|
From: | Michael Tokarev |
Subject: | Re: [PATCH] linux-user: Return EINVAL for getgroups() with negative gidsetsize |
Date: | Fri, 9 Jun 2023 11:04:01 +0300 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0 |
03.06.2023 20:11, Michael Tokarev wrote:
02.06.2023 20:48, Peter Maydell wrote:@@ -11574,7 +11574,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, g_autofree gid_t *grouplist = NULL; int i; - if (gidsetsize > NGROUPS_MAX) { + if (gidsetsize > NGROUPS_MAX || gidsetsize < 0) { return -TARGET_EINVAL; } if (gidsetsize > 0) {FWIW, there's another piece of code exactly like this one, for TARGET_NR_getgroups32. The same change is needed there too.
Peter, will you respin this (to include getgroups32 case), or should I ? (The change is trivial enough to carry though -trivial@). Thanks, /mjt
[Prev in Thread] | Current Thread | [Next in Thread] |