https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8

commit 71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8
Author: Corinna Vinschen <cori...@vinschen.de>
Date:   Wed Apr 1 13:15:18 2015 +0200

    Avoid potential crash at startup or in getgroups(2).
    
        * grp.cc (internal_getgroups): Handle negative domain index to avoid
        crashes.
    
    Signed-off-by: Corinna Vinschen <cori...@vinschen.de>

Diff:
---
 winsup/cygwin/ChangeLog      | 5 +++++
 winsup/cygwin/grp.cc         | 6 +++++-
 winsup/cygwin/release/1.7.36 | 3 +++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index c4be231..58bfa23 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-04-01  Corinna Vinschen  <cori...@vinschen.de>
+
+       * grp.cc (internal_getgroups): Handle negative domain index to avoid
+       crashes.
+
 2015-03-31  Renato Silva  <br.renatosi...@gmail.com>
 
        * net.cc (cygwin_gethostname): Fix buffer size error handling.
diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc
index ea20e92..40e1ca7 100644
--- a/winsup/cygwin/grp.cc
+++ b/winsup/cygwin/grp.cc
@@ -643,13 +643,17 @@ internal_getgroups (int gidsetsize, gid_t *grouplist, 
cyg_ldap *pldap)
        {
          for (ULONG ncnt = 0; ncnt < scnt; ++ncnt)
            {
+             static UNICODE_STRING empty = { 0, 0, (PWSTR) L"" };
              fetch_acc_t full_acc =
                {
                  .sid = sidp_buf[ncnt],
                  .name = &nlst[ncnt].Name,
-                 .dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name,
+                 .dom = &empty,
                  .acc_type = nlst[ncnt].Use
                };
+
+             if (nlst[ncnt].DomainIndex >= 0)
+               full_acc.dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name;
              if ((grp = internal_getgrfull (full_acc, pldap)))
                {
                  if (cnt < gidsetsize)
diff --git a/winsup/cygwin/release/1.7.36 b/winsup/cygwin/release/1.7.36
index 3985578..21175c9 100644
--- a/winsup/cygwin/release/1.7.36
+++ b/winsup/cygwin/release/1.7.36
@@ -32,3 +32,6 @@ Bug Fixes
 - Avoid creating passwd and group records from fully qualified Windows
   account names (domain\name, name@domain).
   Addresses: https://cygwin.com/ml/cygwin/2015-03/msg00528.html
+
+- Avoid potential crash at startup or in getgroups(2).
+  Addresses: https://cygwin.com/ml/cygwin/2015-04/msg00010.html

Reply via email to