From 195fffa420525a53ecd72c6d49c8660630e97359 Mon Sep 17 00:00:00 2001
From: sin
Date: Sat, 28 Feb 2015 12:00:25 +0000
Subject: Add getgroups() check

Since getgroups() will never write more than NGROUPS_MAX entries
we might as well cap len to that value.

The following should probably not trap the program:

gid_t set[NGROUPS_MAX];
getgroups(NGROUPS_MAX + 1, set);
---
 include/unistd.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'include/unistd.h')

diff --git a/include/unistd.h b/include/unistd.h
index b193a7f..3c5eec9 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -40,6 +40,17 @@ __fortify_getdomainname(char *name, size_t len)
 }
 #endif
 
+static inline __attribute__ ((always_inline))
+int
+__fortify_getgroups(int len, gid_t *set)
+{
+	size_t bos = __builtin_object_size(set, 0);
+
+	if (bos != -1 && len > bos / sizeof(gid_t))
+		__builtin_trap();
+	return getgroups(len, set);
+}
+
 static inline __attribute__ ((always_inline))
 int
 __fortify_gethostname(char *name, size_t len)
@@ -105,6 +116,8 @@ __fortify_write(int fd, const void *buf, size_t n)
 #define getdomainname(name, len) __fortify_getdomainname(name, len)
 #endif
 
+#undef getgroups
+#define getgroups(len, set) __fortify_getgroups(len, set)
 #undef gethostname
 #define gethostname(name, len) __fortify_gethostname(name, len)
 #undef getlogin_r
-- 
cgit v1.3