From nobody Thu Oct 09 11:35:13 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cj78d6jkZz6Blgn; Thu, 09 Oct 2025 11:35:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cj78d4Wnyz3L3D; Thu, 09 Oct 2025 11:35:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760009713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aj65+vjEl3/+rKAWAMck3EDEh3u593M+stJihZMJhaE=; b=YP0NhRCBOOSJRRMcghkU76F6mZVT0UjxH/ycw9+R1dEz9bOjEvp5Wv0GqqswwCViHORvx+ YDwc3GoTH5pypN1G3LLBX7pzndsbDhp5VzCtxIgtxuKofcLab3iLnaUYXvbdGQ8eGYsa4m FEBCxid4CQviJD6p78N3JsulUOu/5P4RXTQPtDOJNjJw8090OpWq4YtxtIJmMMGJhm5gYm 6KfSHeZQVHjlwkhXj7chvVloY5/DmGobU33Z9cnvNDajfHrsIkR6E5NjVRBzTBtq7F8iHQ ZXtTiOAHuKt327j0k1bytL6yVKlnNEDjl+6yDedq9rdIWDoePFaXIgM/Tin9qA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760009713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aj65+vjEl3/+rKAWAMck3EDEh3u593M+stJihZMJhaE=; b=R32/qiq3Z0Xe+RMLkKCRO0bykSc8vjLruw0KOHCEgfWIvFwdcK/DMeaSTK/pJxRirFKTw6 /YgJzQnsK4bj+b8/d14uXnKxEnS2jdt/Qk3y/omkdJ27atW3+sPTNbCG+74aH0ahO3q1w1 i2mEvLBAMrhnft5iFTOjFutXjaKmLNDccPKuXD8L1Z6HXNl8LNoDcVxJbuNk47rv4qcFR7 Iu0LnQArhs96ZQFRJ8Pq5Z3jt33XqkPUTUqD4U0HQxAaqYUrKYKXAywvUWz+rD2gd9HroV tFnfu3Gzjjer2DIWIxmExR+afNtqRxQlBekav/gcO/rAgNFG0n2gnGOGM0hDYQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1760009713; a=rsa-sha256; cv=none; b=JiLhi4F5OPjxZYdL7Vq/tMUL5/jGQTT96BUcwDuCsLyTlDpWuzfWVfnDq+pNNJ2u0lTJX8 aJoFB0DZ2t+HoXMVv5nTBRqt2l9/oApYz1zeMhBAqFyJhCQiOn4cbJFRonNm/Vx4AsqzMv xvDm8TqV64NDVQkSa3lhiKicjkTmtQxBJd7heCVfVi4kLnU4uXaakUf0NX8TQmHzs3N1Nz 6MkwwJarn89K5gfmV2VJFL5u12vyM8V7msvBRl5v52Sdd/wDix0ikbgBcfChZNL0wTmlcY GMAcu3Dm5JefKSc3hX7196QPA2WELONDe2sqKDu2Zrvde7drD/Vce6jZ5mJqpw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cj78d3qpNz1Hw; Thu, 09 Oct 2025 11:35:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 599BZDLr057456; Thu, 9 Oct 2025 11:35:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 599BZDSt057453; Thu, 9 Oct 2025 11:35:13 GMT (envelope-from git) Date: Thu, 9 Oct 2025 11:35:13 GMT Message-Id: <202510091135.599BZDSt057453@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Olivier Certner Subject: git: bb339adfb2a2 - main - nfsuserd: Fix OOB access on membership of too many groups List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: bb339adfb2a26c5bb71cd4275dff80f615534ab6 Auto-Submitted: auto-generated The branch main has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=bb339adfb2a26c5bb71cd4275dff80f615534ab6 commit bb339adfb2a26c5bb71cd4275dff80f615534ab6 Author: Olivier Certner AuthorDate: 2025-10-09 09:19:37 +0000 Commit: Olivier Certner CommitDate: 2025-10-09 11:34:23 +0000 nfsuserd: Fix OOB access on membership of too many groups getgrouplist() sets the variable containing the allocated length in input to the full effective group list length, not the number of slots that were actually filled in case the passed array is too small to contain it. While here, on this condition, improve the error message by outputting the corresponding user name. MFC after: 1 hour Fixes: e6c623c86ab4 ("Add support for the "-manage-gids" option to the nfsuserd daemon.") Sponsored by: The FreeBSD Foundation --- usr.sbin/nfsuserd/nfsuserd.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/usr.sbin/nfsuserd/nfsuserd.c b/usr.sbin/nfsuserd/nfsuserd.c index 29d816934600..0e5c9c8f1e50 100644 --- a/usr.sbin/nfsuserd/nfsuserd.c +++ b/usr.sbin/nfsuserd/nfsuserd.c @@ -421,8 +421,12 @@ main(int argc, char *argv[]) /* Get the group list for this user. */ ngroup = NGROUPS; if (getgrouplist(pwd->pw_name, pwd->pw_gid, grps, - &ngroup) < 0) - syslog(LOG_ERR, "Group list too small"); + &ngroup) < 0) { + syslog(LOG_ERR, + "Group list of user '%s' too big", + pwd->pw_name); + ngroup = NGROUPS; + } nid.nid_ngroup = ngroup; nid.nid_grps = grps; } else { @@ -621,8 +625,11 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp) /* Get the group list for this user. */ ngroup = NGROUPS; if (getgrouplist(pwd->pw_name, pwd->pw_gid, - grps, &ngroup) < 0) - syslog(LOG_ERR, "Group list too small"); + grps, &ngroup) < 0) { + syslog(LOG_ERR, + "Group list of user '%s' too big", + pwd->pw_name); + } nid.nid_ngroup = ngroup; nid.nid_grps = grps; } else {