]> git.ipfire.org Git - thirdparty/libcgroup.git/commit
projects / thirdparty / libcgroup.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: edd5497) | patch
api.c: prevent array out-of-bounds access in cgroup_create_template_group
authorMikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
Wed, 11 Jun 2025 13:37:46 +0000 (16:37 +0300)
committerTom Hromatka <tom.hromatka@oracle.com>
Mon, 16 Jun 2025 14:39:20 +0000 (08:39 -0600)
commita34831579172371ec55272b07e5f2995eea1459f
tree4390b461e1be7f68eda84a49c65f4209c3e8c108tree | snapshot
parentedd5497c2027818aebba2c5eb28c9b27eb0d3efacommit | diff
api.c: prevent array out-of-bounds access in cgroup_create_template_group

In the function src/api.c/cgroup_create_template_group,
the loop condition:

while (tmp->controllers[i] != NULL) {

allows accessing tmp->controllers[MAX_MNT_ELEMENTS] if tmp->controllers
is full and lacks a terminating NULL.

Add explicit bounds checking (i < MAX_MNT_ELEMENTS) while maintaining
the NULL check. This ensures that there will never be reading past
the array boundaries regardless of its content.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Mikhail Dmitrichenko <m.dmitrichenko222@gmail.com>
Acked-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
src/api.c diff | blob | blame | history
Mirror of https://github.com/libcgroup/libcgroup.git