[Bug 787] Minor security problem due to use of deprecated NGROUPS_MAX in uidswap.c (sshd)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Feb 6 23:28:20 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=787





------- Additional Comments From djm at mindrot.org  2004-02-06 23:28 -------
(From update of attachment 539)
>Index: defines.h
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/defines.h,v
>retrieving revision 1.109
>diff -u -p -r1.109 defines.h
>--- defines.h	27 Jan 2004 05:40:35 -0000	1.109
>+++ defines.h	6 Feb 2004 09:27:45 -0000
>@@ -541,6 +541,10 @@ struct winsize {
> # define SSH_SYSFDMAX 10000
> #endif
> 
>+#ifdef HAVE_SYSCONF
>+# undef NGROUPS_MAX
>+# define NGROUPS_MAX    (sysconf(_SC_NGROUPS_MAX))

I think that should be:

#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)

We also need to check for sysconf returning -1

I'm wary of this change for 3.8. 

Perhaps a static check for gid >= NGROUPS_MAX?




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list