git: d1142d54fa21 - stable/14 - libc: fix the _FORTIFY_SOURCE build of getgrouplist(3)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 18 Sep 2025 10:13:44 UTC
The branch stable/14 has been updated by olce:
URL: https://cgit.FreeBSD.org/src/commit/?id=d1142d54fa2153fdba3947f0cf03e8a2ce4f0e75
commit d1142d54fa2153fdba3947f0cf03e8a2ce4f0e75
Author: Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2025-09-13 22:19:46 +0000
Commit: Olivier Certner <olce@FreeBSD.org>
CommitDate: 2025-09-18 10:13:11 +0000
libc: fix the _FORTIFY_SOURCE build of getgrouplist(3)
We need <unistd.h> to get our prototype normally, but WARNS in libc is
way too low to surface that.
Additionally, _FORTIFY_SOURCE needs to include <ssp/unistd.h> by way of
<unistd.h> to actually export an implementation of getgrouplist(3). The
version defined in the .c gets named __ssp_real_getgrouplist() and the
actual implementation comes from the redirect stub in <ssp/unistd.h>,
which basically gets optimized away in the built object because our
__builtin_object_size() check is trivially false when we cannot resolve
any object sizes in this translation unit.
This could be argued as a design flaw in _FORTIFY_SOURCE, but we should
grab <unistd.h> for our prototype anyways so let's kick the can down
the road instead of re-thinking it for 15.0.
Reported by: Shawn Webb (HardenedBSD)
Fixes: d3f8ed6066 ("getgrouplist(3): Remove superfluous [...]")
MFC after: 3 days
(cherry picked from commit 91ea7e2ce2b5b2ff4702c3092cfe944862d58172)
This is (partly) MFCed just for the sake of re-introducing the
<unistd.h> include to have a prototype. There is no _FORTIFY_SOURCE
support for getgrouplist(3) in 14.
---
lib/libc/gen/getgrouplist.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/libc/gen/getgrouplist.c b/lib/libc/gen/getgrouplist.c
index 90626cef3c83..fb4945beb2b2 100644
--- a/lib/libc/gen/getgrouplist.c
+++ b/lib/libc/gen/getgrouplist.c
@@ -33,6 +33,8 @@
__SCCSID("@(#)getgrouplist.c 8.2 (Berkeley) 12/8/94");
#include <sys/types.h>
+#include <unistd.h>
+
extern int __getgroupmembership(const char *, gid_t, gid_t *, int, int *);
int