Pavel Tsekov wrote:
BUGS The glibc 2.3.2 implementation of this function is broken: it overwrites memory when the actual number of groups is larger than *ngroups.
As this is clearly a buffer overflow, we should not use the function at all and document this somewhere. Maybe like that:
#if 0 /* the glibc implementation of getgrouplist(3) has a * buffer overflow vulnerability, so we cannot use this function */ ... #endif Roland _______________________________________________ Mc-devel mailing list http://mail.gnome.org/mailman/listinfo/mc-devel