|
From: | Michael Tokarev |
Subject: | Re: [PATCH] linux-user: Return EINVAL for getgroups() with negative gidsetsize |
Date: | Sat, 3 Jun 2023 20:11:47 +0300 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0 |
02.06.2023 20:48, Peter Maydell wrote:
@@ -11574,7 +11574,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, g_autofree gid_t *grouplist = NULL; int i;- if (gidsetsize > NGROUPS_MAX) {+ if (gidsetsize > NGROUPS_MAX || gidsetsize < 0) { return -TARGET_EINVAL; } if (gidsetsize > 0) {
FWIW, there's another piece of code exactly like this one, for TARGET_NR_getgroups32. The same change is needed there too. Thanks, /mjt
[Prev in Thread] | Current Thread | [Next in Thread] |