diff options
author | Ulrich Drepper <drepper@redhat.com> | 2004-10-05 15:36:41 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2004-10-05 15:36:41 +0000 |
commit | 695c43708f8778c09915b297c95e48d66c814d0d (patch) | |
tree | b5593c4094f5e8b2b2e1cb075392987d00f079b1 /grp | |
parent | 6ab5f50de41c22de3752722108def4ae721aec13 (diff) | |
download | glibc-695c43708f8778c09915b297c95e48d66c814d0d.zip glibc-695c43708f8778c09915b297c95e48d66c814d0d.tar.gz glibc-695c43708f8778c09915b297c95e48d66c814d0d.tar.bz2 |
Update.
2004-10-05 Ulrich Drepper <drepper@redhat.com>
* grp/initgroups.c: Remove duplicate group IDs.
* grp/compat-initgroups.c: Likewise.
* nscd/initgrcache.c: Likewise.
Diffstat (limited to 'grp')
-rw-r--r-- | grp/compat-initgroups.c | 61 | ||||
-rw-r--r-- | grp/initgroups.c | 23 |
2 files changed, 56 insertions, 28 deletions
diff --git a/grp/compat-initgroups.c b/grp/compat-initgroups.c index 585c4ae..efd875a 100644 --- a/grp/compat-initgroups.c +++ b/grp/compat-initgroups.c @@ -58,31 +58,42 @@ compat_call (service_user *nip, const char *user, gid_t group, long int *start, for (m = grpbuf.gr_mem; *m != NULL; ++m) if (strcmp (*m, user) == 0) { - /* Matches user. Insert this group. */ - if (__builtin_expect (*start == *size, 0)) - { - /* Need a bigger buffer. */ - gid_t *newgroups; - long int newsize; - - if (limit > 0 && *size == limit) - /* We reached the maximum. */ - goto done; - - if (limit <= 0) - newsize = 2 * *size; - else - newsize = MIN (limit, 2 * *size); - - newgroups = realloc (groups, newsize * sizeof (*groups)); - if (newgroups == NULL) - goto done; - *groupsp = groups = newgroups; - *size = newsize; - } - - groups[*start] = grpbuf.gr_gid; - *start += 1; + /* Check whether the group is already on the list. */ + long int cnt; + for (cnt = 0; cnt < *start; ++cnt) + if (groups[cnt] == grpbuf.gr_gid) + break; + + if (cnt == *start) + { + /* Matches user and not yet on the list. Insert + this group. */ + if (__builtin_expect (*start == *size, 0)) + { + /* Need a bigger buffer. */ + gid_t *newgroups; + long int newsize; + + if (limit > 0 && *size == limit) + /* We reached the maximum. */ + goto done; + + if (limit <= 0) + newsize = 2 * *size; + else + newsize = MIN (limit, 2 * *size); + + newgroups = realloc (groups, + newsize * sizeof (*groups)); + if (newgroups == NULL) + goto done; + *groupsp = groups = newgroups; + *size = newsize; + } + + groups[*start] = grpbuf.gr_gid; + *start += 1; + } break; } diff --git a/grp/initgroups.c b/grp/initgroups.c index 9e79273..d052cf4 100644 --- a/grp/initgroups.c +++ b/grp/initgroups.c @@ -73,7 +73,7 @@ internal_getgrouplist (const char *user, gid_t group, long int *size, /* Start is one, because we have the first group as parameter. */ long int start = 1; - *groupsp[0] = group; + (*groupsp)[0] = group; if (__nss_group_database != NULL) { @@ -86,6 +86,8 @@ internal_getgrouplist (const char *user, gid_t group, long int *size, while (! no_more) { + long int prev_start = start; + fct = __nss_lookup_function (nip, "initgroups_dyn"); if (fct == NULL) @@ -100,6 +102,21 @@ internal_getgrouplist (const char *user, gid_t group, long int *size, status = DL_CALL_FCT (fct, (user, group, &start, size, groupsp, limit, &errno)); + /* Remove duplicates. */ + long int cnt = prev_start; + while (cnt < start) + { + long int inner; + for (inner = 0; inner < prev_start; ++inner) + if ((*groupsp)[inner] == (*groupsp)[cnt]) + break; + + if (inner < prev_start) + (*groupsp)[cnt] = (*groupsp)[--start]; + else + ++cnt; + } + /* This is really only for debugging. */ if (NSS_STATUS_TRYAGAIN > status || status > NSS_STATUS_RETURN) __libc_fatal ("illegal status in internal_getgrouplist"); @@ -124,10 +141,10 @@ int getgrouplist (const char *user, gid_t group, gid_t *groups, int *ngroups) { gid_t *newgroups; - long int size = *ngroups; + long int size = MAX (1, *ngroups); int result; - newgroups = (gid_t *) malloc (size * sizeof (gid_t)); + newgroups = (gid_t *) malloc ((size + 1) * sizeof (gid_t)); if (__builtin_expect (newgroups == NULL, 0)) /* No more memory. */ // XXX This is wrong. The user provided memory, we have to use |