upstream: Ignore extra groups that don't fit in the buffer passed

to getgrouplist(3)

Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups.  With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3).  That behavior is explicitely described in initgroups(3).

ok millert@ gilles@

OpenBSD-Commit-ID: a959fc45ea3431b36f52eda04faefc58bcde00db

diff --git a/.skipped-commit-ids b/.skipped-commit-ids
index ec7831e5ff538db950133efc094ac7a0d8f39c60..474be6a3421d150e8d9e71050339f91e00aa91c2 100644 (file)
--- a/.skipped-commit-ids
+++ b/.skipped-commit-ids
@@ -37,6 +37,7 @@ ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3      Makefile relinking changes
 fb39324748824cb0387e9d67c41d1bef945c54ea       Makefile change
 5f378c38ad8976d507786dc4db9283a879ec8cd0       Makefile change
 112aacedd3b61cc5c34b1fa6d9fb759214179172       Makefile change
+a959fc45ea3431b36f52eda04faefc58bcde00db       groupaccess.c changes
 
 Old upstream tree:
 

diff --git a/groupaccess.c b/groupaccess.c
index 80d3019152c283b8d8315dfebab852ec4df27119..9d03ded0cd5d6e9c1ed26508ba46b5cdb7973aac 100644 (file)
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: groupaccess.c,v 1.17 2019/03/06 22:14:23 dtucker Exp $ */
+/* $OpenBSD: groupaccess.c,v 1.18 2024/11/04 21:59:15 jca Exp $ */
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
  *