[newlib-cygwin] Avoid potential crash at startup or in getgroups(2).
Corinna Vinschen
corinna@sourceware.org
Wed Apr 1 12:12:00 GMT 2015
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=849044a1e92553789fab9843fbdca507bf6c14d7
commit 849044a1e92553789fab9843fbdca507bf6c14d7
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Wed Apr 1 13:15:18 2015 +0200
Avoid potential crash at startup or in getgroups(2).
* grp.cc (internal_getgroups): Handle negative domain index to avoid
crashes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Diff:
---
winsup/cygwin/ChangeLog | 5 +++++
winsup/cygwin/grp.cc | 6 +++++-
winsup/cygwin/release/1.7.36 | 3 +++
3 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 0d07bb1..69a494d 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-04-01 Corinna Vinschen <corinna@vinschen.de>
+
+ * grp.cc (internal_getgroups): Handle negative domain index to avoid
+ crashes.
+
2015-03-31 Renato Silva <br.renatosilva@gmail.com>
* net.cc (cygwin_gethostname): Fix buffer size error handling.
diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc
index ea20e92..40e1ca7 100644
--- a/winsup/cygwin/grp.cc
+++ b/winsup/cygwin/grp.cc
@@ -643,13 +643,17 @@ internal_getgroups (int gidsetsize, gid_t *grouplist, cyg_ldap *pldap)
{
for (ULONG ncnt = 0; ncnt < scnt; ++ncnt)
{
+ static UNICODE_STRING empty = { 0, 0, (PWSTR) L"" };
fetch_acc_t full_acc =
{
.sid = sidp_buf[ncnt],
.name = &nlst[ncnt].Name,
- .dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name,
+ .dom = &empty,
.acc_type = nlst[ncnt].Use
};
+
+ if (nlst[ncnt].DomainIndex >= 0)
+ full_acc.dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name;
if ((grp = internal_getgrfull (full_acc, pldap)))
{
if (cnt < gidsetsize)
diff --git a/winsup/cygwin/release/1.7.36 b/winsup/cygwin/release/1.7.36
index 3985578..21175c9 100644
--- a/winsup/cygwin/release/1.7.36
+++ b/winsup/cygwin/release/1.7.36
@@ -32,3 +32,6 @@ Bug Fixes
- Avoid creating passwd and group records from fully qualified Windows
account names (domain\name, name@domain).
Addresses: https://cygwin.com/ml/cygwin/2015-03/msg00528.html
+
+- Avoid potential crash at startup or in getgroups(2).
+ Addresses: https://cygwin.com/ml/cygwin/2015-04/msg00010.html
More information about the Cygwin-cvs
mailing list