Re: [libvirt] [PATCH 1/2] util: add virGetGroupList

>> + /* Figure out what size list to expect */ >> + getgrouplist(pwd.pw_name, gid, groups, &ngroups); > > Do we need to be concerned about the "BUGS" info in the manpage? > > BUGS > In glibc versions before 2.3.3, the implementation of > this function contains a buffer-overrun bug: it returns > the complete list of groups for user in the array > groups, even when the number of groups exceeds *ngroups. > > Is anyone running that vintage of glibc? It sounds *kind of* like it > could hit that if ngroups is 0 (but doesn't specifically say that). So I did some digging, and gnulib has an 'mgetgroups' module (unfortunately GPL, but maybe I could get it relaxed if we wanted to use that instead)

I'll do a v2 that either works around the bug, or which delegates to the gnulib module (depending on response on the gnulib list about a license relax request).