Quoting Dan Smith ([email protected]): > + ret = cr_read_string(ctx, nn, hh.nodename_len); > + if (ret < 0) > + goto out; > + > + ret = cr_read_string(ctx, dn, hh.domainname_len); > + if (ret < 0) > + goto out; > + > + ret = sys_unshare(CLONE_NEWUTS); > + if (ret) > + goto out; > + > + ns = t->nsproxy->uts_ns; > + memcpy(ns->name.nodename, nn, hh.nodename_len); > + memcpy(ns->name.domainname, dn, hh.domainname_len);
Actually, I think you must make sure the user didn't slip in a nodename_len which was > sizeof(ns->name.nodename). -serge _______________________________________________ Containers mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/containers _______________________________________________ Devel mailing list [email protected] https://openvz.org/mailman/listinfo/devel
