morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity

nspawn-oci: update overflow check

Browse Source 
Fixes CID#1548072.
This commit is contained in:
Yu Watanabe
2025-03-19 11:12:33 +09:00
parent 816c6ec883
commit 91c4d1affd
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/nspawn/nspawn-oci.c
View File

@@ -700,8 +700,8 @@ static int oci_uid_gid_mappings(const char *name, sd_json_variant *v, sd_json_di
if (r < 0)
return r;
if (data.host_id + data.range < data.host_id ||
data.container_id + data.range < data.container_id)
if (data.range > UINT32_MAX - data.host_id ||
data.range > UINT32_MAX - data.container_id)
return json_log(v, flags, SYNTHETIC_ERRNO(EINVAL),
"UID/GID range goes beyond UID/GID validity range, refusing.");