]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
projects / thirdparty / shadow.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5586f43)
lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call
authorAlejandro Colomar <alx@kernel.org>
Thu, 11 Jan 2024 11:15:11 +0000 (12:15 +0100)
committerSerge Hallyn <serge@hallyn.com>
Fri, 12 Jul 2024 03:42:58 +0000 (22:42 -0500)
Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
lib/idmapping.c patch | blob | blame | history

diff --git a/lib/idmapping.c b/lib/idmapping.c
index a4a4b6811a3caff08f79871225123b0f11019fe6..da3ceefbc1b7cd559c8f8565a48b243a91239f29 100644 (file)
--- a/lib/idmapping.c
+++ b/lib/idmapping.c
@@ -68,7 +68,10 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
                        free(mappings);
                        return NULL;
                }
-               if (a2ul(&m->count, argv[argidx + 2], NULL, 0, 0, UINT_MAX) == -1) {
+               if (a2ul(&m->count, argv[argidx + 2], NULL, 0, 0,
+                        MIN(UINT_MAX - m->lower, UINT_MAX - m->upper))
+                   == -1)
+               {
                        if (errno == ERANGE) {
                                fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
                                exit(EXIT_FAILURE);
@@ -80,10 +83,6 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
                        fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
                        exit(EXIT_FAILURE);
                }
-               if (m->lower + m->count > UINT_MAX || m->upper + m->count > UINT_MAX) {
-                       fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
-                       exit(EXIT_FAILURE);
-               }
                if (m->lower + m->count < m->lower || m->upper + m->count < m->upper) {
                        /* this one really shouldn't be possible given previous checks */
                        fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
Mirror of https://github.com/shadow-maint/shadow.git