From: Christian Brauner Date: Tue, 23 Feb 2021 21:08:48 +0000 (+0100) Subject: af_unix: prevent oob writes X-Git-Tag: lxc-5.0.0~271^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92fea74bfe5186184d26c5bc89bd2d8f1895574b;p=thirdparty%2Flxc.git af_unix: prevent oob writes Fixes: Coverity 1473309 Signed-off-by: Christian Brauner --- diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c index 526e38ad0..747e68820 100644 --- a/src/lxc/af_unix.c +++ b/src/lxc/af_unix.c @@ -218,7 +218,7 @@ again: * which exceeds the kernel limit we know about so * close them and return an error. */ - if (num_raw > KERNEL_SCM_MAX_FD) { + if (num_raw >= KERNEL_SCM_MAX_FD) { for (idx = 0; idx < num_raw; idx++) close(fds_raw[idx]);