diff options
author | Samanta Navarro <ferivoz@riseup.net> | 2023-05-12 11:59:47 +0000 |
---|---|---|
committer | Iker Pedrosa <ikerpedrosam@gmail.com> | 2023-05-15 09:21:16 +0200 |
commit | 4ef4477535682fd3baa242450f62d546ee3974ce (patch) | |
tree | a2d4ad4969a6a9b6740edb4a07f55108d4622d8a | |
parent | a022d39d2abbee48d3223689bea5c31592420ca6 (diff) |
get_pid.c: Use tighter validation checks
Neither a pid_t below 1 nor a negative fd could be valid in this context.
Proof of Concept:
$ newuidmap -1 1 1 1
newuidmap: Could not open proc directory for target 4294967295
Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
-rw-r--r-- | lib/get_pid.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/get_pid.c b/lib/get_pid.c index 8e5e6014..20f4ce42 100644 --- a/lib/get_pid.c +++ b/lib/get_pid.c @@ -24,6 +24,7 @@ int get_pid (const char *pidstr, pid_t *pid) if ( ('\0' == *pidstr) || ('\0' != *endptr) || (ERANGE == errno) + || (val < 1) || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) { return 0; } @@ -49,7 +50,8 @@ int get_pidfd_from_fd(const char *pidfdstr) if ( ('\0' == *pidfdstr) || ('\0' != *endptr) || (ERANGE == errno) - || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) { + || (val < 0) + || (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) { return -1; } |