get_pid.c: Use tighter validation checks

Neither a pid_t below 1 nor a negative fd could be valid in this context.

Proof of Concept:

$ newuidmap -1 1 1 1
newuidmap: Could not open proc directory for target 4294967295

Signed-off-by: Samanta Navarro <ferivoz@riseup.net>

diff --git a/lib/get_pid.c b/lib/get_pid.c
index 8e5e6014b05b8718a609a4124e3ff83213ebb10c..20f4ce429b8ac6d2116c7a3392ee9a4e07dc8485 100644 (file)
--- a/lib/get_pid.c
+++ b/lib/get_pid.c
@@ -24,6 +24,7 @@ int get_pid (const char *pidstr, pid_t *pid)
        if (   ('\0' == *pidstr)
            || ('\0' != *endptr)
            || (ERANGE == errno)
+           || (val < 1)
            || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
                return 0;
        }
@@ -49,7 +50,8 @@ int get_pidfd_from_fd(const char *pidfdstr)
        if (   ('\0' == *pidfdstr)
            || ('\0' != *endptr)
            || (ERANGE == errno)
-           || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
+           || (val < 0)
+           || (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) {
                return -1;
        }