I've just pushed this patch from Lasse Collin.
I suppose it's a purely theoretical bug-fix, since provoking
the failure would be hard:
Even if there exists a system on which one can create INT_MAX groups and
make a user a member of so many, you'd wait a _long_ time iterating the
O(N^2) process before encountering the overflow.
Here's the patch:
Don't rely on signed integer overflowing to negative value.
* lib/getugroups.c (getugroups): Include <limits.h>.
Instead, compare against INT_MAX, and increment only if the test passes.
diff --git a/lib/getugroups.c b/lib/getugroups.c
index 6c557cd..4b8752f 100644
--- a/lib/getugroups.c
+++ b/lib/getugroups.c
@@ -21,6 +21,7 @@
#include "getugroups.h"
+#include <limits.h>
#include <stdio.h> /* grp.h on alpha OSF1 V2.0 uses "FILE *". */
#include <grp.h>
@@ -92,12 +93,12 @@ getugroups (int maxcount, GETGROUPS_T *grouplist, char
const *username,
goto done;
grouplist[count] = grp->gr_gid;
}
- count++;
- if (count < 0)
+ if (count == INT_MAX)
{
errno = EOVERFLOW;
goto done;
}
+ count++;
}
}
}
--
1.5.4.1.98.gf3293
