Hello! On 3/20/2018 11:29 PM, Stephen Hemminger wrote:
It is possible that user could request really long namespace name and overrun the path buffer. Signed-off-by: Stephen Hemminger <step...@networkplumber.org> --- lib/namespace.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/namespace.c b/lib/namespace.c index 6f3356d0fa08..682634028587 100644 --- a/lib/namespace.c +++ b/lib/namespace.c @@ -23,7 +23,8 @@ static void bind_etc(const char *name) struct dirent *entry; DIR *dir;- snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s", NETNS_ETC_DIR, name);+ snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s", + NETNS_ETC_DIR, name); dir = opendir(etc_netns_path); if (!dir) return; @@ -33,7 +34,8 @@ static void bind_etc(const char *name) continue; if (strcmp(entry->d_name, "..") == 0) continue; - snprintf(netns_name, sizeof(netns_name), "%s/%s", etc_netns_path, entry->d_name); + snprintf(netns_name, sizeof(netns_name), + "%s/%s", etc_netns_path, entry->d_name); snprintf(etc_name, sizeof(etc_name), "/etc/%s", entry->d_name); if (mount(netns_name, etc_name, "none", MS_BIND, NULL) < 0) { fprintf(stderr, "Bind %s -> %s failed: %s\n",
Hm... not seeing any changes other than the line wrapping. Am I just blind? :-)
MBR, Sergei
