CameronNemo on Github
2018-11-29 05:00:54 UTC
From 923ed2e5f0407eedbee99a0a5a502e8eb8ef8f10 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <***@gmail.com>
Date: Wed, 28 Nov 2018 19:42:29 -0800
Subject: [PATCH] lxc-usernsexec: fix default map functionality
* Place NULL bytes at the end of strings so that
lxc_safe_ulong() can parse them correctly
* Only free the newly created id_map on error,
to avoid passing garbage to lxc_map_ids()
Signed-off-by: Cameron Nemo <***@gmail.com>
---
src/lxc/cmd/lxc_usernsexec.c | 32 +++++++++++++++++++-------------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/src/lxc/cmd/lxc_usernsexec.c b/src/lxc/cmd/lxc_usernsexec.c
index 10557dd519..2c541a69cd 100644
--- a/src/lxc/cmd/lxc_usernsexec.c
+++ b/src/lxc/cmd/lxc_usernsexec.c
@@ -200,6 +200,7 @@ static int read_default_map(char *fnam, int which, char *user)
{
size_t len;
char *p1, *p2;
+ unsigned long ul1, ul2;
FILE *fin;
int ret = -1;
size_t sz = 0;
@@ -224,37 +225,42 @@ static int read_default_map(char *fnam, int which, char *user)
if (!p2)
continue;
- newmap = malloc(sizeof(*newmap));
- if (!newmap)
- goto on_error;
+ line[strlen(line) - 1] = '\0';
+ *p2 = '\0';
- ret = lxc_safe_ulong(p1 + 1, &newmap->hostid);
+ ret = lxc_safe_ulong(p1 + 1, &ul1);
if (ret < 0)
- goto on_error;
+ break;
- ret = lxc_safe_ulong(p2 + 1, &newmap->range);
+ ret = lxc_safe_ulong(p2 + 1, &ul2);
if (ret < 0)
- goto on_error;
+ break;
+
+ newmap = malloc(sizeof(*newmap));
+ if (!newmap)
+ break;
newmap->nsid = 0;
newmap->idtype = which;
+ newmap->hostid = ul1;
+ newmap->range = ul2;
ret = -1;
tmp = malloc(sizeof(*tmp));
- if (!tmp)
- goto on_error;
+ if (!tmp) {
+ free(newmap);
+ break;
+ }
tmp->elem = newmap;
lxc_list_add_tail(&active_map, tmp);
+
+ ret = 0;
break;
}
- ret = 0;
-
-on_error:
fclose(fin);
free(line);
- free(newmap);
return ret;
}
From: Cameron Nemo <***@gmail.com>
Date: Wed, 28 Nov 2018 19:42:29 -0800
Subject: [PATCH] lxc-usernsexec: fix default map functionality
* Place NULL bytes at the end of strings so that
lxc_safe_ulong() can parse them correctly
* Only free the newly created id_map on error,
to avoid passing garbage to lxc_map_ids()
Signed-off-by: Cameron Nemo <***@gmail.com>
---
src/lxc/cmd/lxc_usernsexec.c | 32 +++++++++++++++++++-------------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/src/lxc/cmd/lxc_usernsexec.c b/src/lxc/cmd/lxc_usernsexec.c
index 10557dd519..2c541a69cd 100644
--- a/src/lxc/cmd/lxc_usernsexec.c
+++ b/src/lxc/cmd/lxc_usernsexec.c
@@ -200,6 +200,7 @@ static int read_default_map(char *fnam, int which, char *user)
{
size_t len;
char *p1, *p2;
+ unsigned long ul1, ul2;
FILE *fin;
int ret = -1;
size_t sz = 0;
@@ -224,37 +225,42 @@ static int read_default_map(char *fnam, int which, char *user)
if (!p2)
continue;
- newmap = malloc(sizeof(*newmap));
- if (!newmap)
- goto on_error;
+ line[strlen(line) - 1] = '\0';
+ *p2 = '\0';
- ret = lxc_safe_ulong(p1 + 1, &newmap->hostid);
+ ret = lxc_safe_ulong(p1 + 1, &ul1);
if (ret < 0)
- goto on_error;
+ break;
- ret = lxc_safe_ulong(p2 + 1, &newmap->range);
+ ret = lxc_safe_ulong(p2 + 1, &ul2);
if (ret < 0)
- goto on_error;
+ break;
+
+ newmap = malloc(sizeof(*newmap));
+ if (!newmap)
+ break;
newmap->nsid = 0;
newmap->idtype = which;
+ newmap->hostid = ul1;
+ newmap->range = ul2;
ret = -1;
tmp = malloc(sizeof(*tmp));
- if (!tmp)
- goto on_error;
+ if (!tmp) {
+ free(newmap);
+ break;
+ }
tmp->elem = newmap;
lxc_list_add_tail(&active_map, tmp);
+
+ ret = 0;
break;
}
- ret = 0;
-
-on_error:
fclose(fin);
free(line);
- free(newmap);
return ret;
}