} else if (request == LXC_USERNIC_DELETE) {
char opath[LXC_PROC_PID_FD_LEN];
- /* Open the path with O_PATH which will not trigger an actual
- * open(). Don't report an errno to the caller to not leak
- * information whether the path exists or not.
- * When stracing setuid is stripped so this is not a concern
- * either.
- */
+ // Keep in mind CVE-2022-47952: It's crucial not to leak any
+ // information whether open() succeeded of failed.
+
netns_fd = open(args.pid, O_PATH | O_CLOEXEC);
if (netns_fd < 0) {
- usernic_error("Failed to open \"%s\"\n", args.pid);
+ usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
_exit(EXIT_FAILURE);
}
if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) {
- usernic_error("Path \"%s\" does not refer to a network namespace path\n", args.pid);
+ usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
close(netns_fd);
_exit(EXIT_FAILURE);
}
/* Now get an fd that we can use in setns() calls. */
ret = open(opath, O_RDONLY | O_CLOEXEC);
if (ret < 0) {
- CMD_SYSERROR("Failed to open \"%s\"\n", args.pid);
+ CMD_SYSERROR("Failed while opening netns file for \"%s\"\n", args.pid);
close(netns_fd);
_exit(EXIT_FAILURE);
}