diff options
author | Daniel Golle <daniel@makrotopia.org> | 2021-10-17 09:34:55 +0100 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2021-10-17 19:33:56 +0100 |
commit | e1d7cee59b08655c224999b21e9fbf139f5ee54e (patch) | |
tree | e84a9955d43c597da81b05144c3efd166dc08171 | |
parent | d2a2eccbd145d246e3967aae0d75f20655426163 (diff) | |
download | procd-e1d7cee59b08655c224999b21e9fbf139f5ee54e.tar.gz |
jail: netifd: check target netns fd before using it
Make sure filehandler is non-negative before using it.
Coverity CID: 1492888 Negative returns
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
-rw-r--r-- | jail/netifd.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/jail/netifd.c b/jail/netifd.c index f6f2df6..0f05ccc 100644 --- a/jail/netifd.c +++ b/jail/netifd.c @@ -469,6 +469,10 @@ int jail_network_start(struct ubus_context *new_ctx, char *new_jail_name, pid_t watch_ubus_service(); netns_fd = ns_open_pid("net", ns_pid); + if (netns_fd < 0) { + ret = ESRCH; + goto errout_inotify; + } netns_updown(host_ubus_ctx, jail_name, true, netns_fd); |