Skip to content

Commit

Permalink
libcontainer: relax getenv_int sanity check
Browse files Browse the repository at this point in the history 
Remove upper bound in integer sanity check
to not restrict the number of socket-activated
sockets passed in.

Closes opencontainers#3488

Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
  • Loading branch information
@eriksjolund @cyphar
eriksjolund authored and cyphar committed Jun 1, 2022
1 parent 182d77c commit 03a210d
Showing 1 changed file with 3 additions and 5 deletions.
8 changes: 3 additions & 5 deletions libcontainer/nsenter/nsexec.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -416,11 +416,9 @@ static int getenv_int(const char *name)
if (val == endptr || *endptr != '\0')
bail("unable to parse %s=%s", name, val);
/*
* Sanity check: this must be a small non-negative number.
* Practically, we pass two fds (3 and 4) and a log level,
* for which the maximum is 6 (TRACE).
* */
if (ret < 0 || ret > TRACE)
* Sanity check: this must be a non-negative number.
*/
if (ret < 0)
bail("bad value for %s=%s (%d)", name, val, ret);

return ret;
Expand Down

0 comments on commit 03a210d

Please sign in to comment.