bugs in sys_set/get_groups and in_group_p

Claus Heine (Claus_Heine@ac2.maus.de)
Thu, 21 Nov 96 13:18:00 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: James R. Leu: "Re: 64Mb RAM maximum with linux?"
Previous message: Systemkennung Linux: "Re: IP Checksumming"

X-To: Linus.Torvalds@Helsinki.FI
For Linux-2.1.11 there are bugs in kernel/sys.c in the functions
sys_getgroups() and sys_setgroups(). The problems are caused by
the fact that the task structure (declared in linux/sched.h)
declares the supplementory groups ids for a process to be of type
int (struct component current->groups) whereas the kernel
gid_t is of type short int.

Now, the functions sys_get/setgroups() were changed (2.1.10 -> 2.1.11)
to use copy_from/to_user() to get the entire list of supplementory groups
in one step instead of copying the group ids one by one. It is easy to
see that this breaks the functions.

The following patches solve the problem. It seems that there are also
other parts of the kernel's task struct that use `int' (for example)
instead of the typedefed synonyms.

Cheers

Claus

--- kernel/sys.c~ Thu Nov 21 14:46:11 1996
+++ kernel/sys.c Thu Nov 21 14:52:46 1996
@@ -699,7 +699,7 @@
asmlinkage int sys_getgroups(int gidsetsize, gid_t *grouplist)
{
int i;
- int * groups;
+ gid_t * groups;

if (gidsetsize < 0)
return -EINVAL;
--- include/linux/sched.h~ Tue Nov 19 02:05:54 1996
+++ include/linux/sched.h Thu Nov 21 14:48:22 1996
@@ -200,7 +200,7 @@
int session;
/* boolean value for session group leader */
int leader;
- int groups[NGROUPS];
+ gid_t groups[NGROUPS];
/*
* pointers to (original) parent process, youngest child, younger
sibling,
* older sibling, respectively. (p->father can be replaced with

-- 
Claus_Heine@ac2.maus.de

Next message: James R. Leu: "Re: 64Mb RAM maximum with linux?"
Previous message: Systemkennung Linux: "Re: IP Checksumming"