Prevent buffer over-read in getgroups()

author: Jan Verbeek <jan.verbeek@posteo.nl> 2021-09-12 12:26:12 +0200
committer: Jan Verbeek <jan.verbeek@posteo.nl> 2021-09-12 12:26:12 +0200
commit: a8751ec768f61ce58aaf8550c165e0b1639ea3af (patch)
tree: b9192b4fb9dc051cad5163a63b23eb93ef40a4e2
parent: bf4f2738c9b4ad2ec1a2277358f94240f69fb8c8 (diff)
download: nix-a8751ec768f61ce58aaf8550c165e0b1639ea3af.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/unistd.rs b/src/unistd.rs
index 25b20051..2f47b260 100644
--- a/src/unistd.rs
+++ b/src/unistd.rs
@@ -1420,6 +1420,14 @@ pub fn getgroups() -> Result<Vec<Gid>> {
     // Next, get the number of groups so we can size our Vec
     let ngroups = unsafe { libc::getgroups(0, ptr::null_mut()) };
 
+    // If there are no supplementary groups, return early.
+    // This prevents a potential buffer over-read if the number of groups
+    // increases from zero before the next call. It would return the total
+    // number of groups beyond the capacity of the buffer.
+    if ngroups == 0 {
+        return Ok(Vec::new());
+    }
+
     // Now actually get the groups. We try multiple times in case the number of
     // groups has changed since the first call to getgroups() and the buffer is
     // now too small.
author	Jan Verbeek <jan.verbeek@posteo.nl>	2021-09-12 12:26:12 +0200
committer	Jan Verbeek <jan.verbeek@posteo.nl>	2021-09-12 12:26:12 +0200
commit	a8751ec768f61ce58aaf8550c165e0b1639ea3af (patch)
tree	b9192b4fb9dc051cad5163a63b23eb93ef40a4e2
parent	bf4f2738c9b4ad2ec1a2277358f94240f69fb8c8 (diff)
download	nix-a8751ec768f61ce58aaf8550c165e0b1639ea3af.zip