tools: virt-login-shell: Fix group list bounds checking

The list certainly isn't zero terminated and it would disallow usage of
group 'root'. Pass in the array size and match against it.

diff --git a/tools/virt-login-shell.c b/tools/virt-login-shell.c
index 38fcb9e38fc66d430cfa5560a245def3c76db05d..96ca410b5403ff7dc141fe84c1043867b8577b63 100644 (file)
--- a/tools/virt-login-shell.c
+++ b/tools/virt-login-shell.c
@@ -47,7 +47,8 @@ static const char *conf_file = SYSCONFDIR "/libvirt/virt-login-shell.conf";
 
 static int virLoginShellAllowedUser(virConfPtr conf,
                                     const char *name,
-                                    gid_t *groups)
+                                    gid_t *groups,
+                                    size_t ngroups)
 {
     virConfValuePtr p;
     int ret = -1;
@@ -74,7 +75,7 @@ static int virLoginShellAllowedUser(virConfPtr conf,
                     ptr = &pp->str[1];
                     if (!*ptr)
                         continue;
-                    for (i = 0; groups[i]; i++) {
+                    for (i = 0; i < ngroups; i++) {
                         if (!(gname = virGetGroupName(groups[i])))
                             continue;
                         if (fnmatch(ptr, gname, 0) == 0) {
@@ -306,7 +307,7 @@ main(int argc, char **argv)
     if ((ngroups = virGetGroupList(uid, gid, &groups)) < 0)
         goto cleanup;
 
-    if (virLoginShellAllowedUser(conf, name, groups) < 0)
+    if (virLoginShellAllowedUser(conf, name, groups, ngroups) < 0)
         goto cleanup;
 
     if (virLoginShellGetShellArgv(conf, &shargv, &shargvlen) < 0)