svn commit: r192087 - in projects/ngroups: lib/libc/gen
lib/libc/rpc lib/libc/sys usr.bin/id usr.bin/newgrp
usr.bin/quota usr.sbin/chown usr.sbin/chroot usr.sbin/jail
usr.sbin/jexec usr.sbin/lpr/lpc
Brooks Davis
brooks at FreeBSD.org
Thu May 14 06:50:31 UTC 2009
Author: brooks
Date: Thu May 14 06:50:30 2009
New Revision: 192087
URL: http://svn.freebsd.org/changeset/base/192087
Log:
Use to value returned by sysconf(_SC_NGROUPS_MAX) in favor of
NGROUPS_MAX or NGROUPS since POSIX says that NGROUPS_MAX represents a
lower bound on sysconf(_SC_NGROUPS_MAX).
Modified:
projects/ngroups/lib/libc/gen/initgroups.c
projects/ngroups/lib/libc/rpc/auth_unix.c
projects/ngroups/lib/libc/sys/getgroups.2
projects/ngroups/lib/libc/sys/setgroups.2
projects/ngroups/usr.bin/id/id.c
projects/ngroups/usr.bin/newgrp/newgrp.c
projects/ngroups/usr.bin/quota/quota.c
projects/ngroups/usr.sbin/chown/chown.c
projects/ngroups/usr.sbin/chroot/chroot.c
projects/ngroups/usr.sbin/jail/jail.c
projects/ngroups/usr.sbin/jexec/jexec.c
projects/ngroups/usr.sbin/lpr/lpc/lpc.c
Modified: projects/ngroups/lib/libc/gen/initgroups.c
==============================================================================
--- projects/ngroups/lib/libc/gen/initgroups.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/lib/libc/gen/initgroups.c Thu May 14 06:50:30 2009 (r192087)
@@ -35,10 +35,12 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
+#include <stdlib.h>
#include <stdio.h>
#include "namespace.h"
#include <err.h>
#include "un-namespace.h"
+#include <errno.h>
#include <unistd.h>
int
@@ -46,14 +48,20 @@ initgroups(uname, agroup)
const char *uname;
gid_t agroup;
{
- int ngroups;
+ int ngroups, ret;
+ gid_t *groups;
+
/*
- * Provide space for one group more than NGROUPS to allow
+ * Provide space for one group more than possible to allow
* setgroups to fail and set errno.
*/
- gid_t groups[NGROUPS + 1];
+ ngroups = sysconf(_SC_NGROUPS_MAX) + 1;
+ groups = malloc(sizeof(gid_t)*ngroups);
+ if (groups == NULL)
+ return (ENOSPC);
- ngroups = NGROUPS + 1;
getgrouplist(uname, agroup, groups, &ngroups);
- return (setgroups(ngroups, groups));
+ ret = setgroups(ngroups, groups);
+ free(groups);
+ return(ret);
}
Modified: projects/ngroups/lib/libc/rpc/auth_unix.c
==============================================================================
--- projects/ngroups/lib/libc/rpc/auth_unix.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/lib/libc/rpc/auth_unix.c Thu May 14 06:50:30 2009 (r192087)
@@ -185,23 +185,28 @@ authunix_create(machname, uid, gid, len,
AUTH *
authunix_create_default()
{
- int len;
+ int ngids;
char machname[MAXHOSTNAMELEN + 1];
uid_t uid;
gid_t gid;
- gid_t gids[NGROUPS_MAX];
+ gid_t *gids;
+
+ ngids = sysconf(_SC_NGROUPS_MAX);
+ gids = malloc(sizeof(gid_t) * ngids);
+ if (gids == NULL)
+ return (NULL);
if (gethostname(machname, sizeof machname) == -1)
abort();
machname[sizeof(machname) - 1] = 0;
uid = geteuid();
gid = getegid();
- if ((len = getgroups(NGROUPS_MAX, gids)) < 0)
+ if ((ngids = getgroups(NGROUPS_MAX, gids)) < 0)
abort();
- if (len > NGRPS)
- len = NGRPS;
+ if (ngids > NGRPS)
+ ngids = NGRPS;
/* XXX: interface problem; those should all have been unsigned */
- return (authunix_create(machname, (int)uid, (int)gid, len,
+ return (authunix_create(machname, (int)uid, (int)gid, ngids,
(int *)gids));
}
Modified: projects/ngroups/lib/libc/sys/getgroups.2
==============================================================================
--- projects/ngroups/lib/libc/sys/getgroups.2 Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/lib/libc/sys/getgroups.2 Thu May 14 06:50:30 2009 (r192087)
@@ -59,7 +59,7 @@ system call
returns the actual number of groups returned in
.Fa gidset .
No more than
-.Dv NGROUPS_MAX
+.Fn sysconf _SC_NGROUPS_MAX
will ever
be returned.
If
@@ -91,7 +91,8 @@ an invalid address.
.El
.Sh SEE ALSO
.Xr setgroups 2 ,
-.Xr initgroups 3
+.Xr initgroups 3 ,
+.Xr sysconf 3
.Sh HISTORY
The
.Fn getgroups
Modified: projects/ngroups/lib/libc/sys/setgroups.2
==============================================================================
--- projects/ngroups/lib/libc/sys/setgroups.2 Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/lib/libc/sys/setgroups.2 Thu May 14 06:50:30 2009 (r192087)
@@ -53,9 +53,7 @@ The
argument
indicates the number of entries in the array and must be no
more than
-.Dv NGROUPS ,
-as defined in
-.In sys/param.h .
+.Fn sysconf _SC_NGROUPS_MAX .
.Pp
Only the super-user may set a new group list.
.Sh RETURN VALUES
@@ -71,7 +69,7 @@ The caller is not the super-user.
The number specified in the
.Fa ngroups
argument is larger than the
-.Dv NGROUPS
+.Fn sysconf _SC_NGROUPS_MAX
limit.
.It Bq Er EFAULT
The address specified for
Modified: projects/ngroups/usr.bin/id/id.c
==============================================================================
--- projects/ngroups/usr.bin/id/id.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.bin/id/id.c Thu May 14 06:50:30 2009 (r192087)
@@ -257,8 +257,8 @@ id_print(struct passwd *pw, int use_ggl,
struct group *gr;
gid_t gid, egid, lastgid;
uid_t uid, euid;
- int cnt, ngroups;
- gid_t groups[NGROUPS + 1];
+ int cnt, ngroups, ngroups_max;
+ gid_t *groups;
const char *fmt;
if (pw != NULL) {
@@ -270,12 +270,16 @@ id_print(struct passwd *pw, int use_ggl,
gid = getgid();
}
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * (ngroups_max + 1))) == NULL)
+ err(1, "malloc");
+
if (use_ggl && pw != NULL) {
- ngroups = NGROUPS + 1;
+ ngroups = ngroups_max + 1;
getgrouplist(pw->pw_name, gid, groups, &ngroups);
}
else {
- ngroups = getgroups(NGROUPS + 1, groups);
+ ngroups = getgroups(ngroups_max + 1, groups);
}
if (pw != NULL)
@@ -306,6 +310,7 @@ id_print(struct passwd *pw, int use_ggl,
lastgid = gid;
}
printf("\n");
+ free(groups);
}
#ifdef USE_BSM_AUDIT
@@ -360,16 +365,20 @@ void
group(struct passwd *pw, int nflag)
{
struct group *gr;
- int cnt, id, lastid, ngroups;
- gid_t groups[NGROUPS + 1];
+ int cnt, id, lastid, ngroups, ngroups_max;
+ gid_t *groups;
const char *fmt;
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * (ngroups_max + 1))) == NULL)
+ err(1, "malloc");
+
if (pw) {
- ngroups = NGROUPS + 1;
+ ngroups = ngroups_max + 1;
(void) getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups);
} else {
groups[0] = getgid();
- ngroups = getgroups(NGROUPS, groups + 1) + 1;
+ ngroups = getgroups(ngroups_max, groups + 1) + 1;
}
fmt = nflag ? "%s" : "%u";
for (lastid = -1, cnt = 0; cnt < ngroups; ++cnt) {
@@ -389,6 +398,7 @@ group(struct passwd *pw, int nflag)
lastid = id;
}
(void)printf("\n");
+ free(groups);
}
void
Modified: projects/ngroups/usr.bin/newgrp/newgrp.c
==============================================================================
--- projects/ngroups/usr.bin/newgrp/newgrp.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.bin/newgrp/newgrp.c Thu May 14 06:50:30 2009 (r192087)
@@ -146,9 +146,9 @@ restoregrps(void)
static void
addgroup(const char *grpname)
{
- gid_t grps[NGROUPS_MAX];
+ gid_t *grps;
long lgid;
- int dbmember, i, ngrps;
+ int dbmember, i, ngrps, ngrps_max;
gid_t egid;
struct group *grp;
char *ep, *pass;
@@ -185,7 +185,10 @@ addgroup(const char *grpname)
}
}
- if ((ngrps = getgroups(NGROUPS_MAX, (gid_t *)grps)) < 0) {
+ ngrps_max = sysconf(_SC_NGROUPS_MAX);
+ if ((grps = malloc(sizeof(gid_t) * ngrps_max)) == NULL)
+ err(1, "malloc");
+ if ((ngrps = getgroups(ngrps_max, (gid_t *)grps)) < 0) {
warn("getgroups");
return;
}
@@ -217,7 +220,7 @@ addgroup(const char *grpname)
/* Add old effective gid to supp. list if it does not exist. */
if (egid != grp->gr_gid && !inarray(egid, grps, ngrps)) {
- if (ngrps == NGROUPS_MAX)
+ if (ngrps == ngrps_max)
warnx("too many groups");
else {
grps[ngrps++] = egid;
@@ -231,6 +234,7 @@ addgroup(const char *grpname)
}
}
+ free(grps);
}
static int
Modified: projects/ngroups/usr.bin/quota/quota.c
==============================================================================
--- projects/ngroups/usr.bin/quota/quota.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.bin/quota/quota.c Thu May 14 06:50:30 2009 (r192087)
@@ -117,7 +117,7 @@ int
main(int argc, char *argv[])
{
int ngroups;
- gid_t mygid, gidset[NGROUPS];
+ gid_t mygid, *gidset;
int i, ch, gflag = 0, uflag = 0, errflag = 0;
while ((ch = getopt(argc, argv, "f:ghlrquv")) != -1) {
@@ -159,13 +159,17 @@ main(int argc, char *argv[])
errflag += showuid(getuid());
if (gflag) {
mygid = getgid();
- ngroups = getgroups(NGROUPS, gidset);
+ ngroups = sysconf(_SC_NGROUPS_MAX);
+ if ((gidset = malloc(sizeof(gid_t) * ngroups)) == NULL)
+ err(1, "malloc");
+ ngroups = getgroups(ngroups, gidset);
if (ngroups < 0)
err(1, "getgroups");
errflag += showgid(mygid);
for (i = 0; i < ngroups; i++)
if (gidset[i] != mygid)
errflag += showgid(gidset[i]);
+ free(gidset);
}
return(errflag);
}
Modified: projects/ngroups/usr.sbin/chown/chown.c
==============================================================================
--- projects/ngroups/usr.sbin/chown/chown.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.sbin/chown/chown.c Thu May 14 06:50:30 2009 (r192087)
@@ -268,8 +268,8 @@ void
chownerr(const char *file)
{
static uid_t euid = -1;
- static int ngroups = -1;
- gid_t groups[NGROUPS_MAX];
+ static int ngroups = -1, ngroups_max;
+ gid_t *groups;
/* Check for chown without being root. */
if (errno != EPERM || (uid != (uid_t)-1 &&
@@ -281,7 +281,10 @@ chownerr(const char *file)
/* Check group membership; kernel just returns EPERM. */
if (gid != (gid_t)-1 && ngroups == -1 &&
euid == (uid_t)-1 && (euid = geteuid()) != 0) {
- ngroups = getgroups(NGROUPS_MAX, groups);
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+ err(1, "malloc");
+ ngroups = getgroups(ngroups_max, groups);
while (--ngroups >= 0 && gid != groups[ngroups]);
if (ngroups < 0) {
warnx("you are not a member of group %s", gname);
Modified: projects/ngroups/usr.sbin/chroot/chroot.c
==============================================================================
--- projects/ngroups/usr.sbin/chroot/chroot.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.sbin/chroot/chroot.c Thu May 14 06:50:30 2009 (r192087)
@@ -69,9 +69,9 @@ main(argc, argv)
struct passwd *pw;
char *endp, *p;
const char *shell;
- gid_t gid, gidlist[NGROUPS_MAX];
+ gid_t gid, *gidlist;
uid_t uid;
- int ch, gids;
+ int ch, gids, ngroups_max;
gid = 0;
uid = 0;
@@ -117,8 +117,11 @@ main(argc, argv)
}
}
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+ err(1, "malloc");
for (gids = 0;
- (p = strsep(&grouplist, ",")) != NULL && gids < NGROUPS_MAX; ) {
+ (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) {
if (*p == '\0')
continue;
@@ -135,7 +138,7 @@ main(argc, argv)
}
gids++;
}
- if (p != NULL && gids == NGROUPS_MAX)
+ if (p != NULL && gids == ngroups_max)
errx(1, "too many supplementary groups provided");
if (user != NULL) {
Modified: projects/ngroups/usr.sbin/jail/jail.c
==============================================================================
--- projects/ngroups/usr.sbin/jail/jail.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.sbin/jail/jail.c Thu May 14 06:50:30 2009 (r192087)
@@ -85,7 +85,7 @@ STAILQ_HEAD(addr6head, addr6entry) addr6
lcap = login_getpwclass(pwd); \
if (lcap == NULL) \
err(1, "getpwclass: %s", username); \
- ngroups = NGROUPS; \
+ ngroups = ngroups_max; \
if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \
err(1, "getgrouplist: %s", username); \
} while (0)
@@ -96,8 +96,8 @@ main(int argc, char **argv)
login_cap_t *lcap = NULL;
struct jail j;
struct passwd *pwd = NULL;
- gid_t groups[NGROUPS];
- int ch, error, i, ngroups, securelevel;
+ gid_t *groups = NULL;
+ int ch, error, i, ngroups, ngroups_max, securelevel;
int hflag, iflag, Jflag, lflag, uflag, Uflag;
char path[PATH_MAX], *jailname, *ep, *username, *JidFile, *ip;
static char *cleanenv;
@@ -111,6 +111,10 @@ main(int argc, char **argv)
jailname = username = JidFile = cleanenv = NULL;
fp = NULL;
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+ err(1, "malloc");
+
while ((ch = getopt(argc, argv, "hiln:s:u:U:J:")) != -1) {
switch (ch) {
case 'h':
Modified: projects/ngroups/usr.sbin/jexec/jexec.c
==============================================================================
--- projects/ngroups/usr.sbin/jexec/jexec.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.sbin/jexec/jexec.c Thu May 14 06:50:30 2009 (r192087)
@@ -202,7 +202,7 @@ lookup_jail(int jid, char *jailname)
lcap = login_getpwclass(pwd); \
if (lcap == NULL) \
err(1, "getpwclass: %s", username); \
- ngroups = NGROUPS; \
+ ngroups = ngroups_max; \
if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \
err(1, "getgrouplist: %s", username); \
} while (0)
@@ -213,14 +213,18 @@ main(int argc, char *argv[])
int jid;
login_cap_t *lcap = NULL;
struct passwd *pwd = NULL;
- gid_t groups[NGROUPS];
- int ch, ngroups, uflag, Uflag;
+ gid_t *groups = NULL;
+ int ch, ngroups, ngroups_max, uflag, Uflag;
char *jailname, *username;
ch = uflag = Uflag = 0;
jailname = username = NULL;
jid = -1;
+ ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+ err(1, "malloc");
+
while ((ch = getopt(argc, argv, "i:n:u:U:")) != -1) {
switch (ch) {
case 'n':
Modified: projects/ngroups/usr.sbin/lpr/lpc/lpc.c
==============================================================================
--- projects/ngroups/usr.sbin/lpr/lpc/lpc.c Thu May 14 06:48:38 2009 (r192086)
+++ projects/ngroups/usr.sbin/lpr/lpc/lpc.c Thu May 14 06:50:30 2009 (r192087)
@@ -356,7 +356,7 @@ ingroup(const char *grname)
{
static struct group *gptr=NULL;
static int ngroups = 0;
- static gid_t groups[NGROUPS];
+ static gid_t *groups;
register gid_t gid;
register int i;
@@ -365,7 +365,10 @@ ingroup(const char *grname)
warnx("warning: unknown group '%s'", grname);
return(0);
}
- ngroups = getgroups(NGROUPS, groups);
+ ngroups = sysconf(_SC_NGROUPS_MAX);
+ if ((groups = malloc(sizeof(gid_t) * ngroups)) == NULL)
+ err(1, "malloc");
+ ngroups = getgroups(ngroups, groups);
if (ngroups < 0)
err(1, "getgroups");
}
More information about the svn-src-projects
mailing list