On Wed, 16 Jun 2021 at 18:49, Winkel,Ralf <ralf.winkel@xxxxxxx> wrote:
> I assume that it happens because getgrouplist() in
> openssh-portable/openbsd-compat/port-aix.c
> returns -1 if it finds a GID >= LONG_MAX.
> The code in getgrouplist() in port-aix.c is stil the same in the actual
> openssh version.
> The issue doesn't happen with OpenSSH_7.5p1, OpenSSL 1.0.2t 10 Sep 2019
> (also from the IBM download site).
> I don't understand, why OpenSSH_7.5p1 is not affected even if it has the
> same code in getgrouplist().
>
Maybe the one without the problem was compiled 64bit?
$ grep -C1 LONG_MAX /usr/include/limits.h
#ifdef __64BIT__
#define LONG_MAX (9223372036854775807)
AIX permits UIDs and GIDs up to 4294967295 (ULONG_MAX).
>
On my system it's UINT_MAX.
May I suggest to replace
>
> l = strtol(grp, NULL, 10);
> if (ngroups >= maxgroups || l == LONG_MIN || l == LONG_MAX) {
>
> with
>
> l = strtoll(grp, NULL, 10);
> if (ngroups >= maxgroups || l < 0 || l > UID_MAX) {
>
I can see how that would explain it, although I have not been able to
reproduce it on my (ancient, 32bit) AIX system. I'll make the change you
suggest.
Thanks for the analysis and report.
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
