fixed uid/gid bound check regression (#1555)

2022-05-23 09:46:39 +02:00 · 2022-05-23 09:46:39 +02:00 · 357899b83e
parent a7c7ea5712
commit 357899b83e
1 changed files with 5 additions and 18 deletions
--- a/pkg/csplugin/utils.go
+++ b/pkg/csplugin/utils.go
@ -82,32 +82,19 @@ func getPluginTypeAndSubtypeFromPath(path string) (string, string, error) {
 }

 func getProcessAttr(username string, groupname string) (*syscall.SysProcAttr, error) {
-	u, err := user.Lookup(username)
+	uid, err := getUID(username)
 	if err != nil {
 		return nil, err
 	}
-	g, err := user.LookupGroup(groupname)
+	gid, err := getGID(groupname)
 	if err != nil {
 		return nil, err
 	}
-	uid, err := strconv.ParseInt(u.Uid, 10, 32)
-	if err != nil {
-		return nil, err
-	}
-	if uid < 0 && uid > math.MaxInt32 {
-		return nil, fmt.Errorf("out of bound uid")
-	}
-	gid, err := strconv.ParseInt(g.Gid, 10, 32)
-	if err != nil {
-		return nil, err
-	}
-	if gid < 0 && gid > math.MaxInt32 {
-		return nil, fmt.Errorf("out of bound gid")
-	}
+
 	return &syscall.SysProcAttr{
 		Credential: &syscall.Credential{
-			Uid: uint32(uid),
-			Gid: uint32(gid),
+			Uid: uid,
+			Gid: gid,
 		},
 	}, nil
 }