]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
projects / thirdparty / shadow.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 403910a)
lib/subordinateio.c: find_free_range(): Validate input more carefully
authorAlejandro Colomar <alx@kernel.org>
Sun, 15 Mar 2026 14:55:30 +0000 (15:55 +0100)
committerSerge Hallyn <serge@hallyn.com>
Fri, 10 Apr 2026 03:20:34 +0000 (22:20 -0500)
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
lib/subordinateio.c patch | blob | blame | history

diff --git a/lib/subordinateio.c b/lib/subordinateio.c
index 33c99f957465a4dd570c359f5c4394357b6b5d21..a983f9311e51a686a5444295a09549b93c482ac6 100644 (file)
--- a/lib/subordinateio.c
+++ b/lib/subordinateio.c
@@ -335,8 +335,7 @@ find_free_range(struct commonio_db *db, id_t min, id_t max, unsigned long count)
        id_t                           low, high;
        const struct subordinate_range *range;
 
-       /* When given invalid parameters fail */
-       if ((count == 0) || (max < min)) {
+       if (count == 0 || max < min || count - 1 > max - min) {
                errno = ERANGE;
                return -1;
        }
Mirror of https://github.com/shadow-maint/shadow.git