usermod: refuse invalid uidmaps during --add-sub{u,g}ids

It is slightly confusing to allow adding these only to later refuse them.

Here is a (lightly tested :) patch to also refuse them when adding.

Signed-off-by: Tycho Andersen <tycho@tycho.pizza>

diff --git a/src/usermod.c b/src/usermod.c
index d42dbf8c7ee4e38c6219f0d7f17d9794ca00f3d2..3c271d8f53c506cd35ece68b432209a833683a31 100644 (file)
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -331,6 +331,13 @@ static struct ulong_range getulong_range(const char *str)
        if (first > last)
                goto out;
 
+       /*
+        * uid_t in linux is an unsigned int, anything over this is an invalid
+        * range will be later refused anyway by get_map_ranges().
+        */
+       if (first > UINT_MAX || last > UINT_MAX)
+               goto out;
+
        result.first = (unsigned long)first;
        result.last = (unsigned long)last;
 out: