Kernel+LibC: Enforce a limit on the number of supplementary group IDs

This patch adds the NGROUPS_MAX constant and enforces it in
sys$setgroups() to ensure that no process has more than 32 supplementary
group IDs.

The number doesn't mean anything in particular, just had to pick a
number. Perhaps one day we'll have a reason to change it.

Kernel/API/POSIX/sys/limits.h

@@ -0,0 +1,9 @@
+/*
+ * Copyright (c) 2022, Andreas Kling <kling@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#define NGROUPS_MAX 32

Kernel/Syscalls/setuid.cpp

@@ -4,6 +4,7 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
+#include <Kernel/API/POSIX/sys/limits.h>
 #include <Kernel/Process.h>
 
 namespace Kernel {
@@ -246,6 +247,9 @@ ErrorOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<GroupID const*>
     VERIFY_NO_PROCESS_BIG_LOCK(this);
     TRY(require_promise(Pledge::id));
 
+    if (count > NGROUPS_MAX)
+        return EINVAL;
+
     auto credentials = this->credentials();
 
     if (!credentials->is_superuser())

Userland/Libraries/LibC/limits.h

@@ -1,11 +1,12 @@
 /*
- * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
+ * Copyright (c) 2018-2022, Andreas Kling <kling@serenityos.org>
  *
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
 #pragma once
 
+#include <Kernel/API/POSIX/sys/limits.h>
 #include <bits/stdint.h>
 #include <bits/wchar.h>