From: Damien Miller <djm@mindrot.org>
Date: Sat, 12 Jul 2025 00:20:27 +0000 (-0700)
Subject: let ga_init() fail gracefully if getgrouplist does
X-Git-Tag: V_10_1_P1~197
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f9dc519259804702cab0fa0ca8b193a360e3ec38;p=thirdparty%2Fopenssh-portable.git

let ga_init() fail gracefully if getgrouplist does

Apparently getgrouplist() can fail on OSX for when passed a non-existent
group name. Other platforms seem to return a group list consisting of
the numeric gid passed to the function.

This makes ga_init() handle this failure case gracefully, where it will
return success but with an empty group list array.

bz3848; ok dtucker@
---

diff --git a/groupaccess.c b/groupaccess.c
index b85782472..046d0e6bc 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -63,6 +63,14 @@ ga_init(const char *user, gid_t base)
 
 	groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid));
 	while (getgrouplist(user, base, groups_bygid, &ngroups) == -1) {
+		if (ngroups <= ongroups) {
+			error("getgrouplist(\"%s\", %ld): failed",
+			    user, (long)base);
+			free(groups_bygid);
+			groups_bygid = NULL;
+			ngroups = 0;
+			return 0;
+		}
 		if (retry++ > 0) {
 			fatal("getgrouplist(\"%s\", %ld): groups list too big "
 			    "(have %ld, need %ld)", user, (long)base,