The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1861
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Christian Brauner <[email protected]>
From b0a507d7b4282dec24ac1576ff4dbd57b57d1bdb Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Mon, 16 Oct 2017 12:22:20 +0200 Subject: [PATCH 1/2] log: prevent stack smashing Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/log.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/lxc/log.c b/src/lxc/log.c index 6ca315bd6..a99b4c8f0 100644 --- a/src/lxc/log.c +++ b/src/lxc/log.c @@ -297,7 +297,8 @@ static int log_append_logfile(const struct lxc_log_appender *appender, if ((size_t)n < (sizeof(buffer) - 1)) n += vsnprintf(buffer + n, sizeof(buffer) - n, event->fmt, *event->vap); - else + + if ((size_t)n >= sizeof(buffer)) n = sizeof(buffer) - 1; buffer[n] = '\n'; From 5220b71b0c8a9aa48a58f58781669317f196aa32 Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Mon, 16 Oct 2017 12:50:49 +0200 Subject: [PATCH 2/2] conf: error out on too many mappings The kernel only allows 4k writes to most files in /proc including {g,u}id_map so let's not try to write partial mappings. (This will obviously become a lot more relevant when my patch to extend the idmap limit in the kernel is merged.) Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/conf.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 6871b83a0..719eac79b 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -2701,9 +2701,6 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) pos += sprintf(mapbuf, "new%cidmap %d", u_or_g, pid); lxc_list_for_each(iterator, idmap) { - /* The kernel only takes <= 4k for writes to - * /proc/<nr>/[ug]id_map - */ map = iterator->elem; if (map->idtype != type) continue; @@ -2715,8 +2712,13 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) use_shadow ? " " : "", map->nsid, map->hostid, map->range, use_shadow ? "" : "\n"); - if (fill <= 0 || fill >= left) - SYSERROR("Too many {g,u}id mappings defined."); + if (fill <= 0 || fill >= left) { + /* The kernel only takes <= 4k for writes to + * /proc/<pid>/{g,u}id_map + */ + SYSERROR("Too many %cid mappings defined: %zu", u_or_g); + return -1; + } pos += fill; }
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
