From: Christian Brauner Date: Sat, 27 Mar 2021 13:31:50 +0000 (+0100) Subject: confile: prevent recursion when parsing networks X-Git-Tag: lxc-4.0.7~134 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0274a0ee9ff1122c4304c0441f60da9d7a966124;p=thirdparty%2Flxc.git confile: prevent recursion when parsing networks Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558 Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484 Signed-off-by: Christian Brauner --- diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 9ff8f90f6..d6d77ab5e 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -4759,6 +4759,8 @@ static struct lxc_config_t *get_network_config_ops(const char *key, *idx_end = '.'; if (strlen(idx_end + 1) == 0) return log_error_errno(NULL, EINVAL, "No subkey in network configuration key \"%s\"", key); + if (isdigit(*(idx_end + 1))) + return log_error_errno(NULL, EINVAL, "Key can't contain more than one index"); memmove(copy + STRLITERALLEN("lxc.net."), idx_end + 1, strlen(idx_end + 1)); copy[strlen(key) - (numstrlen + 1)] = '\0';