Subject: lib/7273: core dump in initgroups(3)
To: None <gnats-bugs@gnats.netbsd.org>
From: Giles Lean <giles@nemeton.com.au>
List: netbsd-bugs
Date: 03/29/1999 06:49:10
>Number: 7273
>Category: lib
>Synopsis: core dump in initgroups()
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: lib-bug-people (Library Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Mar 28 22:50:00 1999
>Last-Modified:
>Originator: Giles Lean
>Organization:
>Release: 1.3.2, also -current source of 29th March 1999
>Environment:
System: NetBSD hpim2331 1.3.2 NetBSD 1.3.2 (KAYAK) #0: Wed Dec 23 04:11:55 PST 1998 giles@hpim2331:/usr/src/sys/arch/i386/compile/KAYAK i386
>Description:
initgroups(3) calls warn() and warnx() on errors.
(i) this is undocumented
(ii) library functions shouldn't emit undocumented error
messages, but should leave error messages to the
calling application
(iii) depending on the status of stdio a core dump may result
>How-To-Repeat:
Inspect code for initgroups. Run the following program
as a non root user, and see either:
"a: setgroups: Operation not permitted", or
"Bus error (core dumped)"
#include <string.h>
#include <stdio.h>
#include <stddef.h>
#include <unistd.h>
int
main()
{
#ifdef COREDUMP
memset(stderr, -1, sizeof(FILE));
#endif
if (initgroups("root", 30) == -1)
exit(1);
else
exit(0);
}
>Fix:
Remove warn() and warnx() code, and just return -1 on error.
The patch below does this. There seems no good way to report
an error from getgrouplist().
*** initgroups.c-orig Mon Mar 29 16:45:15 1999
--- initgroups.c Mon Mar 29 16:46:20 1999
***************
*** 62,73 ****
int ngroups;
ngroups = NGROUPS;
! if (getgrouplist(uname, agroup, groups, &ngroups) < 0)
! warnx("%s is in too many groups, using first %d",
! uname, ngroups);
! if (setgroups(ngroups, groups) < 0) {
! warn("setgroups");
return (-1);
- }
return (0);
}
--- 62,69 ----
int ngroups;
ngroups = NGROUPS;
! (void) getgrouplist(uname, agroup, groups, &ngroups);
! if (setgroups(ngroups, groups) < 0)
return (-1);
return (0);
}
>Audit-Trail:
>Unformatted: