diff options
| author | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2017-07-19 11:34:17 +0200 |
|---|---|---|
| committer | jin-gyu.kim <jin-gyu.kim@samsung.com> | 2017-07-20 14:52:32 +0900 |
| commit | 6357ba7161cab3c0260868cd1144208450a12b64 (patch) | |
| tree | 220427687d89d61e7bf54769c4fe25fc5f621e17 | |
| parent | 3d20321d2a4cb14eb046b26a5254c9cccf61a10d (diff) | |
| download | security-manager-6357ba7161cab3c0260868cd1144208450a12b64.tar.gz security-manager-6357ba7161cab3c0260868cd1144208450a12b64.tar.bz2 security-manager-6357ba7161cab3c0260868cd1144208450a12b64.zip | |
Fix segfault in nss pluginsubmit/tizen_3.0/20170720.055302accepted/tizen/3.0/wearable/20170721.023953accepted/tizen/3.0/tv/20170721.023947accepted/tizen/3.0/mobile/20170721.023941accepted/tizen/3.0/ivi/20170721.023957accepted/tizen/3.0/common/20170721.115213
- Initialize groups pointer to NULL
- Delay wrapping with unique_ptr until we are sure that function returning
groups succeeded
- Treat empty group list as a correct result
Change-Id: I9cf7493d819f3c1afdc2a378bc52f24d0f3f53b9
| -rw-r--r-- | src/client/client-security-manager.cpp | 6 | ||||
| -rw-r--r-- | src/nss/nss_securitymanager.cpp | 5 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index a643186f..be22b174 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -1130,6 +1130,12 @@ static void loadGroups(std::vector<gid_t> &vgroups) { static int group_vector_to_array(const std::vector<gid_t> &vgroups, gid_t **groups, size_t *groups_count) { + if (vgroups.empty()) { + *groups_count = 0; + *groups = NULL; + return SECURITY_MANAGER_SUCCESS; + } + size_t size = vgroups.size() * sizeof(gid_t); *groups = static_cast<gid_t*>(malloc(size)); if (*groups == nullptr) diff --git a/src/nss/nss_securitymanager.cpp b/src/nss/nss_securitymanager.cpp index 0e2ae5e6..2a975e69 100644 --- a/src/nss/nss_securitymanager.cpp +++ b/src/nss/nss_securitymanager.cpp @@ -106,7 +106,7 @@ enum nss_status _nss_securitymanager_initgroups_dyn(const char *user, gid_t grou return NSS_STATUS_NOTFOUND; } - gid_t *groups; + gid_t *groups = NULL; size_t groupsCount; ret = security_manager_groups_get_for_user(pwnam->pw_uid, &groups, &groupsCount); @@ -114,7 +114,6 @@ enum nss_status _nss_securitymanager_initgroups_dyn(const char *user, gid_t grou // If user is not managed by Security Manager, we want to apply all the groups ret = security_manager_groups_get(&groups, &groupsCount); } - auto groupsGuard = SecurityManager::makeUnique(groups, free); if (ret == SECURITY_MANAGER_ERROR_MEMORY) { *errnop = ENOMEM; @@ -131,6 +130,8 @@ enum nss_status _nss_securitymanager_initgroups_dyn(const char *user, gid_t grou return NSS_STATUS_UNAVAIL; } + auto groupsGuard = SecurityManager::makeUnique(groups, free); + if (((*size) - (*start)) < static_cast<long int>(groupsCount)) { long int required = (*start) + groupsCount; // value bigger is the lowest power of 2 that is bigger than required value |