diff options
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/chown/chown.c | 8 | ||||
-rw-r--r-- | usr.sbin/chroot/chroot.c | 10 | ||||
-rw-r--r-- | usr.sbin/jail/jail.c | 9 | ||||
-rw-r--r-- | usr.sbin/jexec/jexec.c | 9 | ||||
-rw-r--r-- | usr.sbin/lpr/lpc/lpc.c | 8 |
5 files changed, 33 insertions, 11 deletions
diff --git a/usr.sbin/chown/chown.c b/usr.sbin/chown/chown.c index 0918265..b79deca 100644 --- a/usr.sbin/chown/chown.c +++ b/usr.sbin/chown/chown.c @@ -269,7 +269,8 @@ chownerr(const char *file) { static uid_t euid = -1; static int ngroups = -1; - gid_t groups[NGROUPS_MAX]; + static long ngroups_max; + gid_t *groups; /* Check for chown without being root. */ if (errno != EPERM || (uid != (uid_t)-1 && @@ -281,7 +282,10 @@ chownerr(const char *file) /* Check group membership; kernel just returns EPERM. */ if (gid != (gid_t)-1 && ngroups == -1 && euid == (uid_t)-1 && (euid = geteuid()) != 0) { - ngroups = getgroups(NGROUPS_MAX, groups); + ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + ngroups = getgroups(ngroups_max, groups); while (--ngroups >= 0 && gid != groups[ngroups]); if (ngroups < 0) { warnx("you are not a member of group %s", gname); diff --git a/usr.sbin/chroot/chroot.c b/usr.sbin/chroot/chroot.c index f33db7a..cc924a0 100644 --- a/usr.sbin/chroot/chroot.c +++ b/usr.sbin/chroot/chroot.c @@ -69,9 +69,10 @@ main(argc, argv) struct passwd *pw; char *endp, *p; const char *shell; - gid_t gid, gidlist[NGROUPS_MAX]; + gid_t gid, *gidlist; uid_t uid; int ch, gids; + long ngroups_max; gid = 0; uid = 0; @@ -117,8 +118,11 @@ main(argc, argv) } } + ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; + if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); for (gids = 0; - (p = strsep(&grouplist, ",")) != NULL && gids < NGROUPS_MAX; ) { + (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) { if (*p == '\0') continue; @@ -135,7 +139,7 @@ main(argc, argv) } gids++; } - if (p != NULL && gids == NGROUPS_MAX) + if (p != NULL && gids == ngroups_max) errx(1, "too many supplementary groups provided"); if (user != NULL) { diff --git a/usr.sbin/jail/jail.c b/usr.sbin/jail/jail.c index 3963de5..e00610b 100644 --- a/usr.sbin/jail/jail.c +++ b/usr.sbin/jail/jail.c @@ -104,7 +104,7 @@ extern char **environ; lcap = login_getpwclass(pwd); \ if (lcap == NULL) \ err(1, "getpwclass: %s", username); \ - ngroups = NGROUPS; \ + ngroups = ngroups_max; \ if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \ err(1, "getgrouplist: %s", username); \ } while (0) @@ -115,10 +115,11 @@ main(int argc, char **argv) login_cap_t *lcap = NULL; struct iovec rparams[2]; struct passwd *pwd = NULL; - gid_t groups[NGROUPS]; + gid_t *groups; size_t sysvallen; int ch, cmdarg, i, jail_set_flags, jid, ngroups, sysval; int hflag, iflag, Jflag, lflag, rflag, uflag, Uflag; + long ngroups_max; unsigned pi; char *ep, *jailname, *securelevel, *username, *JidFile; char errmsg[ERRMSG_SIZE], enforce_statfs[4]; @@ -132,6 +133,10 @@ main(int argc, char **argv) jailname = securelevel = username = JidFile = cleanenv = NULL; fp = NULL; + ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + while ((ch = getopt(argc, argv, "cdhilmn:r:s:u:U:J:")) != -1) { switch (ch) { case 'd': diff --git a/usr.sbin/jexec/jexec.c b/usr.sbin/jexec/jexec.c index e86657bf..143bbd5 100644 --- a/usr.sbin/jexec/jexec.c +++ b/usr.sbin/jexec/jexec.c @@ -59,7 +59,7 @@ static void usage(void); lcap = login_getpwclass(pwd); \ if (lcap == NULL) \ err(1, "getpwclass: %s", username); \ - ngroups = NGROUPS; \ + ngroups = ngroups_max; \ if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \ err(1, "getgrouplist: %s", username); \ } while (0) @@ -71,12 +71,17 @@ main(int argc, char *argv[]) int jid; login_cap_t *lcap = NULL; struct passwd *pwd = NULL; - gid_t groups[NGROUPS]; + gid_t *groups = NULL; int ch, ngroups, uflag, Uflag; + long ngroups_max; char *ep, *username; ch = uflag = Uflag = 0; username = NULL; + ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + while ((ch = getopt(argc, argv, "nu:U:")) != -1) { switch (ch) { case 'n': diff --git a/usr.sbin/lpr/lpc/lpc.c b/usr.sbin/lpr/lpc/lpc.c index e279f3a..fda77aa 100644 --- a/usr.sbin/lpr/lpc/lpc.c +++ b/usr.sbin/lpr/lpc/lpc.c @@ -356,7 +356,8 @@ ingroup(const char *grname) { static struct group *gptr=NULL; static int ngroups = 0; - static gid_t groups[NGROUPS]; + static long ngroups_max; + static gid_t *groups; register gid_t gid; register int i; @@ -365,7 +366,10 @@ ingroup(const char *grname) warnx("warning: unknown group '%s'", grname); return(0); } - ngroups = getgroups(NGROUPS, groups); + ngroups_max = sysconf(_SC_NGROUPS_MAX); + if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) + err(1, "malloc"); + ngroups = getgroups(ngroups_max, groups); if (ngroups < 0) err(1, "getgroups"); } |