From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 19 Mar 2025 02:12:33 +0000 (+0900)
Subject: nspawn-oci: update overflow check
X-Git-Tag: v258-rc1~1042^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=91c4d1affdba02a323dc2c7caccabe240ccb8302;p=thirdparty%2Fsystemd.git

nspawn-oci: update overflow check

Fixes CID#1548072.
---

diff --git a/src/nspawn/nspawn-oci.c b/src/nspawn/nspawn-oci.c
index ecbcaefcbb1..923e20b5c03 100644
--- a/src/nspawn/nspawn-oci.c
+++ b/src/nspawn/nspawn-oci.c
@@ -700,8 +700,8 @@ static int oci_uid_gid_mappings(const char *name, sd_json_variant *v, sd_json_di
         if (r < 0)
                 return r;
 
-        if (data.host_id + data.range < data.host_id ||
-            data.container_id + data.range < data.container_id)
+        if (data.range > UINT32_MAX - data.host_id ||
+            data.range > UINT32_MAX - data.container_id)
                 return json_log(v, flags, SYNTHETIC_ERRNO(EINVAL),
                                 "UID/GID range goes beyond UID/GID validity range, refusing.");