confile_utils: simplify lxc_config_net_hwaddr

In addition to the memory corruption fixed in ee3e84df, this function was also performing invalid memory accesses for the following inputs: - `lxc.net` - `lxc.net.` - `lxc.net.0.` - `lxc.network` - `lxc.network.0.` Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>

confile_utils: simplify lxc_config_net_hwaddr
0a210f86 · Felix Abecassis · Christian Brauner · 0a7f6089 · 0a210f86 · 0a210f86
Unverified Commit 0a210f86 authored Nov 28, 2017 by Felix Abecassis Committed by Christian Brauner Dec 15, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 51 deletions

confile_utils.c src/lxc/confile_utils.c +6 -51

lxc-test-utils.c src/tests/lxc-test-utils.c +24 -0

No files found.
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -546,63 +546,18 @@ int rand_complete_hwaddr(char *hwaddr)

 bool lxc_config_net_hwaddr(const char *line)
 {
-	char *copy, *p;
+	unsigned index;
+	char tmp[7];

 	if (strncmp(line, "lxc.net", 7) != 0)
 		return false;
-	if (strncmp(line, "lxc.network.hwaddr", 18) == 0)
-		return true;
-
-	/* We have to dup the line, if line is something like
-	 * "lxc.net.[i].xxx = xxxxx ", we need to remove
-	 * '[i]' and compare its key with 'lxc.net.hwaddr'*/
-	copy = strdup(line);
-	if (!copy) {
-		SYSERROR("failed to allocate memory");
-		return false;
-	}
-	if (*(copy + 8) >= '0' && *(copy + 8) <= '9') {
-		p = strchr(copy + 8, '.');
-		if (!p) {
-			free(copy);
-			return false;
-		}
-		/* strlen("hwaddr") = 6 */
-		if (strlen(p + 1) >= 6)
-			 memmove(copy + 8, p + 1, 6);
-		copy[8 + 6] = '\0';
-	}
-	if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) {
-		free(copy);
+	if (strncmp(line, "lxc.net.hwaddr", 14) == 0)
 		return true;
-	}
-	free(copy);
-
-	/* We have to dup the line second time, if line is something like
-	 * "lxc.network.[i].xxx = xxxxx ", we need to remove
-	 * '[i]' and compare its key with 'lxc.network.hwaddr'*/
-	copy = strdup(line);
-	if (!copy) {
-		SYSERROR("failed to allocate memory");
-		return false;
-	}
-	if (*(copy + 12) >= '0' && *(copy + 12) <= '9') {
-		p = strchr(copy + 12, '.');
-		if (!p) {
-			free(copy);
-			return false;
-		}
-		/* strlen("hwaddr") = 6 */
-		if (strlen(p + 1) >= 6)
-			memmove(copy + 12, p + 1, 6);
-		copy[12 + 6] = '\0';
-	}
-	if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) {
-		free(copy);
+	if (strncmp(line, "lxc.network.hwaddr", 18) == 0)
 		return true;
-	}
+	if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 || sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2)
+		return strncmp(tmp, "hwaddr", 6) == 0;

-	free(copy);
 	return false;
 }


--- a/src/tests/lxc-test-utils.c
+++ b/src/tests/lxc-test-utils.c
@@ -462,6 +462,29 @@ void test_parse_byte_size_string(void)
 		exit(EXIT_FAILURE);
 }

+void test_lxc_config_net_hwaddr(void)
+{
+	bool lxc_config_net_hwaddr(const char *line);
+
+	if (!lxc_config_net_hwaddr("lxc.net.0.hwaddr = 00:16:3e:04:65:b8\n"))
+		exit(EXIT_FAILURE);
+	if (!lxc_config_net_hwaddr("lxc.network.hwaddr = 00:16:3e:04:65:b8\n"))
+		exit(EXIT_FAILURE);
+	if (!lxc_config_net_hwaddr("lxc.net.hwaddr = 00:16:3e:04:65:b8\n"))
+		exit(EXIT_FAILURE);
+
+	if (lxc_config_net_hwaddr("lxc.net"))
+		exit(EXIT_FAILURE);
+	if (lxc_config_net_hwaddr("lxc.net."))
+		exit(EXIT_FAILURE);
+	if (lxc_config_net_hwaddr("lxc.net.0."))
+		exit(EXIT_FAILURE);
+	if (lxc_config_net_hwaddr("lxc.network"))
+	       exit(EXIT_FAILURE);
+	if (lxc_config_net_hwaddr("lxc.network.0."))
+	       exit(EXIT_FAILURE);
+}
+
 int main(int argc, char *argv[])
 {
 	test_lxc_string_replace();
@@ -472,6 +495,7 @@ int main(int argc, char *argv[])
 	test_lxc_safe_int();
 	test_lxc_safe_long();
 	test_parse_byte_size_string();
+	test_lxc_config_net_hwaddr();

 	exit(EXIT_SUCCESS);
 }