From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-1442-listarch-glibc-bugs=sources.redhat.com@sources.redhat.com>
Received: (qmail 22469 invoked by alias); 14 Jan 2005 13:22:35 -0000
Mailing-List: contact glibc-bugs-help@sources.redhat.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:glibc-bugs-subscribe@sources.redhat.com>
List-Post: <mailto:glibc-bugs@sources.redhat.com>
List-Help: <mailto:glibc-bugs-help@sources.redhat.com>, <http://sources.redhat.com/lists.html#faqs>
Sender: glibc-bugs-owner@sources.redhat.com
Received: (qmail 21762 invoked by uid 48); 14 Jan 2005 13:21:57 -0000
Date: Fri, 14 Jan 2005 13:22:00 -0000
From: "kukuk at suse dot de" <sourceware-bugzilla@sources.redhat.com>
To: glibc-bugs@sources.redhat.com
Message-ID: <20050114132151.661.kukuk@suse.de>
Reply-To: sourceware-bugzilla@sources.redhat.com
Subject: [Bug libc/661] New: getgrouplist memory corruption
X-Bugzilla-Reason: CC
X-SW-Source: 2005-01/txt/msg00062.txt.bz2
List-Id: <glibc-bugs.sourceware.org>

If you call getgrouplist with ngroups=0 as argument to find out, how 
big the buffer needs to be, it will corrupt the stack. The problem is, 
that internal_getgrouplist will always add the main group at first, 
without checking for enough space.

-- 
           Summary: getgrouplist memory corruption
           Product: glibc
           Version: 2.3.4
            Status: NEW
          Severity: critical
          Priority: P2
         Component: libc
        AssignedTo: gotom at debian dot or dot jp
        ReportedBy: kukuk at suse dot de
                CC: glibc-bugs at sources dot redhat dot com


http://sources.redhat.com/bugzilla/show_bug.cgi?id=661

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.