summaryrefslogtreecommitdiff
path: root/lib/group-member.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/group-member.c')
-rw-r--r--lib/group-member.c90
1 files changed, 38 insertions, 52 deletions
diff --git a/lib/group-member.c b/lib/group-member.c
index 0187026..365e166 100644
--- a/lib/group-member.c
+++ b/lib/group-member.c
@@ -1,12 +1,12 @@
/* group-member.c -- determine whether group id is in calling user's group list
- Copyright (C) 1994, 1997, 1998, 2003, 2005, 2006 Free Software
+ Copyright (C) 1994, 1997-1998, 2003, 2005-2006, 2009-2016 Free Software
Foundation, Inc.
- This program is free software; you can redistribute it and/or modify
+ This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2, or (at your option)
- any later version.
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -14,99 +14,85 @@
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software Foundation,
- Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
#include <config.h>
-#include "group-member.h"
+/* Specification. */
+#include <unistd.h>
-#include <stdbool.h>
#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
-#include <unistd.h>
+#include "xalloc-oversized.h"
-#include "xalloc.h"
+/* Most processes have no more than this many groups, and for these
+ processes we can avoid using malloc. */
+enum { GROUPBUF_SIZE = 100 };
struct group_info
{
- int n_groups;
- GETGROUPS_T *group;
+ gid_t *group;
+ gid_t groupbuf[GROUPBUF_SIZE];
};
-#if HAVE_GETGROUPS
-
static void
free_group_info (struct group_info const *g)
{
- free (g->group);
+ if (g->group != g->groupbuf)
+ free (g->group);
}
-static bool
+static int
get_group_info (struct group_info *gi)
{
- int n_groups;
- int n_group_slots = getgroups (0, NULL);
- GETGROUPS_T *group;
-
- if (n_group_slots < 0)
- return false;
+ int n_groups = getgroups (GROUPBUF_SIZE, gi->groupbuf);
+ gi->group = gi->groupbuf;
- /* Avoid xnmalloc, as it goes awry when SIZE_MAX < n_group_slots. */
- if (xalloc_oversized (n_group_slots, sizeof *group))
- xalloc_die ();
- group = xmalloc (n_group_slots * sizeof *group);
- n_groups = getgroups (n_group_slots, group);
-
- /* In case of error, the user loses. */
if (n_groups < 0)
{
- free (group);
- return false;
+ int n_group_slots = getgroups (0, NULL);
+ if (0 <= n_group_slots
+ && ! xalloc_oversized (n_group_slots, sizeof *gi->group))
+ {
+ gi->group = malloc (n_group_slots * sizeof *gi->group);
+ if (gi->group)
+ n_groups = getgroups (n_group_slots, gi->group);
+ }
}
- gi->n_groups = n_groups;
- gi->group = group;
-
- return true;
+ /* In case of error, the user loses. */
+ return n_groups;
}
-#endif /* not HAVE_GETGROUPS */
-
/* Return non-zero if GID is one that we have in our groups list.
- If there is no getgroups function, return non-zero if GID matches
- either of the current or effective group IDs. */
+ Note that the groups list is not guaranteed to contain the current
+ or effective group ID, so they should generally be checked
+ separately. */
int
group_member (gid_t gid)
{
-#ifndef HAVE_GETGROUPS
- return ((gid == getgid ()) || (gid == getegid ()));
-#else
int i;
int found;
struct group_info gi;
-
- if (! get_group_info (&gi))
- return 0;
+ int n_groups = get_group_info (&gi);
/* Search through the list looking for GID. */
found = 0;
- for (i = 0; i < gi.n_groups; i++)
+ for (i = 0; i < n_groups; i++)
{
if (gid == gi.group[i])
- {
- found = 1;
- break;
- }
+ {
+ found = 1;
+ break;
+ }
}
free_group_info (&gi);
return found;
-#endif /* HAVE_GETGROUPS */
}
#ifdef TEST
@@ -120,7 +106,7 @@ main (int argc, char **argv)
program_name = argv[0];
- for (i=1; i<argc; i++)
+ for (i = 1; i < argc; i++)
{
gid_t gid;