From ecc6cfeb7e6d6bb1be8cca563d22c6f8c2c6add1 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Fri, 17 Apr 2015 11:56:15 +0200 Subject: [PATCH] Fix broken PSID problem on cygheap in account handling * pwdgrp.h: Add comment to explain below change. (struct pg_pwd): Convert sid member to BYTE array. (struct pg_grp): Ditto. * grp.cc (pwdgrp::parse_group): Accommodate above change. * passwd.cc (pwdgrp::parse_passwd): Ditto. Signed-off-by: Corinna Vinschen --- winsup/cygwin/ChangeLog | 8 ++++++++ winsup/cygwin/grp.cc | 4 +++- winsup/cygwin/passwd.cc | 4 +++- winsup/cygwin/pwdgrp.h | 8 ++++++-- 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index 2ecafa0ba..a3402617c 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,11 @@ +2015-04-17 Corinna Vinschen + + * pwdgrp.h: Add comment to explain below change. + (struct pg_pwd): Convert sid member to BYTE array. + (struct pg_grp): Ditto. + * grp.cc (pwdgrp::parse_group): Accommodate above change. + * passwd.cc (pwdgrp::parse_passwd): Ditto. + 2015-04-16 Corinna Vinschen * sec_acl.cc (set_posix_access): Move merging group perms into owner diff --git a/winsup/cygwin/grp.cc b/winsup/cygwin/grp.cc index 40e1ca763..f8502100a 100644 --- a/winsup/cygwin/grp.cc +++ b/winsup/cygwin/grp.cc @@ -47,7 +47,9 @@ pwdgrp::parse_group () return false; /* Don't generate gr_mem entries. */ grp.g.gr_mem = &null_ptr; - grp.sid.getfromgr_passwd (&grp.g); + cygsid csid; + csid.getfromgr_passwd (&grp.g); + RtlCopySid (SECURITY_MAX_SID_SIZE, grp.sid, csid); return true; } diff --git a/winsup/cygwin/passwd.cc b/winsup/cygwin/passwd.cc index 7493aa443..54e429ccf 100644 --- a/winsup/cygwin/passwd.cc +++ b/winsup/cygwin/passwd.cc @@ -40,7 +40,9 @@ pwdgrp::parse_passwd () res.p.pw_gecos = next_str (':'); res.p.pw_dir = next_str (':'); res.p.pw_shell = next_str (':'); - res.sid.getfrompw_gecos (&res.p); + cygsid csid; + csid.getfrompw_gecos (&res.p); + RtlCopySid (SECURITY_MAX_SID_SIZE, res.sid, csid); /* lptr points to the \0 after pw_shell. Increment by one to get the correct required buffer len in getpw_cp. */ res.len = lptr - res.p.pw_name + 1; diff --git a/winsup/cygwin/pwdgrp.h b/winsup/cygwin/pwdgrp.h index a64cb0f5f..80c54c7fe 100644 --- a/winsup/cygwin/pwdgrp.h +++ b/winsup/cygwin/pwdgrp.h @@ -38,17 +38,21 @@ void *setgrent_filtered (int enums, PCWSTR enum_tdoms); void *getgrent_filtered (void *gr); void endgrent_filtered (void *gr); +/* NOTE: The below sid members were cygsid's originally. Don't do that. + cygsid's are pointer based. When adding new entries to the passwd or + group caches, a crealloc call potenitally moves the entries and then + the cygsid pointers point into neverneverland. */ struct pg_pwd { struct passwd p; - cygsid sid; + BYTE sid[SECURITY_MAX_SID_SIZE]; size_t len; }; struct pg_grp { struct group g; - cygsid sid; + BYTE sid[SECURITY_MAX_SID_SIZE]; size_t len; };