]> Zhao Yanbai Git Server - minix.git/commitdiff
Zhao YanBai
Repos / minix.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8a0901c)
Check group range for sanity
authorThomas Veerman <thomas@minix3.org>
Thu, 8 Sep 2011 12:23:03 +0000 (12:23 +0000)
committerThomas Veerman <thomas@minix3.org>
Thu, 8 Sep 2011 12:23:03 +0000 (12:23 +0000)
servers/ext2/protect.c patch | blob | history
servers/mfs/pipe.c patch | blob | history
servers/mfs/protect.c patch | blob | history

diff --git a/servers/ext2/protect.c b/servers/ext2/protect.c
index 952e6f74e452d4ff38d567340a066792dbcded74..9fdfe50a5e17d43c4c9f43fb12e088f34a5f7a88 100644 (file)
--- a/servers/ext2/protect.c
+++ b/servers/ext2/protect.c
@@ -129,7 +129,11 @@ PUBLIC int forbidden(register struct inode *rip, mode_t access_desired)
 PRIVATE int in_group(gid_t grp)
 {
   int i;
-  for(i = 0; i < credentials.vu_ngroups; i++)
+
+  if (credentials.vu_ngroups >= NGROUPS_MAX)
+       return(EINVAL);
+
+  for (i = 0; i < credentials.vu_ngroups; i++)
        if (credentials.vu_sgroups[i] == grp)
                return(OK);
 
diff --git a/servers/mfs/pipe.c b/servers/mfs/pipe.c
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..8b137891791fe96927ad78e64b0aad7bded08bdc 100644 (file)
--- a/servers/mfs/pipe.c
+++ b/servers/mfs/pipe.c
@@ -0,0 +1 @@
+
diff --git a/servers/mfs/protect.c b/servers/mfs/protect.c
index 4f80adb376b19d66ce14181acbd253b029a8b0e2..0a6d01afb1ba318777106bb99e0b31042e8c6d4f 100644 (file)
--- a/servers/mfs/protect.c
+++ b/servers/mfs/protect.c
@@ -123,7 +123,11 @@ PUBLIC int forbidden(register struct inode *rip, mode_t access_desired)
 PRIVATE int in_group(gid_t grp)
 {
   int i;
-  for(i = 0; i < credentials.vu_ngroups; i++)
+
+  if (credentials.vu_ngroups >= NGROUPS_MAX)
+       return(EINVAL);
+
+  for (i = 0; i < credentials.vu_ngroups; i++)
        if (credentials.vu_sgroups[i] == grp)
                return(OK);
 
Unnamed repository; edit this file 'description' to name the repository.