diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2022-04-05 05:21:18 +0200 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2022-04-05 18:47:07 +0200 |
| commit | 975ee8eb2b786643e6123e60909220a0ca5b5b55 (patch) | |
| tree | 32d1d1b4e38f8b6ed416b1f361cf2068cbb511f2 | |
| parent | dbd0a7035c9a7a59f17d1312063ffa7fc3cd6860 (diff) | |
| download | passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar.gz passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar.bz2 passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar.lz passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar.xz passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.tar.zst passt-975ee8eb2b786643e6123e60909220a0ca5b5b55.zip | |
passt: Ignoring number of bytes read, CWE-252
Harmless, assuming sane kernel behaviour. Reported by Coverity.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | passt.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -195,6 +195,7 @@ static void seccomp(const struct ctx *c) */ static void check_root(void) { + const char root_uid_map[] = " 0 0 4294967295"; struct passwd *pw; char buf[BUFSIZ]; int fd; @@ -205,8 +206,8 @@ static void check_root(void) if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0) return; - if (read(fd, buf, BUFSIZ) > 0 && - strcmp(buf, " 0 0 4294967295")) { + if (read(fd, buf, BUFSIZ) != sizeof(root_uid_map) || + strncmp(buf, root_uid_map, sizeof(root_uid_map) - 1)) { close(fd); return; } |