From 2caf9a97d90a61e5eaf9d7c218e5bcc35dfbfbb3 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Thu, 5 Sep 2013 20:31:55 -0500
Subject: [PATCH] sanity-check number of detected capabilities

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---
 src/lxc/conf.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 83613ed99..2d95e5dad 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1852,6 +1852,9 @@ static int dropcaps_except(struct lxc_list *caps)
 	int numcaps = lxc_caps_last_cap() + 1;
 	INFO("found %d capabilities\n", numcaps);
 
+	if (numcaps <= 0 || numcaps > 200)
+		return -1;
+
 	// caplist[i] is 1 if we keep capability i
 	int *caplist = alloca(numcaps * sizeof(int));
 	memset(caplist, 0, numcaps * sizeof(int));
-- 
2.47.3