dilim/openssh-portable
1
0
Fork 0
mirror of https://github.com/openssh/openssh-portable.git synced 2026-06-24 08:48:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

let ga_init() fail gracefully if getgrouplist does

Browse Source 
Apparently getgrouplist() can fail on OSX for when passed a non-existent
group name. Other platforms seem to return a group list consisting of
the numeric gid passed to the function.

This makes ga_init() handle this failure case gracefully, where it will
return success but with an empty group list array.

bz3848; ok dtucker@
This commit is contained in:
Damien Miller
2025-07-11 17:20:27 -07:00
parent f01a899b92
commit f9dc519259
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
groupaccess.c
View File

@@ -63,6 +63,14 @@ ga_init(const char *user, gid_t base)
groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid));
while (getgrouplist(user, base, groups_bygid, &ngroups) == -1) {
if (ngroups <= ongroups) {
error("getgrouplist(\"%s\", %ld): failed",
user, (long)base);
free(groups_bygid);
groups_bygid = NULL;
ngroups = 0;
return 0;
}
if (retry++ > 0) {
fatal("getgrouplist(\"%s\", %ld): groups list too big "
"(have %ld, need %ld)", user, (long)base,