If you call getgrouplist with ngroups=0 as argument to find out, how big the buffer needs to be, it will corrupt the stack. The problem is, that internal_getgrouplist will always add the main group at first, without checking for enough space.
Created attachment 352 [details] Patch to check for enough space
Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Changes by: roland@sources.redhat.com 2005-03-29 23:39:59 Modified files: grp : initgroups.c Log message: 2005-03-29 Thorsten Kukuk <kukuk@suse.de> [BZ #661] * grp/initgroups.c (internal_getgrouplist): Check if we have enough space before adding the primary group to the list. Patches: http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&r1=1.33&r2=1.34
Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Branch: glibc-2_3-branch Changes by: roland@sources.redhat.com 2005-03-29 23:40:49 Modified files: grp : initgroups.c Log message: 2005-03-29 Thorsten Kukuk <kukuk@suse.de> [BZ #661] * grp/initgroups.c (internal_getgrouplist): Check if we have enough space before adding the primary group to the list. Patches: http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.33&r2=1.33.2.1
Now in both branches.
Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Changes by: drepper@sourceware.org 2006-08-03 15:25:19 Modified files: grp : initgroups.c Log message: (internal_getgrouplist): Remove unnecessary test introduced in patch for bz #661. (getgrouplist): Simplify code a bit. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&r1=1.34&r2=1.35