1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
--- polkitd/policy.c.orig Tue Mar 14 07:14:33 2006
+++ polkitd/policy.c Tue May 2 01:53:06 2006
@@ -537,13 +537,15 @@
int rc;
char *res;
char *buf = NULL;
- unsigned int bufsize;
+ long bufsize;
struct passwd pwd;
struct passwd *pwdp;
res = NULL;
bufsize = sysconf (_SC_GETPW_R_SIZE_MAX);
+ if (bufsize < 0)
+ bufsize = 1024;
buf = g_new0 (char, bufsize);
rc = getpwuid_r (uid, &pwd, buf, bufsize, &pwdp);
@@ -567,13 +569,15 @@
int rc;
char *res;
char *buf = NULL;
- unsigned int bufsize;
+ long bufsize;
struct group gbuf;
struct group *gbufp;
res = NULL;
bufsize = sysconf (_SC_GETGR_R_SIZE_MAX);
+ if (bufsize < 0)
+ bufsize = 1024;
buf = g_new0 (char, bufsize);
rc = getgrgid_r (gid, &gbuf, buf, bufsize, &gbufp);
@@ -597,13 +601,15 @@
int rc;
uid_t res;
char *buf = NULL;
- unsigned int bufsize;
+ long bufsize;
struct passwd pwd;
struct passwd *pwdp;
res = (uid_t) -1;
bufsize = sysconf (_SC_GETPW_R_SIZE_MAX);
+ if (bufsize < 0)
+ bufsize = 1024;
buf = g_new0 (char, bufsize);
rc = getpwnam_r (username, &pwd, buf, bufsize, &pwdp);
@@ -627,13 +633,15 @@
int rc;
gid_t res;
char *buf = NULL;
- unsigned int bufsize;
+ long bufsize;
struct group gbuf;
struct group *gbufp;
res = (gid_t) -1;
bufsize = sysconf (_SC_GETGR_R_SIZE_MAX);
+ if (bufsize < 0)
+ bufsize = 1024;
buf = g_new0 (char, bufsize);
rc = getgrnam_r (groupname, &gbuf, buf, bufsize, &gbufp);
@@ -649,6 +657,23 @@
return res;
}
+static int
+getgrouplist_ala_linux (const char *name,
+ gid_t basegid,
+ gid_t *groups,
+ int *ngroups)
+{
+ if (groups)
+ return getgrouplist (name, basegid, groups, ngroups);
+ else {
+ for (*ngroups = 1;; (*ngroups)++) {
+ gid_t _groups[*ngroups];
+ if (getgrouplist (name, basegid, _groups, ngroups) != -1)
+ return 0;
+ }
+ }
+}
+
PolicyResult
policy_get_allowed_resources_for_policy_for_uid (uid_t uid,
const char *policy,
@@ -665,9 +690,9 @@
if ((username = policy_util_uid_to_name (uid, &default_gid)) == NULL)
goto out;
- if (getgrouplist(username, default_gid, NULL, &num_groups) < 0) {
+ if (getgrouplist_ala_linux(username, default_gid, NULL, &num_groups) < 0) {
groups = (gid_t *) g_new0 (gid_t, num_groups);
- if (getgrouplist(username, default_gid, groups, &num_groups) < 0) {
+ if (getgrouplist_ala_linux(username, default_gid, groups, &num_groups) < 0) {
g_warning ("getgrouplist() failed");
goto out;
}
@@ -702,9 +727,9 @@
if ((username = policy_util_uid_to_name (uid, &default_gid)) == NULL)
goto out;
- if (getgrouplist(username, default_gid, NULL, &num_groups) < 0) {
+ if (getgrouplist_ala_linux(username, default_gid, NULL, &num_groups) < 0) {
groups = (gid_t *) g_new0 (gid_t, num_groups);
- if (getgrouplist(username, default_gid, groups, &num_groups) < 0) {
+ if (getgrouplist_ala_linux(username, default_gid, groups, &num_groups) < 0) {
g_warning ("getgrouplist() failed");
goto out;
}
|
