Date: Wed, 2 Jun 2021 19:25:11 GMT From: Warner Losh <imp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 4bc2174a1b48 - main - kern: fail getgroup and setgroup with negative int Message-ID: <202106021925.152JPBlJ082778@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=4bc2174a1b489c36195ccc8cfc15e0775b817c69 commit 4bc2174a1b489c36195ccc8cfc15e0775b817c69 Author: Moritz Buhl <gh@moritzbuhl.de> AuthorDate: 2019-07-09 15:03:37 +0000 Commit: Warner Losh <imp@FreeBSD.org> CommitDate: 2021-06-02 19:22:57 +0000 kern: fail getgroup and setgroup with negative int Found using https://github.com/NetBSD/src/blob/trunk/tests/lib/libc/sys/t_getgroups.c getgroups/setgroups want an int and therefore casting it to u_int resulted in `getgroups(-1, ...)` not returning -1 / errno = EINVAL. imp@ updated syscall.master and made changes markj@ suggested PR: 189941 Tested by: imp@ Reviewed by: markj@ Pull Request: https://github.com/freebsd/freebsd-src/pull/407 Differential Revision: https://reviews.freebsd.org/D30617 --- sys/kern/kern_prot.c | 12 +++++------- sys/kern/syscalls.master | 4 ++-- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index a107c7cced95..647acfa60681 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -288,7 +288,7 @@ sys_getegid(struct thread *td, struct getegid_args *uap) #ifndef _SYS_SYSPROTO_H_ struct getgroups_args { - u_int gidsetsize; + int gidsetsize; gid_t *gidset; }; #endif @@ -296,8 +296,7 @@ int sys_getgroups(struct thread *td, struct getgroups_args *uap) { struct ucred *cred; - u_int ngrp; - int error; + int ngrp, error; cred = td->td_ucred; ngrp = cred->cr_ngroups; @@ -791,7 +790,7 @@ fail: #ifndef _SYS_SYSPROTO_H_ struct setgroups_args { - u_int gidsetsize; + int gidsetsize; gid_t *gidset; }; #endif @@ -801,11 +800,10 @@ sys_setgroups(struct thread *td, struct setgroups_args *uap) { gid_t smallgroups[XU_NGROUPS]; gid_t *groups; - u_int gidsetsize; - int error; + int gidsetsize, error; gidsetsize = uap->gidsetsize; - if (gidsetsize > ngroups_max + 1) + if (gidsetsize > ngroups_max + 1 || gidsetsize < 0) return (EINVAL); if (gidsetsize > XU_NGROUPS) diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master index 95317d413209..69a82d642d79 100644 --- a/sys/kern/syscalls.master +++ b/sys/kern/syscalls.master @@ -523,13 +523,13 @@ } 79 AUE_GETGROUPS STD { int getgroups( - u_int gidsetsize, + int gidsetsize, _Out_writes_opt_(gidsetsize) gid_t *gidset ); } 80 AUE_SETGROUPS STD { int setgroups( - u_int gidsetsize, + int gidsetsize, _In_reads_(gidsetsize) gid_t *gidset ); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106021925.152JPBlJ082778>