It is possible that user could request really long namespace
name and overrun the path buffer.
Signed-off-by: Stephen Hemminger <step...@networkplumber.org>
---
lib/namespace.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/namespace.c b/lib/namespace.c
index 6f3356d0fa08..682634028587 100644
--- a/lib/namespace.c
+++ b/lib/namespace.c
@@ -23,7 +23,8 @@ static void bind_etc(const char *name)
struct dirent *entry;
DIR *dir;
- snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s",
NETNS_ETC_DIR, name);
+ snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s",
+ NETNS_ETC_DIR, name);
dir = opendir(etc_netns_path);
if (!dir)
return;
@@ -33,7 +34,8 @@ static void bind_etc(const char *name)
continue;
if (strcmp(entry->d_name, "..") == 0)
continue;
- snprintf(netns_name, sizeof(netns_name), "%s/%s",
etc_netns_path, entry->d_name);
+ snprintf(netns_name, sizeof(netns_name),
+ "%s/%s", etc_netns_path, entry->d_name);
snprintf(etc_name, sizeof(etc_name), "/etc/%s", entry->d_name);
if (mount(netns_name, etc_name, "none", MS_BIND, NULL) < 0) {
fprintf(stderr, "Bind %s -> %s failed: %s\n",
--
2.16.2
