From 2a5a01c22dbacd368766bcf3357ef830f90c83aa Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 18 Jan 2008 22:32:52 +0000 Subject: [PATCH] When copying gr_mem we must guarantee that the storage space for gr_mem is properly aligned. The simplest way to do this is to simply store gr_mem directly after struct group. This is not a problem for gr_passwd or gr_name as they are simple strings. --- pwutil.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pwutil.c b/pwutil.c index 1b0224b7d..f8ddac839 100644 --- a/pwutil.c +++ b/pwutil.c @@ -458,12 +458,11 @@ sudo_grdup(gr) /* * Copy in group contents and make strings relative to space - * at the end of the buffer. + * at the end of the buffer. Note that gr_mem must come + * immediately after struct group to guarantee proper alignment. */ (void)memcpy(newgr, gr, sizeof(struct group)); cp += sizeof(struct group); - FIELD_COPY(gr, newgr, gr_name, nsize); - FIELD_COPY(gr, newgr, gr_passwd, psize); if (gr->gr_mem) { newgr->gr_mem = (char **)cp; cp += sizeof(char *) * nmem; @@ -475,6 +474,8 @@ sudo_grdup(gr) } newgr->gr_mem[nmem] = NULL; } + FIELD_COPY(gr, newgr, gr_passwd, psize); + FIELD_COPY(gr, newgr, gr_name, nsize); return(newgr); } -- 2.40.0