From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Fri, 25 May 2018 09:44:42 +0000 (+0200)
Subject: seccomp: re-add action parse error handling
X-Git-Tag: lxc-3.1.0~288^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f858dd50cff72855f4fe305c150eeb02387f8fb5;p=thirdparty%2Flxc.git

seccomp: re-add action parse error handling

This can happen when the 'errno' action can't parse its
supplied number.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: f67c94d00a0d ("seccomp: parse_v2_rules()")
---

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 057e57082..dcf37447f 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -257,6 +257,11 @@ static int parse_v2_rules(char *line, uint32_t def_action,
 
 	/* read optional action which follows the syscall */
 	rules->action = get_v2_action(tmp, def_action);
+	if (rules->action == -1) {
+		ERROR("Failed to interpret action");
+		ret = -1;
+		goto out;
+	}
 
 	ret = 0;
 	rules->args_num = 0;