From: Jeffrey Bencteux <jeffbencteux@gmail.com>
Date: Thu, 26 Sep 2024 10:31:10 +0000 (+0200)
Subject: [PATCH] Fix unchecked return value of initgroups() plugin (#11856)
X-Git-Tag: archive/raspbian/8.1.11+ds-0+deb11u2+rpi1^2~1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=2dfcc54db8f0f13e8f66c549278235b3377ac5ce;p=trafficserver.git

[PATCH] Fix unchecked return value of initgroups() plugin (#11856)


The patches have beem merged into one.

Reviewed-By: Daniel Leidert <dleidert@debian.org>
Origin: https://github.com/apache/trafficserver/pull/11855
Origin: https://github.com/apache/trafficserver/pull/11872
Bug: https://github.com/advisories/GHSA-6j2p-q7p9-hmxw
Bug-Debian: https://bugs.debian.org/1087531
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2024-50306
Bug-Freexian-Security: https://deb.freexian.com/extended-lts/tracker/CVE-2024-50306

Gbp-Pq: Name CVE-2024-50306.patch
---

diff --git a/src/tscore/ink_cap.cc b/src/tscore/ink_cap.cc
index 7c53050c..1c64091b 100644
--- a/src/tscore/ink_cap.cc
+++ b/src/tscore/ink_cap.cc
@@ -160,7 +160,11 @@ impersonate(const struct passwd *pwd, ImpersonationLevel level)
 #endif
 
   // Always repopulate the supplementary group list for the new user.
-  initgroups(pwd->pw_name, pwd->pw_gid);
+  if (geteuid() == 0) { // check that we have enough rights to call initgroups()
+    if (initgroups(pwd->pw_name, pwd->pw_gid) != 0) {
+      Fatal("switching to user %s, failed to initialize supplementary groups ID %ld", pwd->pw_name, (long)pwd->pw_gid);
+    }
+  }
 
   switch (level) {
   case IMPERSONATE_PERMANENT: