Avoid SEGV when handling SIDs with 0 subauthorities

	* sec_helper.cc (cygsid::get_sid): Don't reject SIDs with missing
	subauthorities.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index d3a47a4f215432b3851c560c423d9941fb8985e8..0c7c5a9c7d4ef61c5c6801f237b7a056cfe67f1a 100644 (file)
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-10-22  Corinna Vinschen  <corinna@vinschen.de>
+
+       * sec_helper.cc (cygsid::get_sid): Don't reject SIDs with missing
+       subauthorities.
+
 2015-10-22  Corinna Vinschen  <corinna@vinschen.de>
 
        * strfuncs.cc (sys_cp_wcstombs): Always return number of multibytes

diff --git a/winsup/cygwin/release/2.3.0 b/winsup/cygwin/release/2.3.0
index 99ef120ecd8436fe319482c51565cbad9eb5920b..e3abb20ce8f4607b55a0ee29d16134236123baa0 100644 (file)
--- a/winsup/cygwin/release/2.3.0
+++ b/winsup/cygwin/release/2.3.0
@@ -46,3 +46,6 @@ Bug Fixes
 - Fix memory leak in calls to pthread_getattr_np.
 
 - Fix output of /proc/<PID>/winexename.
+
+- Avoid SEGV when handling SIDs with 0 subauthorities.
+  Addresses: https://cygwin.com/ml/cygwin/2015-10/msg00141.html

diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc
index 551face2af58227923293a82d924a382066ac3c9..af3307eb44b9c6b7d51970944c0f6f72a63d061a 100644 (file)
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@@ -220,7 +220,10 @@ cygsid::get_sid (DWORD s, DWORD cnt, DWORD *r, bool well_known)
   SID_IDENTIFIER_AUTHORITY sid_auth = { SECURITY_NULL_SID_AUTHORITY };
 # define SECURITY_NT_AUTH 5
 
-  if (s > 255 || cnt < 1 || cnt > SID_MAX_SUB_AUTHORITIES)
+  /* 2015-10-22: Note that we let slip SIDs with a subauthority count of 0.
+     There are systems, which generate the SID S-1-0 as group ownership SID,
+     see https://cygwin.com/ml/cygwin/2015-10/msg00141.html. */
+  if (s > 255 || cnt > SID_MAX_SUB_AUTHORITIES)
     {
       psid = NO_SID;
       return NULL;