From d8870177c2f516a48c832e9ef90c4d90cba0a63d Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Sat, 22 Sep 2018 12:55:44 -0600
Subject: [PATCH] Pass getgrouplist() NGROUPS_MAX+1, not NGROUPS_MAX so we have
 room for the primary gid.

---
 lib/util/getgrouplist.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/util/getgrouplist.c b/lib/util/getgrouplist.c
index 4d47ade82..b791d260e 100644
--- a/lib/util/getgrouplist.c
+++ b/lib/util/getgrouplist.c
@@ -84,6 +84,7 @@ sudo_getgrouplist2_v1(const char *name, GETGROUPS_T basegid,
     grpsize = (int)sysconf(_SC_NGROUPS_MAX);
     if (grpsize < 0)
 	grpsize = NGROUPS_MAX;
+    grpsize++;	/* include space for the primary gid */
     /*
      * It is possible to belong to more groups in the group database
      * than NGROUPS_MAX.
-- 
2.50.1