git: b725f232f3b0 - main - groupmember(): Extract the supplementary group search in a separate function

Thu, 28 Sep 2023 08:12:04 -0700 

The branch main has been updated by mhorne:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=b725f232f3b09b4bcbc426854fe1545234c66965

commit b725f232f3b09b4bcbc426854fe1545234c66965
Author:     Olivier Certner <olce.free...@certner.fr>
AuthorDate: 2023-08-17 23:54:44 +0000
Commit:     Mitchell Horne <mho...@freebsd.org>
CommitDate: 2023-09-28 15:05:46 +0000

    groupmember(): Extract the supplementary group search in a separate function
    
    This is in preparation for the introduction of the new realgroupmember()
    function, which does the same search into supplementary groups as
    groupmember().
    
    Reviewed by:            mhorne
    MFC after:              2 weeks
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40640
---
 sys/kern/kern_prot.c | 41 ++++++++++++++++++++++++-----------------
 1 file changed, 24 insertions(+), 17 deletions(-)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 04aaebf0de63..cbaeb1a50814 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1277,36 +1277,43 @@ sys___setugid(struct thread *td, struct __setugid_args 
*uap)
 }
 
 /*
- * Check if gid is a member of the group set.
+ * Returns whether gid designates a supplementary group in cred.
  */
-int
-groupmember(gid_t gid, struct ucred *cred)
+static int
+supplementary_group_member(gid_t gid, struct ucred *cred)
 {
-       int l;
-       int h;
-       int m;
-
-       if (cred->cr_groups[0] == gid)
-               return(1);
+       int l, h, m;
 
        /*
-        * If gid was not our primary group, perform a binary search
-        * of the supplemental groups.  This is possible because we
-        * sort the groups in crsetgroups().
+        * Perform a binary search of the supplemental groups.  This is possible
+        * because we sort the groups in crsetgroups().
         */
        l = 1;
        h = cred->cr_ngroups;
+
        while (l < h) {
-               m = l + ((h - l) / 2);
+               m = l + (h - l) / 2;
                if (cred->cr_groups[m] < gid)
-                       l = m + 1; 
+                       l = m + 1;
                else
-                       h = m; 
+                       h = m;
        }
-       if ((l < cred->cr_ngroups) && (cred->cr_groups[l] == gid))
+
+       return (l < cred->cr_ngroups && cred->cr_groups[l] == gid);
+}
+
+/*
+ * Check if gid is a member of the (effective) group set (i.e., effective and
+ * supplementary groups).
+ */
+int
+groupmember(gid_t gid, struct ucred *cred)
+{
+
+       if (cred->cr_groups[0] == gid)
                return (1);
 
-       return (0);
+       return (supplementary_group_member(gid, cred));
 }
 
 /*

Reply via email to