From ba069f9baac1989a6034aae6c254885be3343efd Mon Sep 17 00:00:00 2001
From: bin liu <bin@hyper.sh>
Date: Wed, 14 Oct 2020 20:51:05 +0800
Subject: [PATCH] rustjail: add length check for uid_mappings in rootless euid
 mapping

This might be a copy miss, gid_mappings is checked twice, one should
be uid_mappings.

Fixes: #952

Signed-off-by: bin liu <bin@hyper.sh>
---
 src/agent/rustjail/src/validator.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/agent/rustjail/src/validator.rs b/src/agent/rustjail/src/validator.rs
index deaf7c14ac..4e3ce43182 100644
--- a/src/agent/rustjail/src/validator.rs
+++ b/src/agent/rustjail/src/validator.rs
@@ -225,7 +225,8 @@ fn rootless_euid_mapping(oci: &Spec) -> Result<()> {
         return Err(anyhow!(nix::Error::from_errno(Errno::EINVAL)));
     }
 
-    if linux.gid_mappings.len() == 0 || linux.gid_mappings.len() == 0 {
+    if linux.uid_mappings.len() == 0 || linux.gid_mappings.len() == 0 {
+        // rootless containers requires at least one UID/GID mapping
         return Err(anyhow!(nix::Error::from_errno(Errno::EINVAL)));
     }