From 3faebe6abc04ea8d632bee4537948ca85479c09a Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Thu, 10 May 2012 15:34:53 -0700
Subject: Hurd: Fix setres[ug]id handling of -1

---
 sysdeps/mach/hurd/setresuid.c | 75 +++++++++++++++++++++++++++++++++++--------
 1 file changed, 61 insertions(+), 14 deletions(-)

(limited to 'sysdeps/mach/hurd/setresuid.c')

diff --git a/sysdeps/mach/hurd/setresuid.c b/sysdeps/mach/hurd/setresuid.c
index 35aea85876..751763f5a9 100644
--- a/sysdeps/mach/hurd/setresuid.c
+++ b/sysdeps/mach/hurd/setresuid.c
@@ -1,5 +1,5 @@
 /* setresuid -- set real user ID, effective user ID, and saved-set user ID
-   Copyright (C) 2002, 2005, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2002-2012 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -28,7 +28,6 @@ __setresuid (uid_t ruid, uid_t euid, uid_t suid)
 {
   auth_t newauth;
   error_t err;
-  uid_t auids[2] = { ruid, suid };
 
   HURD_CRITICAL_BEGIN;
   __mutex_lock (&_hurd_id.lock);
@@ -37,26 +36,74 @@ __setresuid (uid_t ruid, uid_t euid, uid_t suid)
   if (!err)
     {
       /* Make a new auth handle which has EUID as the first element in the
-         list of effective uids.  */
+	 list of effective uids.  */
 
-      if (_hurd_id.gen.nuids > 0)
+      uid_t *newgen, *newaux;
+      uid_t auxs[2] = { ruid, suid };
+      size_t ngen, naux;
+
+      newgen = _hurd_id.gen.uids;
+      ngen = _hurd_id.gen.nuids;
+      if (euid != -1)
 	{
-	  _hurd_id.gen.uids[0] = euid;
-	  _hurd_id.valid = 0;
+	  if (_hurd_id.gen.nuids == 0)
+	    {
+	      /* No effective uids now.  The new set will be just UID.  */
+	      newgen = &euid;
+	      ngen = 1;
+	    }
+	  else
+	    {
+	      _hurd_id.gen.uids[0] = euid;
+	      _hurd_id.valid = 0;
+	    }
 	}
-      if (_hurd_id.aux.nuids > 1)
+
+      newaux = _hurd_id.aux.uids;
+      naux = _hurd_id.aux.nuids;
+      if (ruid != -1)
+	{
+	  if (_hurd_id.aux.nuids == 0)
+	    {
+	      newaux = &ruid;
+	      naux = 1;
+	    }
+	  else
+	    {
+	      _hurd_id.aux.uids[0] = ruid;
+	      _hurd_id.valid = 0;
+	    }
+	}
+
+      if (suid != -1)
 	{
-	  _hurd_id.aux.uids[0] = ruid;
-	  _hurd_id.aux.uids[1] = suid;
-	  _hurd_id.valid = 0;
+	  if (ruid == -1)
+	    {
+	      if (_hurd_id.aux.nuids >= 1)
+		auxs[0] = _hurd_id.aux.uids[0];
+	      else if (_hurd_id.gen.nuids >= 1)
+		auxs[0] = _hurd_id.gen.uids[0];
+	      else
+		/* Not even an effective UID.
+                   Fall back to the only UID we have. */
+		auxs[0] = suid;
+	    }
+	  if (_hurd_id.aux.nuids <= 1)
+	    {
+	      /* No saved uids now.  The new set will be just UID.  */
+	      newaux = auxs;
+	      naux = 2;
+	    }
+	  else
+	    {
+	      _hurd_id.aux.uids[1] = suid;
+	      _hurd_id.valid = 0;
+	    }
 	}
 
       err = __USEPORT (AUTH, __auth_makeauth
 		       (port, NULL, MACH_MSG_TYPE_COPY_SEND, 0,
-			_hurd_id.gen.nuids ? _hurd_id.gen.uids : &euid,
-			_hurd_id.gen.nuids ?: 1,
-			_hurd_id.aux.nuids > 1 ? _hurd_id.aux.uids : auids,
-			_hurd_id.aux.nuids > 1 ? _hurd_id.aux.nuids : 2,
+			newgen, ngen, newaux, naux,
 			_hurd_id.gen.gids, _hurd_id.gen.ngids,
 			_hurd_id.aux.gids, _hurd_id.aux.ngids,
 			&newauth));
-- 
cgit v1.2.3