Hello, we're UT Austin students working on open-source contributions for a final project. Would it be fine to have this assigned to us? Thank you!

Hi. I am on the same project team as anooprac. Should we return an error code if the length of oparg is larger than the name buffer length, or should we limit the size of the input buffer to 4095?

When you run lxc-unshare, what username should you specify? Does it need to be mapped beforehand?

This is the output from calling lxc-unshare with an input for the -u flag

Looking back at this, the issue really is with sscanf using %s where the target buffer can be smaller than the source and cause issues, but the code being modified here uses %u which does not suffer from the same issue.

So I'm wondering if this was perhaps about a prior implementation of that function and we don't actually have a problem here anymore.

That could be. Was the purpose of the “%s” implementation to get a non-numerical username?