From: Christian Brauner Date: Sat, 27 Mar 2021 13:31:50 +0000 (+0100) Subject: confile: prevent recursion when parsing networks X-Git-Tag: lxc-5.0.0~237^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1504790389f07348e722aa760cf06ef3234fc265;p=thirdparty%2Flxc.git confile: prevent recursion when parsing networks Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558 Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484 Signed-off-by: Christian Brauner --- diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 44e2ae66f..3c5cb9060 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -5229,6 +5229,8 @@ static struct lxc_config_t *get_network_config_ops(const char *key, *idx_end = '.'; if (strlen(idx_end + 1) == 0) return log_error_errno(NULL, EINVAL, "No subkey in network configuration key \"%s\"", key); + if (isdigit(*(idx_end + 1))) + return log_error_errno(NULL, EINVAL, "Key can't contain more than one index"); memmove(copy + STRLITERALLEN("lxc.net."), idx_end + 1, strlen(idx_end + 1)); copy[strlen(key) - (numstrlen + 1)] = '\0';