argv) } gids++; } - if (p != NULL && gids == NGROUPS_MAX) + if (p != NULL && gids == ngroups_max) errx(1, "too many supplementary groups provided"); if (user != NULL) { Modified: projects/ngroups/usr.sbin/jail/jail.c ============================================================================== --- projects/ngroups/usr.sbin/jail/jail.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.sbin/jail/jail.c Thu May 14 06:50:30 2009 (r192087) @@ -85,7 +85,7 @@ STAILQ_HEAD(addr6head, addr6entry) addr6 lcap = login_getpwclass(pwd); \ if (lcap == NULL) \ err(1, "getpwclass: %s", username); \ - ngroups = NGROUPS; \ + ngroups = ngroups_max; \ if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \ err(1, "getgrouplist: %s", username); \ } while (0) @@ -96,8 +96,8 @@ main(int argc, char **argv) login_cap_t *lcap = NULL; struct jail j; struct passwd *pwd = NULL; - gid_t groups[NGROUPS]; - int ch, error, i, ngroups, securelevel; + gid_t *groups = NULL; + int ch, error, i, ngroups, ngroups_max, securelevel; int hflag, iflag, Jflag, lflag, uflag, Uflag; char path[PATH_MAX], *jailname, *ep, *username, *JidFile, *ip; static char *cleanenv; @@ -111,6 +111,10 @@ main(int argc, char **argv) jailname = username = JidFile = cleanenv = NULL; fp = NULL; + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + while ((ch = getopt(argc, argv, "hiln:s:u:U:J:")) != -1) { switch (ch) { case 'h': Modified: projects/ngroups/usr.sbin/jexec/jexec.c ============================================================================== --- projects/ngroups/usr.sbin/jexec/jexec.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.sbin/jexec/jexec.c Thu May 14 06:50:30 2009 (r192087) @@ -202,7 +202,7 @@ lookup_jail(int jid, char *jailname) lcap = login_getpwclass(pwd); \ if (lcap == NULL) \ err(1, "getpwclass: %s", username); \ - ngroups = NGROUPS; \ + ngroups = ngroups_max; \ if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \ err(1, "getgrouplist: %s", username); \ } while (0) @@ -213,14 +213,18 @@ main(int argc, char *argv[]) int jid; login_cap_t *lcap = NULL; struct passwd *pwd = NULL; - gid_t groups[NGROUPS]; - int ch, ngroups, uflag, Uflag; + gid_t *groups = NULL; + int ch, ngroups, ngroups_max, uflag, Uflag; char *jailname, *username; ch = uflag = Uflag = 0; jailname = username = NULL; jid = -1; + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + while ((ch = getopt(argc, argv, "i:n:u:U:")) != -1) { switch (ch) { case 'n': Modified: projects/ngroups/usr.sbin/lpr/lpc/lpc.c ============================================================================== --- projects/ngroups/usr.sbin/lpr/lpc/lpc.c Thu May 14 06:48:38 2009 (r192086) +++ projects/ngroups/usr.sbin/lpr/lpc/lpc.c Thu May 14 06:50:30 2009 (r192087) @@ -356,7 +356,7 @@ ingroup(const char *grname) { static struct group *gptr=NULL; static int ngroups = 0; - static gid_t groups[NGROUPS]; + static gid_t *groups; register gid_t gid; register int i; @@ -365,7 +365,10 @@ ingroup(const char *grname) warnx("warning: unknown group '%s'", grname); return(0); } - ngroups = getgroups(NGROUPS, groups); + ngroups = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * ngroups)) == NULL) + err(1, "malloc"); + ngroups = getgroups(ngroups, groups); if (ngroups < 0) err(1, "getgroups"); }