sanity-check number of detected capabilities

author Serge Hallyn <serge.hallyn@ubuntu.com>

Fri, 6 Sep 2013 01:31:55 +0000 (20:31 -0500)

committer Serge Hallyn <serge.hallyn@ubuntu.com>

Fri, 6 Sep 2013 01:34:34 +0000 (20:34 -0500)
author Serge Hallyn <serge.hallyn@ubuntu.com>
Fri, 6 Sep 2013 01:31:55 +0000 (20:31 -0500)
committer Serge Hallyn <serge.hallyn@ubuntu.com>
Fri, 6 Sep 2013 01:34:34 +0000 (20:34 -0500)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c

index 83613ed99a1d30639cf7276a7b0b56bc5436349d..2d95e5dad17b2fdb7df4472d920f64cefedb2537 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1852,6 +1852,9 @@ static int dropcaps_except(struct lxc_list *caps)
         int numcaps = lxc_caps_last_cap() + 1;
         INFO("found %d capabilities\n", numcaps);
  
+       if (numcaps <= 0 || numcaps > 200)
+               return -1;
+
         // caplist[i] is 1 if we keep capability i
         int *caplist = alloca(numcaps * sizeof(int));
         memset(caplist, 0, numcaps * sizeof(int));
author	Serge Hallyn <serge.hallyn@ubuntu.com>
	Fri, 6 Sep 2013 01:31:55 +0000 (20:31 -0500)
committer	Serge Hallyn <serge.hallyn@ubuntu.com>
	Fri, 6 Sep 2013 01:34:34 +0000 (20:34 -0500)