From: Darren Tucker <dtucker@dtucker.net>
Date: Thu, 17 Jun 2021 11:03:19 +0000 (+1000)
Subject: Handle GIDs > 2^31 in getgrouplist.
X-Git-Tag: V_8_7_P1~142
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=acb2887a769a1b1912cfd7067f3ce04fad240260;p=thirdparty%2Fopenssh-portable.git

Handle GIDs > 2^31 in getgrouplist.

When compiled in 32bit mode, the getgrouplist implementation may fail
for GIDs greater than LONG_MAX.  Analysis and change from ralf.winkel
at tui.com.
---

diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index e0d3eba51..2ac9bad09 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -445,7 +445,7 @@ getgrouplist(const char *user, gid_t pgid, gid_t *groups, int *grpcnt)
 	char *cp, *grplist, *grp;
 	gid_t gid;
 	int ret = 0, ngroups = 0, maxgroups;
-	long l;
+	long long ll;
 
 	maxgroups = *grpcnt;
 
@@ -463,12 +463,12 @@ getgrouplist(const char *user, gid_t pgid, gid_t *groups, int *grpcnt)
 
 	/* copy each entry from getgrset into group list */
 	while ((grp = strsep(&grplist, ",")) != NULL) {
-		l = strtol(grp, NULL, 10);
-		if (ngroups >= maxgroups || l == LONG_MIN || l == LONG_MAX) {
+		ll = strtoll(grp, NULL, 10);
+		if (ngroups >= maxgroups || ll < 0 || ll > UID_MAX) {
 			ret = -1;
 			goto out;
 		}
-		gid = (gid_t)l;
+		gid = (gid_t)ll;
 		if (gid == pgid)
 			continue;	/* we have already added primary gid */
 		groups[ngroups++] = gid;