[ntpsec commit] Forward-port bug fix for [Bug 2866] segmentation fault at initgroups()
Eric S. Raymond
esr at ntpsec.org
Thu Oct 22 21:14:31 UTC 2015
Module: ntpsec
Branch: master
Commit: e8eae9a7beefa1c45c7497cd2a1a8be24d2c4f4a
Changeset: http://git.ntpsec.org/ntpsec/commit/?id=e8eae9a7beefa1c45c7497cd2a1a8be24d2c4f4a
Author: Eric S. Raymond <esr at thyrsus.com>
Date: Thu Oct 22 17:13:57 2015 -0400
Forward-port bug fix for [Bug 2866] segmentation fault at initgroups()
---
NEWS | 1 +
ntpd/ntp_sandbox.c | 15 +++++++++++----
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/NEWS b/NEWS
index 5bb74dd..05daa2a 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,7 @@ on user-visible changes.
later fixes for parser support and reporting leap smear in the REFID.
* [Bug 2859] Improve raw DCF77 robustness decoding. Frank Kardel.
* [Bug 2860] ntpq ifstats sanity check is too stringent. Frank Kardel.
+* [Bug 2866] segmentation fault at initgroups(). Harlan Stenn.
* [Bug 2867] ntpd with autokey active crashed by 'ntpq -crv'
// end
diff --git a/ntpd/ntp_sandbox.c b/ntpd/ntp_sandbox.c
index b22e5f1..0ecab3e 100644
--- a/ntpd/ntp_sandbox.c
+++ b/ntpd/ntp_sandbox.c
@@ -166,10 +166,17 @@ getgroup:
msyslog(LOG_ERR, "Cannot setegid() to group `%s': %m", group);
exit (-1);
}
- if (group)
- setgroups(1, &sw_gid);
- else
- initgroups(pw->pw_name, pw->pw_gid);
+ if (group) {
+ if (0 != setgroups(1, &sw_gid)) {
+ msyslog(LOG_ERR, "setgroups(1, %d) failed: %m", sw_gid);
+ exit (-1);
+ }
+ }
+ else if (pw)
+ if (0 != initgroups(pw->pw_name, pw->pw_gid)) {
+ msyslog(LOG_ERR, "initgroups(<%s>, %d) filed: %m", pw->pw_name, pw->pw_gid);
+ exit (-1);
+ }
if (user && setuid(sw_uid)) {
msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user);
exit (-1);
More information about the vc
mailing list