Skip to content

L
lxc
Unverified Commit 4e950c76 by Stéphane Graber Committed by GitHub
Options

Merge pull request #2823 from brauner/2019-02-05/compiler_based_hardening

compiler: hardening
parents 1fba6a85 a7547c5c
Showing with 88 additions and 85 deletions
configure.ac
......@@ -690,8 +690,9 @@ AC_PROG_SED
# See if we support thread-local storage.
LXC_CHECK_TLS
# Hardening flags
AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-color"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wimplicit-fallthrough], [CFLAGS="$CFLAGS -Wimplicit-fallthrough"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wimplicit-fallthrough=5], [CFLAGS="$CFLAGS -Wimplicit-fallthrough=5"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wstrict-prototypes], [CFLAGS="$CFLAGS -Wstrict-prototypes"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-fno-strict-aliasing], [CFLAGS="$CFLAGS -fno-strict-aliasing"],,[-Werror])
......@@ -700,6 +701,16 @@ AX_CHECK_LINK_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protecto
AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
AX_CHECK_COMPILE_FLAG([--mcet -fcf-protection], [CFLAGS="$CFLAGS --mcet -fcf-protection"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Werror=implicit-function-declaration], [CFLAGS="$CFLAGS -Werror=implicit-function-declaration"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wlogical-op], [CFLAGS="$CFLAGS -Wlogical-op"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wmissing-include-dirs], [CFLAGS="$CFLAGS -Wmissing-include-dirs"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wold-style-definition], [CFLAGS="$CFLAGS -Wold-style-definition"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Winit-self], [CFLAGS="$CFLAGS -Winit-self"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wfloat-equal], [CFLAGS="$CFLAGS -Wfloat-equal"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wsuggest-attribute=noreturn], [CFLAGS="$CFLAGS -Wsuggest-attribute=noreturn"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Werror=return-type], [CFLAGS="$CFLAGS -Werror=return-type"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Werror=incompatible-pointer-types], [CFLAGS="$CFLAGS -Werror=incompatible-pointer-types"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wformat=2], [CFLAGS="$CFLAGS -Wformat=2"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wshadow], [CFLAGS="$CFLAGS -Wshadow"],,[-Werror])
AX_CHECK_LINK_FLAG([-z relro], [LDLAGS="$LDLAGS -z relro"],,[])
AX_CHECK_LINK_FLAG([-z now], [LDLAGS="$LDLAGS -z now"],,[])
......
src/lxc/attach.c
......@@ -1351,10 +1351,10 @@ int lxc_attach(const char *name, const char *lxcpath,
if ((options->namespaces & CLONE_NEWNS) &&
(options->attach_flags & LXC_ATTACH_LSM) &&
init_ctx->lsm_label) {
int ret = -1;
int labelfd;
bool on_exec;
ret = -1;
on_exec = options->attach_flags & LXC_ATTACH_LSM_EXEC ? true : false;
labelfd = lsm_process_label_fd_get(attached_pid, on_exec);
if (labelfd < 0)
......
src/lxc/cmd/lxc_user_nic.c
......@@ -1250,7 +1250,6 @@ int main(int argc, char *argv[])
free(me);
if (request == LXC_USERNIC_DELETE) {
int ret;
struct alloted_s *it;
bool found_nicname = false;
......
src/lxc/conf.c
......@@ -3377,7 +3377,6 @@ again:
}
while (getline(&line, &len, f) != -1) {
int ret;
char *opts, *target;
target = get_field(line, 4);
......
src/lxc/criu.c
......@@ -388,7 +388,7 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct lxc_conf *conf,
goto err;
while (getmntent_r(mnts, &mntent, buf, sizeof(buf))) {
char *fmt, *key, *val, *mntdata;
char *mntdata;
char arg[2 * PATH_MAX + 2];
unsigned long flags;
......@@ -401,17 +401,12 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct lxc_conf *conf,
if (!(flags & MS_BIND))
continue;
if (strcmp(opts->action, "dump") == 0) {
fmt = "/%s:%s";
key = mntent.mnt_dir;
val = mntent.mnt_dir;
} else {
fmt = "%s:%s";
key = mntent.mnt_dir;
val = mntent.mnt_fsname;
}
ret = snprintf(arg, sizeof(arg), fmt, key, val);
if (strcmp(opts->action, "dump") == 0)
ret = snprintf(arg, sizeof(arg), "/%s:%s",
mntent.mnt_dir, mntent.mnt_dir);
else
ret = snprintf(arg, sizeof(arg), "%s:%s",
mntent.mnt_dir, mntent.mnt_fsname);
if (ret < 0 || ret >= sizeof(arg)) {
fclose(mnts);
ERROR("snprintf failed");
......@@ -547,7 +542,6 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct lxc_conf *conf,
lxc_list_for_each(it, &opts->c->lxc_conf->network) {
size_t retlen;
char eth[128], *veth;
char *fmt;
struct lxc_netdev *n = it->elem;
bool external_not_veth;
......@@ -579,18 +573,23 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct lxc_conf *conf,
if (n->link[0] != '\0') {
if (external_not_veth)
fmt = "veth[%s]:%s@%s";
ret = snprintf(buf, sizeof(buf),
"veth[%s]:%s@%s",
eth, veth,
n->link);
else
fmt = "%s=%s@%s";
ret = snprintf(buf, sizeof(buf), fmt, eth, veth, n->link);
ret = snprintf(buf, sizeof(buf),
"%s=%s@%s", eth,
veth, n->link);
} else {
if (external_not_veth)
fmt = "veth[%s]:%s";
ret = snprintf(buf, sizeof(buf),
"veth[%s]:%s",
eth, veth);
else
fmt = "%s=%s";
ret = snprintf(buf, sizeof(buf), fmt, eth, veth);
ret = snprintf(buf, sizeof(buf),
"%s=%s", eth,
veth);
}
if (ret < 0 || ret >= sizeof(buf))
goto err;
......@@ -1071,7 +1070,6 @@ static void do_restore(struct lxc_container *c, int status_pipe, struct migrate_
rmdir(rootfs->mount);
goto out_fini_handler;
} else {
int ret;
char title[2048];
close(pipes[1]);
......@@ -1300,7 +1298,6 @@ static bool do_dump(struct lxc_container *c, char *mode, struct migrate_opts *op
int status;
ssize_t n;
char buf[4096];
bool ret;
close(criuout[1]);
......
src/lxc/log.c
......@@ -122,14 +122,20 @@ static char *lxc_log_get_va_msg(struct lxc_log_event *event)
return NULL;
va_copy(args, *event->vap);
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wformat-nonliteral"
len = vsnprintf(NULL, 0, event->fmt, args) + 1;
#pragma GCC diagnostic pop
va_end(args);
msg = malloc(len * sizeof(char));
if (!msg)
return NULL;
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wformat-nonliteral"
rc = vsnprintf(msg, len, event->fmt, *event->vap);
#pragma GCC diagnostic pop
if (rc == -1 || rc >= len) {
free(msg);
return NULL;
......@@ -183,7 +189,10 @@ static int log_append_stderr(const struct lxc_log_appender *appender,
log_container_name ? ": " : "");
fprintf(stderr, "%s: %s: %d ", event->locinfo->file,
event->locinfo->func, event->locinfo->line);
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wformat-nonliteral"
vfprintf(stderr, event->fmt, *event->vap);
#pragma GCC diagnostic pop
fprintf(stderr, "\n");
return 0;
......@@ -349,7 +358,10 @@ static int log_append_logfile(const struct lxc_log_appender *appender,
return n;
if ((size_t)n < STRARRAYLEN(buffer)) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wformat-nonliteral"
ret = vsnprintf(buffer + n, sizeof(buffer) - n, event->fmt, *event->vap);
#pragma GCC diagnostic pop
if (ret < 0)
return 0;
......
src/lxc/log.h
......@@ -342,9 +342,9 @@ ATTR_UNUSED static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
char errno_buf[PATH_MAX / 2] = {"Failed to get errno string"}; \
char *ptr = NULL; \
{ \
int saved_errno = errno; \
int __saved_errno = errno; \
ptr = strerror_r(errno, errno_buf, sizeof(errno_buf)); \
errno = saved_errno; \
errno = __saved_errno; \
if (!ptr) \
ptr = errno_buf; \
}
......@@ -353,9 +353,9 @@ ATTR_UNUSED static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
char errno_buf[PATH_MAX / 2] = {"Failed to get errno string"}; \
char *ptr = errno_buf; \
{ \
int saved_errno = errno; \
int __saved_errno = errno; \
(void)strerror_r(errno, errno_buf, sizeof(errno_buf)); \
errno = saved_errno; \
errno = __saved_errno; \
}
#endif
#elif ENFORCE_THREAD_SAFETY
......
src/lxc/lxccontainer.c
......@@ -1041,7 +1041,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
* right PID.
*/
if (c->pidfile) {
int ret, w;
int w;
char pidstr[INTTYPE_TO_STRLEN(pid_t)];
w = snprintf(pidstr, sizeof(pidstr), "%d", lxc_raw_getpid());
......@@ -2439,8 +2439,7 @@ static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface,
if (pid == 0) {
ssize_t nbytes;
char addressOutputBuffer[INET6_ADDRSTRLEN];
int ret = 1;
char *address = NULL;
char *address_ptr = NULL;
void *tempAddrPtr = NULL;
struct netns_ifaddrs *interfaceArray = NULL, *tempIfAddr = NULL;
......@@ -2489,16 +2488,16 @@ static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface,
else if (!interface && strcmp("lo", tempIfAddr->ifa_name) == 0)
continue;
address = (char *)inet_ntop(tempIfAddr->ifa_addr->sa_family,
address_ptr = (char *)inet_ntop(tempIfAddr->ifa_addr->sa_family,
tempAddrPtr, addressOutputBuffer,
sizeof(addressOutputBuffer));
if (!address)
if (!address_ptr)
continue;
nbytes = lxc_write_nointr(pipefd[1], address, INET6_ADDRSTRLEN);
nbytes = lxc_write_nointr(pipefd[1], address_ptr, INET6_ADDRSTRLEN);
if (nbytes != INET6_ADDRSTRLEN) {
SYSERROR("Failed to send ipv6 address \"%s\"",
address);
address_ptr);
goto out;
}
......
src/lxc/network.c
......@@ -2116,8 +2116,6 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
}
if (child == 0) {
int ret;
size_t retlen;
char pidstr[INTTYPE_TO_STRLEN(pid_t)];
close(pipefd[0]);
......@@ -2280,7 +2278,6 @@ static int lxc_delete_network_unpriv_exec(const char *lxcpath, const char *lxcna
if (child == 0) {
char *hostveth;
int ret;
close(pipefd[0]);
......@@ -2925,8 +2922,6 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
/* set the network device up */
if (netdev->flags & IFF_UP) {
int err;
err = lxc_netdev_up(current_ifname);
if (err) {
errno = -err;
......
src/lxc/pam/pam_cgfs.c
......@@ -297,8 +297,11 @@ static void mysyslog(int err, const char *format, ...)
va_list args;
va_start(args, format);
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wformat-nonliteral"
openlog("PAM-CGFS", LOG_CONS | LOG_PID, LOG_AUTH);
vsyslog(err, format, args);
#pragma GCC diagnostic pop
va_end(args);
closelog();
}
......
src/lxc/storage/lvm.c
......@@ -264,6 +264,7 @@ int lvm_umount(struct lxc_storage *bdev)
return umount(bdev->dest);
}
#define __LVSCMD "lvs --unbuffered --noheadings -o lv_attr %s 2>/dev/null"
int lvm_compare_lv_attr(const char *path, int pos, const char expected)
{
struct lxc_popen_FILE *f;
......@@ -272,12 +273,11 @@ int lvm_compare_lv_attr(const char *path, int pos, const char expected)
char *cmd;
char output[12];
int start = 0;
const char *lvscmd = "lvs --unbuffered --noheadings -o lv_attr %s 2>/dev/null";
len = strlen(lvscmd) + strlen(path) + 1;
len = strlen(__LVSCMD) + strlen(path) + 1;
cmd = alloca(len);
ret = snprintf(cmd, len, lvscmd, path);
ret = snprintf(cmd, len, __LVSCMD, path);
if (ret < 0 || (size_t)ret >= len)
return -1;
......
src/lxc/storage/overlay.c
......@@ -86,7 +86,7 @@ int ovl_clonepaths(struct lxc_storage *orig, struct lxc_storage *new, const char
if (strcmp(orig->type, "dir") == 0) {
char *delta, *lastslash;
char *work;
int ret, len, lastslashidx;
int len, lastslashidx;
/* If we have "/var/lib/lxc/c2/rootfs" then delta will be
* "/var/lib/lxc/c2/delta0".
......@@ -194,7 +194,7 @@ int ovl_clonepaths(struct lxc_storage *orig, struct lxc_storage *new, const char
char *clean_old_path, *clean_new_path;
char *lastslash, *ndelta, *nsrc, *odelta, *osrc, *s1, *s2, *s3,
*work;
int ret, lastslashidx;
int lastslashidx;
size_t len, name_len;
osrc = strdup(orig->src);
......
src/lxc/storage/storage.c
......@@ -355,7 +355,6 @@ struct lxc_storage *storage_copy(struct lxc_container *c, const char *cname,
}
if (!orig->dest) {
int ret;
size_t len;
struct stat sb;
......
src/lxc/storage/zfs.c
......@@ -468,7 +468,6 @@ int zfs_clonepaths(struct lxc_storage *orig, struct lxc_storage *new,
orig_src = lxc_storage_get_path(orig->src, orig->type);
if (!strcmp(orig->type, "zfs")) {
size_t len;
if (*orig_src == '/') {
bool found;
......@@ -594,8 +593,6 @@ int zfs_destroy(struct lxc_storage *orig)
* "<lxcpath>/<lxcname>/rootfs" is given.
*/
if (*src == '/') {
char *tmp;
found = zfs_list_entry(src, cmd_output, sizeof(cmd_output));
if (!found) {
ERROR("Failed to find zfs entry \"%s\"", orig->src);
......
src/lxc/string_utils.c
......@@ -295,19 +295,22 @@ char *lxc_append_paths(const char *first, const char *second)
int ret;
size_t len;
char *result = NULL;
const char *pattern = "%s%s";
int pattern_type = 0;
len = strlen(first) + strlen(second) + 1;
if (second[0] != '/') {
len += 1;
pattern = "%s/%s";
pattern_type = 1;
}
result = calloc(1, len);
if (!result)
return NULL;
ret = snprintf(result, len, pattern, first, second);
if (pattern_type == 0)
ret = snprintf(result, len, "%s%s", first, second);
else
ret = snprintf(result, len, "%s/%s", first, second);
if (ret < 0 || (size_t)ret >= len) {
free(result);
return NULL;
......
src/lxc/tools/lxc_info.c
......@@ -274,28 +274,28 @@ static void print_stats(struct lxc_container *c)
}
}
static void print_info_msg_int(const char *key, int value)
static void print_info_msg_int(const char *k, int value)
{
if (humanize)
printf("%-15s %d\n", key, value);
printf("%-15s %d\n", k, value);
else {
if (filter_count == 1)
printf("%d\n", value);
else
printf("%-15s %d\n", key, value);
printf("%-15s %d\n", k, value);
}
fflush(stdout);
}
static void print_info_msg_str(const char *key, const char *value)
static void print_info_msg_str(const char *k, const char *value)
{
if (humanize)
printf("%-15s %s\n", key, value);
printf("%-15s %s\n", k, value);
else {
if (filter_count == 1)
printf("%s\n", value);
else
printf("%-15s %s\n", key, value);
printf("%-15s %s\n", k, value);
}
fflush(stdout);
}
......
src/lxc/tools/lxc_ls.c
......@@ -512,8 +512,6 @@ static int ls_get(struct ls **m, size_t *size, const struct lxc_arguments *args,
l->unprivileged = !(val == NULL);
free(val);
} else {
int ret;
ret = c->get_config_item(c, "lxc.idmap", NULL, 0);
l->unprivileged = !(ret == 0);
}
......
src/lxc/tools/lxc_unshare.c
......@@ -64,7 +64,7 @@ struct start_arg {
static int my_parser(struct lxc_arguments *args, int c, char *arg);
static inline int sethostname_including_android(const char *name, size_t len);
static int get_namespace_flags(char *namespaces);
static bool lookup_user(const char *optarg, uid_t *uid);
static bool lookup_user(const char *oparg, uid_t *uid);
static int mount_fs(const char *source, const char *target, const char *type);
static void lxc_setup_fs(void);
static int do_start(void *arg);
......@@ -180,7 +180,7 @@ static int get_namespace_flags(char *namespaces)
return flags;
}
static bool lookup_user(const char *optarg, uid_t *uid)
static bool lookup_user(const char *oparg, uid_t *uid)
{
char name[PATH_MAX];
struct passwd pwent;
......@@ -189,7 +189,7 @@ static bool lookup_user(const char *optarg, uid_t *uid)
size_t bufsize;
int ret;
if (!optarg || (optarg[0] == '\0'))
if (!oparg || (oparg[0] == '\0'))
return false;
bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
......@@ -200,9 +200,9 @@ static bool lookup_user(const char *optarg, uid_t *uid)
if (!buf)
return false;
if (sscanf(optarg, "%u", uid) < 1) {
if (sscanf(oparg, "%u", uid) < 1) {
/* not a uid -- perhaps a username */
if (sscanf(optarg, "%s", name) < 1) {
if (sscanf(oparg, "%s", name) < 1) {
free(buf);
return false;
}
......@@ -431,24 +431,24 @@ int main(int argc, char *argv[])
if (lxc_list_len(&ifnames) > 0) {
struct lxc_list *iterator;
char* ifname;
pid_t pid;
pid_t lpid;
lxc_list_for_each(iterator, &ifnames) {
ifname = iterator->elem;
if (!ifname)
continue;
pid = fork();
if (pid < 0) {
lpid = fork();
if (lpid < 0) {
SYSERROR("Failed to move network device \"%s\" to network namespace",
ifname);
continue;
}
if (pid == 0) {
if (lpid == 0) {
char buf[256];
ret = snprintf(buf, 256, "%d", pid);
ret = snprintf(buf, 256, "%d", lpid);
if (ret < 0 || ret >= 256)
_exit(EXIT_FAILURE);
......@@ -456,9 +456,9 @@ int main(int argc, char *argv[])
_exit(EXIT_FAILURE);
}
if (wait_for_pid(pid) != 0)
if (wait_for_pid(lpid) != 0)
SYSERROR("Could not move interface \"%s\" into container %d",
ifname, pid);
ifname, lpid);
}
free_ifname_list();
......
src/tests/Makefile.am
......@@ -48,7 +48,6 @@ AM_CFLAGS=-DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-DRUNTIME_PATH=\"$(RUNTIME_PATH)\" \
-I $(top_srcdir)/src \
-I $(top_srcdir)/src/lxc \
-I $(top_srcdir)/src/lxc/bdev \
-I $(top_srcdir)/src/lxc/cgroups \
-I $(top_srcdir)/src/lxc/tools \
-pthread
......
src/tests/share_ns.c
......@@ -269,8 +269,6 @@ int main(int argc, char *argv[])
lxc_debug("Starting namespace sharing test iteration %d\n", j);
for (i = 0; i < 10; i++) {
int ret;
args[i].thread_id = i;
args[i].success = false;
args[i].init_pid = init_pid;
......@@ -283,8 +281,6 @@ int main(int argc, char *argv[])
}
for (i = 0; i < 10; i++) {
int ret;
ret = pthread_join(threads[i], NULL);
if (ret != 0)
goto on_error_stop;
......
src/tests/state_server.c
......@@ -38,7 +38,7 @@ struct thread_args {
struct lxc_container *c;
};
void *state_wrapper(void *data)
static void *state_wrapper(void *data)
{
struct thread_args *args = data;
......@@ -108,8 +108,6 @@ int main(int argc, char *argv[])
sleep(5);
for (i = 0; i < 10; i++) {
int ret;
args[i].thread_id = i;
args[i].c = c;
args[i].timeout = -1;
......@@ -123,8 +121,6 @@ int main(int argc, char *argv[])
}
for (i = 0; i < 10; i++) {
int ret;
ret = pthread_join(threads[i], NULL);
if (ret != 0)
goto on_error_stop;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment