https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=25e5824fb1c3386a02f90a4dde208ae5a7c10ba6
commit 25e5824fb1c3386a02f90a4dde208ae5a7c10ba6 Author: Corinna Vinschen <[email protected]> AuthorDate: Wed Jan 15 15:57:56 2025 +0100 Commit: Corinna Vinschen <[email protected]> CommitDate: Wed Jan 15 15:57:56 2025 +0100 Cygwin: get_posix_access: make sure pos is correctly set when used The code merging permissions relies on `pos' being set to the number of current entries in the local aclent_t buffer. Commit 0e6d36766c83 ("Cygwin: get_posix_access: move umask masking to the end") moved that code to run earlier, but neglected to move setting `pos' correctly as well. Make sure to set `pos' inside the code block, as well as in the final array size check, so `pos' is set correctly where it belongs. Fixes: 0e6d36766c83 ("Cygwin: get_posix_access: move umask masking to the end") Signed-off-by: Corinna Vinschen <[email protected]> Diff: --- winsup/cygwin/sec/acl.cc | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/winsup/cygwin/sec/acl.cc b/winsup/cygwin/sec/acl.cc index 3efcfadfdd1f..b92f62493e1e 100644 --- a/winsup/cygwin/sec/acl.cc +++ b/winsup/cygwin/sec/acl.cc @@ -1020,6 +1020,9 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, /* For old-style or non-Cygwin ACLs, check for merging permissions. */ if (!new_style) { + /* Make sure `pos' contains the number of used entries in lacl. */ + if ((pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) < 0) + pos = MAX_ACL_ENTRIES; /* First loop handles object permissions */ for (idx = 0; idx < pos; ++idx) { @@ -1087,16 +1090,16 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, { case USER_OBJ: case USER: - obj_idx = searchace (lacl, pos + 1, USER_OBJ, id); + obj_idx = searchace (lacl, pos, USER_OBJ, id); if (obj_idx < 0) - obj_idx = searchace (lacl, pos + 1, USER, + obj_idx = searchace (lacl, pos, USER, lacl[idx].a_id); break; case GROUP_OBJ: case GROUP: - obj_idx = searchace (lacl, pos + 1, GROUP_OBJ, id); + obj_idx = searchace (lacl, pos, GROUP_OBJ, id); if (obj_idx < 0) - obj_idx = searchace (lacl, pos + 1, GROUP, + obj_idx = searchace (lacl, pos, GROUP, lacl[idx].a_id); break; } @@ -1181,9 +1184,6 @@ get_posix_access (PSECURITY_DESCRIPTOR psd, aclsid[pos] = well_known_null_sid; } - /* Make sure `pos' contains the number of used entries in lacl. */ - if ((pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) < 0) - pos = MAX_ACL_ENTRIES; /* If owner SID == group SID (Microsoft Accounts) merge group perms into user perms but leave group perms intact. That's a fake, but it allows to keep track of the POSIX group perms without much effort. */ @@ -1219,6 +1219,9 @@ out: attr_ret = attr; if (aclbufp) { + /* Make sure `pos' contains the number of used entries in lacl. */ + if ((pos = searchace (lacl, MAX_ACL_ENTRIES, 0)) < 0) + pos = MAX_ACL_ENTRIES; if (pos > nentries) { set_errno (ENOSPC);
