https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8
commit 71a897e40d4a9f0b3a6caf6bae974c00aae2cbe8 Author: Corinna Vinschen <cori...@vinschen.de> Date: Wed Apr 1 13:15:18 2015 +0200 Avoid potential crash at startup or in getgroups(2). * grp.cc (internal_getgroups): Handle negative domain index to avoid crashes. Signed-off-by: Corinna Vinschen <cori...@vinschen.de> Diff: --- winsup/cygwin/ChangeLog | 5 +++++ winsup/cygwin/grp.cc | 6 +++++- winsup/cygwin/release/1.7.36 | 3 +++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index c4be231..58bfa23 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,8 @@ +2015-04-01 Corinna Vinschen <cori...@vinschen.de> + + * grp.cc (internal_getgroups): Handle negative domain index to avoid + crashes. + 2015-03-31 Renato Silva <br.renatosi...@gmail.com> * net.cc (cygwin_gethostname): Fix buffer size error handling. diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc index ea20e92..40e1ca7 100644 --- a/winsup/cygwin/grp.cc +++ b/winsup/cygwin/grp.cc @@ -643,13 +643,17 @@ internal_getgroups (int gidsetsize, gid_t *grouplist, cyg_ldap *pldap) { for (ULONG ncnt = 0; ncnt < scnt; ++ncnt) { + static UNICODE_STRING empty = { 0, 0, (PWSTR) L"" }; fetch_acc_t full_acc = { .sid = sidp_buf[ncnt], .name = &nlst[ncnt].Name, - .dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name, + .dom = &empty, .acc_type = nlst[ncnt].Use }; + + if (nlst[ncnt].DomainIndex >= 0) + full_acc.dom = &dlst->Domains[nlst[ncnt].DomainIndex].Name; if ((grp = internal_getgrfull (full_acc, pldap))) { if (cnt < gidsetsize) diff --git a/winsup/cygwin/release/1.7.36 b/winsup/cygwin/release/1.7.36 index 3985578..21175c9 100644 --- a/winsup/cygwin/release/1.7.36 +++ b/winsup/cygwin/release/1.7.36 @@ -32,3 +32,6 @@ Bug Fixes - Avoid creating passwd and group records from fully qualified Windows account names (domain\name, name@domain). Addresses: https://cygwin.com/ml/cygwin/2015-03/msg00528.html + +- Avoid potential crash at startup or in getgroups(2). + Addresses: https://cygwin.com/ml/cygwin/2015-04/msg00010.html