| kern_prot.c (195741) | kern_prot.c (202143) |
|---|---|
| 1/*- 2 * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 3 * The Regents of the University of California. 4 * (c) UNIX System Laboratories, Inc. 5 * Copyright (c) 2000-2001 Robert N. M. Watson. 6 * All rights reserved. 7 * 8 * All or some portions of this file are derived from material licensed --- 28 unchanged lines hidden (view full) --- 37 * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 38 */ 39 40/* 41 * System calls related to processes and protection 42 */ 43 44#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1982, 1986, 1989, 1990, 1991, 1993 3 * The Regents of the University of California. 4 * (c) UNIX System Laboratories, Inc. 5 * Copyright (c) 2000-2001 Robert N. M. Watson. 6 * All rights reserved. 7 * 8 * All or some portions of this file are derived from material licensed --- 28 unchanged lines hidden (view full) --- 37 * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 38 */ 39 40/* 41 * System calls related to processes and protection 42 */ 43 44#include <sys/cdefs.h> |
| 45__FBSDID("$FreeBSD: head/sys/kern/kern_prot.c 195741 2009-07-17 14:48:21Z jamie $"); | 45__FBSDID("$FreeBSD: head/sys/kern/kern_prot.c 202143 2010-01-12 07:49:34Z brooks $"); |
| 46 47#include "opt_compat.h" 48#include "opt_inet.h" 49#include "opt_inet6.h" 50 51#include <sys/param.h> 52#include <sys/systm.h> 53#include <sys/acct.h> --- 224 unchanged lines hidden (view full) --- 278#endif 279int 280getgroups(struct thread *td, register struct getgroups_args *uap) 281{ 282 gid_t *groups; 283 u_int ngrp; 284 int error; 285 | 46 47#include "opt_compat.h" 48#include "opt_inet.h" 49#include "opt_inet6.h" 50 51#include <sys/param.h> 52#include <sys/systm.h> 53#include <sys/acct.h> --- 224 unchanged lines hidden (view full) --- 278#endif 279int 280getgroups(struct thread *td, register struct getgroups_args *uap) 281{ 282 gid_t *groups; 283 u_int ngrp; 284 int error; 285 |
| 286 ngrp = MIN(uap->gidsetsize, NGROUPS); | 286 ngrp = MIN(uap->gidsetsize, ngroups_max + 1); |
| 287 groups = malloc(ngrp * sizeof(*groups), M_TEMP, M_WAITOK); 288 error = kern_getgroups(td, &ngrp, groups); 289 if (error) 290 goto out; 291 if (uap->gidsetsize > 0) 292 error = copyout(groups, uap->gidset, ngrp * sizeof(gid_t)); 293 if (error == 0) 294 td->td_retval[0] = ngrp; --- 496 unchanged lines hidden (view full) --- 791#endif 792/* ARGSUSED */ 793int 794setgroups(struct thread *td, struct setgroups_args *uap) 795{ 796 gid_t *groups = NULL; 797 int error; 798 | 287 groups = malloc(ngrp * sizeof(*groups), M_TEMP, M_WAITOK); 288 error = kern_getgroups(td, &ngrp, groups); 289 if (error) 290 goto out; 291 if (uap->gidsetsize > 0) 292 error = copyout(groups, uap->gidset, ngrp * sizeof(gid_t)); 293 if (error == 0) 294 td->td_retval[0] = ngrp; --- 496 unchanged lines hidden (view full) --- 791#endif 792/* ARGSUSED */ 793int 794setgroups(struct thread *td, struct setgroups_args *uap) 795{ 796 gid_t *groups = NULL; 797 int error; 798 |
| 799 if (uap->gidsetsize > NGROUPS) | 799 if (uap->gidsetsize > ngroups_max + 1) |
| 800 return (EINVAL); 801 groups = malloc(uap->gidsetsize * sizeof(gid_t), M_TEMP, M_WAITOK); 802 error = copyin(uap->gidset, groups, uap->gidsetsize * sizeof(gid_t)); 803 if (error) 804 goto out; 805 error = kern_setgroups(td, uap->gidsetsize, groups); 806out: 807 free(groups, M_TEMP); 808 return (error); 809} 810 811int 812kern_setgroups(struct thread *td, u_int ngrp, gid_t *groups) 813{ 814 struct proc *p = td->td_proc; 815 struct ucred *newcred, *oldcred; 816 int error; 817 | 800 return (EINVAL); 801 groups = malloc(uap->gidsetsize * sizeof(gid_t), M_TEMP, M_WAITOK); 802 error = copyin(uap->gidset, groups, uap->gidsetsize * sizeof(gid_t)); 803 if (error) 804 goto out; 805 error = kern_setgroups(td, uap->gidsetsize, groups); 806out: 807 free(groups, M_TEMP); 808 return (error); 809} 810 811int 812kern_setgroups(struct thread *td, u_int ngrp, gid_t *groups) 813{ 814 struct proc *p = td->td_proc; 815 struct ucred *newcred, *oldcred; 816 int error; 817 |
| 818 if (ngrp > NGROUPS) | 818 if (ngrp > ngroups_max + 1) |
| 819 return (EINVAL); 820 AUDIT_ARG_GROUPSET(groups, ngrp); 821 newcred = crget(); 822 crextend(newcred, ngrp); 823 PROC_LOCK(p); 824 oldcred = crcopysafe(p, newcred); 825 826#ifdef MAC --- 1190 unchanged lines hidden (view full) --- 2017 for (j = i-1; j >= 1 && g < cr->cr_groups[j]; j--) 2018 cr->cr_groups[j + 1] = cr->cr_groups[j]; 2019 cr->cr_groups[j + 1] = g; 2020 } 2021} 2022 2023/* 2024 * Copy groups in to a credential after expanding it if required. | 819 return (EINVAL); 820 AUDIT_ARG_GROUPSET(groups, ngrp); 821 newcred = crget(); 822 crextend(newcred, ngrp); 823 PROC_LOCK(p); 824 oldcred = crcopysafe(p, newcred); 825 826#ifdef MAC --- 1190 unchanged lines hidden (view full) --- 2017 for (j = i-1; j >= 1 && g < cr->cr_groups[j]; j--) 2018 cr->cr_groups[j + 1] = cr->cr_groups[j]; 2019 cr->cr_groups[j + 1] = g; 2020 } 2021} 2022 2023/* 2024 * Copy groups in to a credential after expanding it if required. |
| 2025 * Truncate the list to NGROUPS if it is too large. | 2025 * Truncate the list to (ngroups_max + 1) if it is too large. |
| 2026 */ 2027void 2028crsetgroups(struct ucred *cr, int ngrp, gid_t *groups) 2029{ 2030 | 2026 */ 2027void 2028crsetgroups(struct ucred *cr, int ngrp, gid_t *groups) 2029{ 2030 |
| 2031 if (ngrp > NGROUPS) 2032 ngrp = NGROUPS; | 2031 if (ngrp > ngroups_max + 1) 2032 ngrp = ngroups_max + 1; |
| 2033 2034 crextend(cr, ngrp); 2035 crsetgroups_locked(cr, ngrp, groups); 2036} 2037 2038/* 2039 * Get login name, if available. 2040 */ --- 155 unchanged lines hidden --- | 2033 2034 crextend(cr, ngrp); 2035 crsetgroups_locked(cr, ngrp, groups); 2036} 2037 2038/* 2039 * Get login name, if available. 2040 */ --- 155 unchanged lines hidden --- |