From: Hauke Mehrtens Date: Fri, 1 Nov 2019 16:16:38 +0000 (+0100) Subject: instance: ujail: Fix allocated size for no_new_privs parameter X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=564ecdfd9cc40e3dd566bf8fd24a94053b99c332;p=project%2Fprocd.git instance: ujail: Fix allocated size for no_new_privs parameter When the no_new_privs parameter is given, thei size of the array which contains the argv pointers is not increased in instance_jail_parse() which causes a buffer overflow. Fix this by requesting one more entry in instance_jail_parse() for the allocation. Fixes: dfd5816bcbef ("instance, ujail: wire no_new_privs (-c) option") Cc: Etienne CHAMPETIER Signed-off-by: Hauke Mehrtens --- diff --git a/service/instance.c b/service/instance.c index b4284e7..4bb2207 100644 --- a/service/instance.c +++ b/service/instance.c @@ -829,6 +829,9 @@ instance_jail_parse(struct service_instance *in, struct blob_attr *attr) if (in->seccomp) jail->argc += 2; + if (in->no_new_privs) + jail->argc++; + return 1; }