From d1527a3b8405d92f638c46c8250f2636ba18c644 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Fri, 25 Nov 2022 16:22:47 +0800
Subject: [PATCH 49/54] add primary group to additional groups

Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
---
 src/daemon/modules/image/image_rootfs_handler.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/daemon/modules/image/image_rootfs_handler.c b/src/daemon/modules/image/image_rootfs_handler.c
index 842c1dd3..a76363d0 100644
--- a/src/daemon/modules/image/image_rootfs_handler.c
+++ b/src/daemon/modules/image/image_rootfs_handler.c
@@ -546,6 +546,13 @@ int get_user_from_image_roofs(const char *basefs, const host_config *hc, const c
         }
     }
 
+    // CVE-2022-36109
+    // add primary group to additional groups
+    ret = append_additional_gids(puser->gid, &puser->additional_gids, &puser->additional_gids_len);
+    if (ret != 0) {
+        goto cleanup;
+    }
+
 cleanup:
     if (f_passwd != NULL) {
         fclose(f_passwd);
-- 
2.25.1