NC | supplemental groups - replace getpwuid with getpwuid_r

Signed-off-by: nadav mizrahi <[email protected]>

Author: nadavMiz

src/native/fs/fs_napi.cpp

@@ -2420,6 +2420,7 @@ fs_napi(Napi::Env env, Napi::Object exports)
         passwd_bufsize = 16384;
     }
     PASSWD_BUF_SIZE = passwd_bufsize;
+    ThreadScope::set_passwd_buf_size(PASSWD_BUF_SIZE);
 
 
 #ifdef O_DIRECT

src/native/util/os.h

@@ -41,11 +41,17 @@ class ThreadScope
         change_user();
     }
 
+    static void set_passwd_buf_size(int buf_size)
+    {
+        passwd_buf_size = buf_size;
+    }
+
     int add_thread_capabilities();
 
     const static uid_t orig_uid;
     const static gid_t orig_gid;
     const static std::vector<gid_t> orig_groups;
+    static int passwd_buf_size;
 
     static std::vector<gid_t> get_process_groups();
 

src/native/util/os_darwin.cpp

@@ -43,15 +43,18 @@ get_current_uid()
 const uid_t ThreadScope::orig_uid = getuid();
 const gid_t ThreadScope::orig_gid = getgid();
 const std::vector<gid_t> ThreadScope::orig_groups = get_process_groups();
+int ThreadScope::passwd_buf_size = -1;
 
 static int
 get_supplemental_groups_by_uid(uid_t uid, std::vector<gid_t>& groups)
 {
-    // getpwuid will only indicate if an error happened by setting errno. set it to 0, so will know if there is a change
-    errno = 0;
-    struct passwd* pw = getpwuid(uid);
-    if (pw == NULL) {
-        if (errno == 0) {
+    std::unique_ptr<char[]> buf(new char[ThreadScope::passwd_buf_size]);
+    struct passwd pwd;
+    struct passwd *getpwnam_res;
+
+    const int res = getpwuid_r(uid, &pwd, buf.get(), ThreadScope::passwd_buf_size, &getpwnam_res);
+    if (getpwnam_res == NULL) {
+        if (res == 0) {
             // LOG("get_supplemental_groups_by_uid: no record for uid " << uid);
         } else {
             LOG("WARNING: get_supplemental_groups_by_uid: getpwuid failed: " << strerror(errno));
@@ -61,7 +64,7 @@ get_supplemental_groups_by_uid(uid_t uid, std::vector<gid_t>& groups)
     int ngroups = NGROUPS_MAX;
     //for some reason on mac getgrouplist accepts an array of int instead of gid_t. so need to create a vector of int and then insert it into groups
     std::vector<int> tmp_groups(ngroups);
-    if (getgrouplist(pw->pw_name, pw->pw_gid, &tmp_groups[0], &ngroups) < 0) {
+    if (getgrouplist(pwd.pw_name, pwd.pw_gid, &tmp_groups[0], &ngroups) < 0) {
         LOG("get_supplemental_groups_by_uid: getgrouplist failed: ngroups too small " << ngroups);
         return -1;
     }

src/native/util/os_linux.cpp

@@ -27,17 +27,20 @@ get_current_uid()
 
 const uid_t ThreadScope::orig_uid = getuid();
 const gid_t ThreadScope::orig_gid = getgid();
+int ThreadScope::passwd_buf_size = -1;
 
 const std::vector<gid_t> ThreadScope::orig_groups = get_process_groups();
 
 static int
 get_supplemental_groups_by_uid(uid_t uid, std::vector<gid_t>& groups)
 {
-    // getpwuid will only indicate if an error happened by setting errno. set it to 0, so will know if there is a change
-    errno = 0;
-    struct passwd* pw = getpwuid(uid);
-    if (pw == NULL) {
-        if (errno == 0) {
+    std::unique_ptr<char[]> buf(new char[ThreadScope::passwd_buf_size]);
+    struct passwd pwd;
+    struct passwd *getpwnam_res;
+    
+    const int res = getpwuid_r(uid, &pwd, buf.get(), ThreadScope::passwd_buf_size, &getpwnam_res);
+    if (getpwnam_res == NULL) {
+        if (res == 0) {
             // LOG("get_supplemental_groups_by_uid: no record for uid " << uid);
         } else {
             LOG("WARNING: get_supplemental_groups_by_uid: getpwuid failed: " << strerror(errno));
@@ -46,7 +49,7 @@ get_supplemental_groups_by_uid(uid_t uid, std::vector<gid_t>& groups)
     }
     int ngroups = NGROUPS_MAX;
     groups.resize(ngroups);
-    if (getgrouplist(pw->pw_name, pw->pw_gid, &groups[0], &ngroups) < 0) {
+    if (getgrouplist(pwd.pw_name, pwd.pw_gid, &groups[0], &ngroups) < 0) {
         LOG("get_supplemental_groups_by_uid: getgrouplist failed: ngroups too small " << ngroups);
         return -1;
     }