In find_new_sub_{u,g}ids, check for min, count and max values.
In idmapping.c:get_map_ranges(), make sure that the value passed
in for ranges did not overflow. Couldn't happen with the current
code, but this is a sanity check for any future potential mis-uses.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
max = getdef_ulong ("SUB_GID_MAX", 600100000UL);
count = getdef_ulong ("SUB_GID_COUNT", 10000);
+ if (min >= max || count >= max || (min + count) >= max) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SUB_GID_MIN (%lu),"
+ " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
+ Prog, min, max, count);
+ return -1;
+ }
+
/* Is there a preferred range that works? */
if ((*range_count != 0) &&
(*range_start >= min) &&
max = getdef_ulong ("SUB_UID_MAX", 600100000UL);
count = getdef_ulong ("SUB_UID_COUNT", 10000);
+ if (min >= max || count >= max || (min + count) >= max) {
+ (void) fprintf (stderr,
+ _("%s: Invalid configuration: SUB_UID_MIN (%lu),"
+ " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
+ Prog, min, max, count);
+ return -1;
+ }
+
/* Is there a preferred range that works? */
if ((*range_count != 0) &&
(*range_start >= min) &&
struct map_range *mappings, *mapping;
int idx, argidx;
+ if (ranges < 0 || argc < 0) {
+ fprintf(stderr, "%s: error calculating number of arguments\n", Prog);
+ return NULL;
+ }
+
+ if (ranges != ((argc - 2) + 2) / 3) {
+ fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
+ return NULL;
+ }
+
if ((ranges * 3) > argc) {
fprintf(stderr, "ranges: %u argc: %d\n",
ranges, argc);
projects / shadow / commitdiff