[openssh-commits] [openssh] 01/02: upstream: Ignore extra groups that don't fit in the buffer passed

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Nov 7 10:49:17 AEDT 2024


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 593a0b65c55c1e06a8c22b084aefc395aedb0127
Author: jca at openbsd.org <jca at openbsd.org>
AuthorDate: Mon Nov 4 21:59:15 2024 +0000

    upstream: Ignore extra groups that don't fit in the buffer passed
    
    to getgrouplist(3)
    
    Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
    an admin from adding a user to more groups.  With that tweak we'll keep
    on ignoring them instead of potentially reading past the buffer passed to
    getgrouplist(3).  That behavior is explicitely described in initgroups(3).
    
    ok millert@ gilles@
    
    OpenBSD-Commit-ID: a959fc45ea3431b36f52eda04faefc58bcde00db
---
 .skipped-commit-ids | 1 +
 groupaccess.c       | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index ec7831e5..474be6a3 100644
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -37,6 +37,7 @@ ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3	Makefile relinking changes
 fb39324748824cb0387e9d67c41d1bef945c54ea	Makefile change
 5f378c38ad8976d507786dc4db9283a879ec8cd0	Makefile change
 112aacedd3b61cc5c34b1fa6d9fb759214179172	Makefile change
+a959fc45ea3431b36f52eda04faefc58bcde00db	groupaccess.c changes
 
 Old upstream tree:
 
diff --git a/groupaccess.c b/groupaccess.c
index 80d30191..9d03ded0 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */
+/* $OpenBSD: groupaccess.c,v 1.18 2024/11/04 21:59:15 jca Exp $ */
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
  *

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list