From e14ea3f5c37475e12a3b7fb7bd3165b0a4e77c51 Mon Sep 17 00:00:00 2001 From: Csaba Henk Date: Wed, 5 Jul 2017 17:48:37 +0200 Subject: groups: don't allocate auxiliary gid list on stack When glusterfs wants to retrieve the list of auxiliary gids of a user, it typically allocates a sufficiently big gid_t array on stack and calls getgrouplist(3) with it. However, "sufficiently big" means to be of maximum supported gid list size, which in GlusterFS is GF_MAX_AUX_GROUPS = 64k. That means a 64k * sizeof(gid_t) = 256k allocation, which is big enough to overflow the stack in certain cases. A further observation is that stack allocation of the gid list brings no gain, as in all cases the content of the gid list eventually gets copied over to a heap allocated buffer. So we add a convenience wrapper of getgrouplist to libglusterfs called gf_getgrouplist which calls getgrouplist with a sufficiently big heap allocated buffer (it takes care of the allocation too). We are porting all the getgrouplist invocations to gf_getgrouplist and thus eliminate the huge stack allocation. BUG: 1464327 Change-Id: Icea76d0d74dcf2f87d26cb299acc771ca3b32d2b Signed-off-by: Csaba Henk Reviewed-on: https://review.gluster.org/17706 Smoke: Gluster Build System Reviewed-by: Niels de Vos Reviewed-by: Amar Tumballi CentOS-regression: Gluster Build System --- libglusterfs/src/common-utils.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'libglusterfs/src/common-utils.h') diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h index c3c5ec77350..6a260c090c8 100644 --- a/libglusterfs/src/common-utils.h +++ b/libglusterfs/src/common-utils.h @@ -918,4 +918,7 @@ get_ip_from_addrinfo (struct addrinfo *addr, char **ip); int close_fds_except (int *fdv, size_t count); + +int +gf_getgrouplist (const char *user, gid_t group, gid_t **groups); #endif /* _COMMON_UTILS_H */ -- cgit