From d00b9a211ee9bc25e6a9a9ad0916aa33d6df7faa Mon Sep 17 00:00:00 2001
From: Robert Brown <robert.brown@twosigma.com>
Date: Mon, 21 Sep 2020 12:59:06 -0400
Subject: [PATCH] Only verify MAX_ARG limit when running privileged.

---
 bubblewrap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bubblewrap.c b/bubblewrap.c
index efca03c4..9cfda409 100644
--- a/bubblewrap.c
+++ b/bubblewrap.c
@@ -1458,7 +1458,7 @@ parse_args_recurse (int          *argcp,
    */
   static const uint32_t MAX_ARGS = 9000;
 
-  if (*total_parsed_argc_p > MAX_ARGS)
+  if (*total_parsed_argc_p > MAX_ARGS && is_privileged)
     die ("Exceeded maximum number of arguments %u", MAX_ARGS);
 
   while (argc > 0)
@@ -1510,7 +1510,7 @@ parse_args_recurse (int          *argcp,
             {
               data_argc++;
               (*total_parsed_argc_p)++;
-              if (*total_parsed_argc_p > MAX_ARGS)
+              if (*total_parsed_argc_p > MAX_ARGS && is_privileged)
                 die ("Exceeded maximum number of arguments %u", MAX_ARGS);
               p = memchr (p, 0, data_end - p);
               if (p != NULL)