This is the mail archive of the
cygwin-cvs@cygwin.com
mailing list for the Cygwin project.
[newlib-cygwin] Avoid potential crash at startup or in getgroups(2).
- From: Corinna Vinschen <corinna at sourceware dot org>
- To: cygwin-cvs at sourceware dot org
- Date: 29 May 2015 13:56:42 -0000
- Subject: [newlib-cygwin] Avoid potential crash at startup or in getgroups(2).
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8
commit 71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Wed Apr 1 13:15:18 2015 +0200
Avoid potential crash at startup or in getgroups(2).
* grp.cc (internal_getgroups): Handle negative domain index to avoid
crashes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 5 +++++
winsup/cygwin/grp.cc | 6 +++++-
winsup/cygwin/release/1.7.36 | 3 +++
3 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index c4be231..58bfa23 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-04-01 Corinna Vinschen <corinna@vinschen.de>
+
+ * grp.cc (internal_getgroups): Handle negative domain index to avoid
+ crashes.
+
2015-03-31 Renato Silva <br.renatosilva@gmail.com>
* net.cc (cygwin_gethostname): Fix buffer size error handling.
diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc
index ea20e92..40e1ca7 100644
--- a/winsup/cygwin/grp.cc
+++ b/winsup/cygwin/grp.cc
@@ -643,13 +643,17 @@ internal_getgroups (int gidsetsize, gid_t *grouplist, cyg_ldap *pldap)
{
for (ULONG ncnt = 0; ncnt < scnt; ++ncnt)
{
+ static UNICODE_STRING empty = { 0, 0, (PWSTR) L"" };
fetch_acc_t full_acc =
{
.sid = sidp_buf[ncnt],
.name = &nlst[ncnt].Name,
- .dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name,
+ .dom = &empty,
.acc_type = nlst[ncnt].Use
};
+
+ if (nlst[ncnt].DomainIndex >= 0)
+ full_acc.dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name;
if ((grp = internal_getgrfull (full_acc, pldap)))
{
if (cnt < gidsetsize)
diff --git a/winsup/cygwin/release/1.7.36 b/winsup/cygwin/release/1.7.36
index 3985578..21175c9 100644
--- a/winsup/cygwin/release/1.7.36
+++ b/winsup/cygwin/release/1.7.36
@@ -32,3 +32,6 @@ Bug Fixes
- Avoid creating passwd and group records from fully qualified Windows
account names (domain\name, name@domain).
Addresses: https://cygwin.com/ml/cygwin/2015-03/msg00528.html
+
+- Avoid potential crash at startup or in getgroups(2).
+ Addresses: https://cygwin.com/ml/cygwin/2015-04/msg00010.html