File tree Expand file tree Collapse file tree 1 file changed +8
-0
lines changed Expand file tree Collapse file tree 1 file changed +8
-0
lines changed Original file line number Diff line number Diff line change @@ -1420,6 +1420,14 @@ pub fn getgroups() -> Result<Vec<Gid>> {
14201420 // Next, get the number of groups so we can size our Vec
14211421 let ngroups = unsafe { libc:: getgroups ( 0 , ptr:: null_mut ( ) ) } ;
14221422
1423+ // If there are no supplementary groups, return early.
1424+ // This prevents a potential buffer over-read if the number of groups
1425+ // increases from zero before the next call. It would return the total
1426+ // number of groups beyond the capacity of the buffer.
1427+ if ngroups == 0 {
1428+ return Ok ( Vec :: new ( ) ) ;
1429+ }
1430+
14231431 // Now actually get the groups. We try multiple times in case the number of
14241432 // groups has changed since the first call to getgroups() and the buffer is
14251433 // now too small.
You can’t perform that action at this time.
0 commit comments