fix: 修复子进程setgroups时会额外加上父进程gid，导致getgroups的list比设置的list多一个gid的问题

主干不存在该问题，已解决. 子进程setgroups时会额外加上父进程gid，导致groups总是多出一个，与posix标准不符 setgroups时，若经过了入参校验，传入的list直接覆盖设置为groups，当groups个数为0，则getgroups直接返回0 close: #I48FMK Signed-off-by: N liu-zhanwei <liuzhanwei4@huawei.com>

fix: 修复子进程setgroups时会额外加上父进程gid，导致getgroups的list比设置的list多一个gid的问题
主干不存在该问题，已解决. 子进程setgroups时会额外加上父进程gid，导致groups总是多出一个，与posix标准不符 setgroups时，若经过了入参校验，传入的list直接覆盖设置为groups，当groups个数为0，则getgroups直接返回0 close: #I48FMK Signed-off-by: N liu-zhanwei <liuzhanwei4@huawei.com>
58aea01f · liu-zhanwei · 3e6bab51 · 58aea01f
隐藏空白更改
内联并排

Showing with 8 addition and 14 deletion

syscall/process_syscall.c syscall/process_syscall.c +8 -14

未找到文件。
--- a/syscall/process_syscall.c
+++ b/syscall/process_syscall.c
@@ -683,12 +683,12 @@ int SysGetGroupID(void)
 }

 #ifdef LOSCFG_SECURITY_CAPABILITY
-static int SetGroups(int listSize, const int *safeList, int size)
+static int SetGroups(int size, const int *safeList)
 {
    User *oldUser = NULL;
    unsigned int intSave;

-    User *newUser = LOS_MemAlloc(m_aucSysMem1, sizeof(User) + listSize * sizeof(int));
+    User *newUser = LOS_MemAlloc(m_aucSysMem1, sizeof(User) + size * sizeof(int));
    if (newUser == NULL) {
        return -ENOMEM;
    }
@@ -696,14 +696,11 @@ static int SetGroups(int listSize, const int *safeList, int size)
    SCHEDULER_LOCK(intSave);
    oldUser = OsCurrUserGet();
    (VOID)memcpy_s(newUser, sizeof(User), oldUser, sizeof(User));
-    if (safeList != NULL) {
+    if (size != 0) {
        (VOID)memcpy_s(newUser->groups, size * sizeof(int), safeList, size * sizeof(int));
    }
-    if (listSize == size) {
-        newUser->groups[listSize] = oldUser->gid;
-    }
-
-    newUser->groupNumber = listSize + 1;
+    
+    newUser->groupNumber = size;
    OsCurrProcessGet()->user = newUser;
    SCHEDULER_UNLOCK(intSave);

@@ -724,7 +721,7 @@ static int GetGroups(int size, int list[])
    SCHEDULER_UNLOCK(intSave);

    listSize = groupCount * sizeof(int);
-    if (size == 0) {
+    if ((size == 0) || (groupCount == 0)) {
        return groupCount;
    } else if (list == NULL) {
        return -EFAULT;
@@ -782,7 +779,6 @@ int SysSetGroups(int size, const int list[])
 #ifdef LOSCFG_SECURITY_CAPABILITY
    int ret;
    int gid;
-    int listSize = size;
    unsigned int count;
    int *safeList = NULL;
 #endif
@@ -813,16 +809,14 @@ int SysSetGroups(int size, const int list[])
        }
        gid = OsCurrUserGet()->gid;
        for (count = 0; count < size; count++) {
-            if (safeList[count] == gid) {
-                listSize = size - 1;
-            } else if (safeList[count] < 0) {
+            if (safeList[count] < 0) {
                ret = -EINVAL;
                goto EXIT;
            }
        }
    }

-    ret = SetGroups(listSize, safeList, size);
+    ret = SetGroups(size, safeList);
 EXIT:
    if (safeList != NULL) {
        (void)LOS_MemFree(m_aucSysMem1, safeList);