You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
C function subprocess_fork_exec incorrectly transforms gids from the extra_groups argument because it passes unsigned long* rather than pid_t* into the _Py_Gid_Converter(). Assuming that gid_t is 32 bit and unsigned long is 64 bit (which it often is), *(gid_t *)p = gid; then incorrectly overwrites only part of that variable, leaving the other one filled with previous garbage.
I found this on Solaris, but I am pretty sure that this doesn't work correctly on Linux as well, since both use unsigned int as gid_t.
This bug would have been caught at compile time if _Py_Gid_Converter() used gid_t * instead of void *. I couldn't find any call sites where void * would be needed, so probably _Py_Gid_Converter() should be fixed too (in a separate PR/issue?). The same applies to _Py_Uid_Converter().