[Bug 787] Minor security problem due to use of deprecated NGROUPS_MAX in uidswap.c (sshd)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Feb 24 10:36:44 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=787





------- Additional Comments From openssh_bugzilla at hockin.org  2004-02-24 10:36 -------
NGROUPS_MAX might be INT_MAX.  You *can't* use it as an array size.

We could replace getgrouplist() with a hand-rolled:

int get_ngroups(const char *user);

That would avoid the reliance on using getgrouplist() with a short list.  How
hard is it to walk the getgr* functions to count how many groups you are in? We
can add the 'base' group, too and filter that out from the getgr* results.  I
bet it's 20 lines of code.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list