Kernel+LibC: Enforce a limit on the number of supplementary group IDs

This patch adds the NGROUPS_MAX constant and enforces it in sys$setgroups() to ensure that no process has more than 32 supplementary group IDs. The number doesn't mean anything in particular, just had to pick a number. Perhaps one day we'll have a reason to change it.
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/9eeee24a39
2022-08-20 22:22:58 +02:00 · 2022-08-20 22:22:58 +02:00 · 9eeee24a39 · 2024-07-17 08:07:04 +09:00
commit 9eeee24a39
parent 998c1152ef
3 changed files with 15 additions and 1 deletions
--- a/Kernel/API/POSIX/sys/limits.h
+++ b/Kernel/API/POSIX/sys/limits.h
@ -0,0 +1,9 @@
+/*
+ * Copyright (c) 2022, Andreas Kling <kling@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#define NGROUPS_MAX 32
--- a/Kernel/Syscalls/setuid.cpp
+++ b/Kernel/Syscalls/setuid.cpp
@ -4,6 +4,7 @@
 * SPDX-License-Identifier: BSD-2-Clause
 */

+#include <Kernel/API/POSIX/sys/limits.h>
 #include <Kernel/Process.h>

 namespace Kernel {
@ -246,6 +247,9 @@ ErrorOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<GroupID const*>
    VERIFY_NO_PROCESS_BIG_LOCK(this);
    TRY(require_promise(Pledge::id));

+    if (count > NGROUPS_MAX)
+        return EINVAL;
+
    auto credentials = this->credentials();

    if (!credentials->is_superuser())
--- a/Userland/Libraries/LibC/limits.h
+++ b/Userland/Libraries/LibC/limits.h
@ -1,11 +1,12 @@
 /*
- * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
+ * Copyright (c) 2018-2022, Andreas Kling <kling@serenityos.org>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 */

 #pragma once

+#include <Kernel/API/POSIX/sys/limits.h>
 #include <bits/stdint.h>
 #include <bits/wchar.h>