diff options
author | jca@openbsd.org <jca@openbsd.org> | 2024-11-04 22:59:15 +0100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2024-11-07 00:01:05 +0100 |
commit | 593a0b65c55c1e06a8c22b084aefc395aedb0127 (patch) | |
tree | fdf0926159c96d1bb2b6be04e647c3283c49971f | |
parent | Add git signing key for Tim Rice (diff) | |
download | openssh-593a0b65c55c1e06a8c22b084aefc395aedb0127.tar.xz openssh-593a0b65c55c1e06a8c22b084aefc395aedb0127.zip |
upstream: Ignore extra groups that don't fit in the buffer passed
to getgrouplist(3)
Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups. With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3). That behavior is explicitely described in initgroups(3).
ok millert@ gilles@
OpenBSD-Commit-ID: a959fc45ea3431b36f52eda04faefc58bcde00db
Diffstat (limited to '')
-rw-r--r-- | .skipped-commit-ids | 1 | ||||
-rw-r--r-- | groupaccess.c | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/.skipped-commit-ids b/.skipped-commit-ids index ec7831e5f..474be6a34 100644 --- a/.skipped-commit-ids +++ b/.skipped-commit-ids @@ -37,6 +37,7 @@ ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3 Makefile relinking changes fb39324748824cb0387e9d67c41d1bef945c54ea Makefile change 5f378c38ad8976d507786dc4db9283a879ec8cd0 Makefile change 112aacedd3b61cc5c34b1fa6d9fb759214179172 Makefile change +a959fc45ea3431b36f52eda04faefc58bcde00db groupaccess.c changes Old upstream tree: diff --git a/groupaccess.c b/groupaccess.c index 80d301915..9d03ded0c 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.18 2024/11/04 21:59:15 jca Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * |