From 4bed549a2277f911397ca59189ae71f79750f400 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Fri, 31 Oct 2008 14:27:36 +0000 Subject: [BZ #6980] * debug/getgroups_chk.c (__getgroups_chk): Return EINVAL error for negative sizees. * posix/bits/unistd.h (getgroups): Call __getgroups_chk for negative __size. --- ChangeLog | 6 ++++++ debug/getgroups_chk.c | 8 +++++++- posix/bits/unistd.h | 4 ++-- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index b187698..7dac2c5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2008-10-31 Ulrich Drepper + [BZ #6980] + * debug/getgroups_chk.c (__getgroups_chk): Return EINVAL error for + negative sizees. + * posix/bits/unistd.h (getgroups): Call __getgroups_chk for + negative __size. + [BZ #6995] * sysdeps/powerpc/powerpc32/dl-machine.c: Fix typo in message. diff --git a/debug/getgroups_chk.c b/debug/getgroups_chk.c index c877ddb..8c3d99d 100644 --- a/debug/getgroups_chk.c +++ b/debug/getgroups_chk.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2005 Free Software Foundation, Inc. +/* Copyright (C) 2005, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -23,6 +23,12 @@ int __getgroups_chk (int size, __gid_t list[], size_t listlen) { + if (__builtin_expect (size < 0, 0)) + { + __set_errno (EINVAL); + return -1; + } + if (__builtin_expect (size * sizeof (__gid_t) > listlen, 0)) __chk_fail (); diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h index efd7f75..e29b4cc 100644 --- a/posix/bits/unistd.h +++ b/posix/bits/unistd.h @@ -1,5 +1,5 @@ /* Checking macros for unistd functions. - Copyright (C) 2005, 2006, 2007 Free Software Foundation, Inc. + Copyright (C) 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -267,7 +267,7 @@ __NTH (getgroups (int __size, __gid_t __list[])) { if (__bos (__list) != (size_t) -1) { - if (!__builtin_constant_p (__size)) + if (!__builtin_constant_p (__size) || __size < 0) return __getgroups_chk (__size, __list, __bos (__list)); if (__size * sizeof (__gid_t) > __bos (__list)) -- cgit v1.1