summaryrefslogtreecommitdiff
path: root/libc/sysdeps/linux/common/getgroups.c
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2005-12-27 08:58:04 +0000
committerMike Frysinger <vapier@gentoo.org>2005-12-27 08:58:04 +0000
commite66dfe1d633d43d946c798627173a67282c948e5 (patch)
tree8ed4bb6764e049f2275a960d5ec312c8443712e2 /libc/sysdeps/linux/common/getgroups.c
parent66376169bf21dc26f447a8f64bd6f8c8cd27c139 (diff)
Aubrey writes:
When I mounted nfs on my target, the kernel crashed. And I found it was caused by stack overflow. When I digged into it. And I found not only "setgroups.c" but "getgroups.c" have the matrix (__kernel_gid_t kernel_groups[n]) on the stack which can be very large because "n" can be assigned to NGROUPS_MAX. And, NGROUPS_MAX is defined in the file "./linux-2.6.x/include/linux/limits.h" #define NGROUPS_MAX 65536 /* supplemental group IDs are available */ I also changed it to do malloc.
Diffstat (limited to 'libc/sysdeps/linux/common/getgroups.c')
-rw-r--r--libc/sysdeps/linux/common/getgroups.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/libc/sysdeps/linux/common/getgroups.c b/libc/sysdeps/linux/common/getgroups.c
index c863489b9..b2918c6d9 100644
--- a/libc/sysdeps/linux/common/getgroups.c
+++ b/libc/sysdeps/linux/common/getgroups.c
@@ -10,6 +10,7 @@
#define sysconf __sysconf
#include "syscalls.h"
+#include <stdlib.h>
#include <unistd.h>
#define MIN(a,b) (((a)<(b))?(a):(b))
@@ -21,11 +22,17 @@ static inline _syscall2(int, __syscall_getgroups,
int attribute_hidden __getgroups(int n, gid_t * groups)
{
if (unlikely(n < 0)) {
+ret_error:
__set_errno(EINVAL);
return -1;
} else {
int i, ngids;
- __kernel_gid_t kernel_groups[n = MIN(n, sysconf(_SC_NGROUPS_MAX))];
+ __kernel_gid_t *kernel_groups;
+
+ n = MIN(n, sysconf(_SC_NGROUPS_MAX));
+ kernel_groups = (__kernel_gid_t *)malloc(sizeof(*kernel_groups) * n);
+ if (kernel_groups == NULL)
+ goto ret_error;
ngids = __syscall_getgroups(n, kernel_groups);
if (n != 0 && ngids > 0) {
@@ -33,6 +40,7 @@ int attribute_hidden __getgroups(int n, gid_t * groups)
groups[i] = kernel_groups[i];
}
}
+ free(kernel_groups);
return ngids;
}
}