From 58aea01f5a133b546c471c858a5fc2669cd5b4f8 Mon Sep 17 00:00:00 2001
From: liu-zhanwei <liuzhanwei4@huawei.com>
Date: Wed, 8 Sep 2021 19:24:16 -0700
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E5=AD=90=E8=BF=9B?=
 =?UTF-8?q?=E7=A8=8Bsetgroups=E6=97=B6=E4=BC=9A=E9=A2=9D=E5=A4=96=E5=8A=A0?=
 =?UTF-8?q?=E4=B8=8A=E7=88=B6=E8=BF=9B=E7=A8=8Bgid=EF=BC=8C=E5=AF=BC?=
 =?UTF-8?q?=E8=87=B4getgroups=E7=9A=84list=E6=AF=94=E8=AE=BE=E7=BD=AE?=
 =?UTF-8?q?=E7=9A=84list=E5=A4=9A=E4=B8=80=E4=B8=AAgid=E7=9A=84=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

主干不存在该问题，已解决.

子进程setgroups时会额外加上父进程gid，导致groups总是多出一个，与posix标准不符
setgroups时，若经过了入参校验，传入的list直接覆盖设置为groups，当groups个数为0，则getgroups直接返回0

close:  #I48FMK
Signed-off-by: liu-zhanwei <liuzhanwei4@huawei.com>
---
 syscall/process_syscall.c | 22 ++++++++--------------
 1 file changed, 8 insertions(+), 14 deletions(-)
 mode change 100755 => 100644 syscall/process_syscall.c

diff --git a/syscall/process_syscall.c b/syscall/process_syscall.c
old mode 100755
new mode 100644
index b54f8bb8..467bd1a4
--- a/syscall/process_syscall.c
+++ b/syscall/process_syscall.c
@@ -683,12 +683,12 @@ int SysGetGroupID(void)
 }
 
 #ifdef LOSCFG_SECURITY_CAPABILITY
-static int SetGroups(int listSize, const int *safeList, int size)
+static int SetGroups(int size, const int *safeList)
 {
     User *oldUser = NULL;
     unsigned int intSave;
 
-    User *newUser = LOS_MemAlloc(m_aucSysMem1, sizeof(User) + listSize * sizeof(int));
+    User *newUser = LOS_MemAlloc(m_aucSysMem1, sizeof(User) + size * sizeof(int));
     if (newUser == NULL) {
         return -ENOMEM;
     }
@@ -696,14 +696,11 @@ static int SetGroups(int listSize, const int *safeList, int size)
     SCHEDULER_LOCK(intSave);
     oldUser = OsCurrUserGet();
     (VOID)memcpy_s(newUser, sizeof(User), oldUser, sizeof(User));
-    if (safeList != NULL) {
+    if (size != 0) {
         (VOID)memcpy_s(newUser->groups, size * sizeof(int), safeList, size * sizeof(int));
     }
-    if (listSize == size) {
-        newUser->groups[listSize] = oldUser->gid;
-    }
-
-    newUser->groupNumber = listSize + 1;
+    
+    newUser->groupNumber = size;
     OsCurrProcessGet()->user = newUser;
     SCHEDULER_UNLOCK(intSave);
 
@@ -724,7 +721,7 @@ static int GetGroups(int size, int list[])
     SCHEDULER_UNLOCK(intSave);
 
     listSize = groupCount * sizeof(int);
-    if (size == 0) {
+    if ((size == 0) || (groupCount == 0)) {
         return groupCount;
     } else if (list == NULL) {
         return -EFAULT;
@@ -782,7 +779,6 @@ int SysSetGroups(int size, const int list[])
 #ifdef LOSCFG_SECURITY_CAPABILITY
     int ret;
     int gid;
-    int listSize = size;
     unsigned int count;
     int *safeList = NULL;
 #endif
@@ -813,16 +809,14 @@ int SysSetGroups(int size, const int list[])
         }
         gid = OsCurrUserGet()->gid;
         for (count = 0; count < size; count++) {
-            if (safeList[count] == gid) {
-                listSize = size - 1;
-            } else if (safeList[count] < 0) {
+            if (safeList[count] < 0) {
                 ret = -EINVAL;
                 goto EXIT;
             }
         }
     }
 
-    ret = SetGroups(listSize, safeList, size);
+    ret = SetGroups(size, safeList);
 EXIT:
     if (safeList != NULL) {
         (void)LOS_MemFree(m_aucSysMem1, safeList);
-- 
GitLab