Skip to content

L
lxc
Unverified Commit 6f8d00d2 by Christian Brauner
Options

conf: use malloc() in run_script_argv()

It seems dangerous to use alloca() as the arguments can be of indeterminate length and we might blow up the stack. Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
parent 327cce76
Showing with 20 additions and 12 deletions
src/lxc/conf.c
...@@ -358,6 +358,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -358,6 +358,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
{ {
int buf_pos, i, ret; int buf_pos, i, ret;
char *buffer; char *buffer;
int fret = -1;
size_t size = 0; size_t size = 0;
if (hook_version == 0) if (hook_version == 0)
...@@ -390,14 +391,17 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -390,14 +391,17 @@ int run_script_argv(const char *name, unsigned int hook_version,
return -EFBIG; return -EFBIG;
} }
buffer = alloca(size); buffer = malloc(size);
if (!buffer)
return -ENOMEM;
if (hook_version == 0) if (hook_version == 0)
buf_pos = snprintf(buffer, size, "exec %s %s %s %s", script, name, section, hookname); buf_pos = snprintf(buffer, size, "exec %s %s %s %s", script, name, section, hookname);
else else
buf_pos = snprintf(buffer, size, "exec %s", script); buf_pos = snprintf(buffer, size, "exec %s", script);
if (buf_pos < 0 || (size_t)buf_pos >= size) { if (buf_pos < 0 || (size_t)buf_pos >= size) {
ERROR("Failed to create command line for script \"%s\"", script); ERROR("Failed to create command line for script \"%s\"", script);
return -1; goto on_error;
} }
if (hook_version == 1) { if (hook_version == 1) {
...@@ -405,7 +409,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -405,7 +409,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment variable: " SYSERROR("Failed to set environment variable: "
"LXC_HOOK_TYPE=%s", hookname); "LXC_HOOK_TYPE=%s", hookname);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_HOOK_TYPE=%s", hookname); TRACE("Set environment variable: LXC_HOOK_TYPE=%s", hookname);
...@@ -413,7 +417,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -413,7 +417,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment variable: " SYSERROR("Failed to set environment variable: "
"LXC_HOOK_SECTION=%s", section); "LXC_HOOK_SECTION=%s", section);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_HOOK_SECTION=%s", section); TRACE("Set environment variable: LXC_HOOK_SECTION=%s", section);
...@@ -421,13 +425,13 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -421,13 +425,13 @@ int run_script_argv(const char *name, unsigned int hook_version,
char *parent; char *parent;
if (!argsin[0]) if (!argsin[0])
return -EINVAL; goto on_error;
ret = setenv("LXC_NET_TYPE", argsin[0], 1); ret = setenv("LXC_NET_TYPE", argsin[0], 1);
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment variable: " SYSERROR("Failed to set environment variable: "
"LXC_NET_TYPE=%s", argsin[0]); "LXC_NET_TYPE=%s", argsin[0]);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_NET_TYPE=%s", argsin[0]); TRACE("Set environment variable: LXC_NET_TYPE=%s", argsin[0]);
...@@ -438,7 +442,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -438,7 +442,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment " SYSERROR("Failed to set environment "
"variable: LXC_NET_PARENT=%s", parent); "variable: LXC_NET_PARENT=%s", parent);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); TRACE("Set environment variable: LXC_NET_PARENT=%s", parent);
} else if (strcmp(argsin[0], "phys")) { } else if (strcmp(argsin[0], "phys")) {
...@@ -446,7 +450,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -446,7 +450,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment " SYSERROR("Failed to set environment "
"variable: LXC_NET_PARENT=%s", parent); "variable: LXC_NET_PARENT=%s", parent);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); TRACE("Set environment variable: LXC_NET_PARENT=%s", parent);
} else if (strcmp(argsin[0], "veth")) { } else if (strcmp(argsin[0], "veth")) {
...@@ -456,7 +460,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -456,7 +460,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment " SYSERROR("Failed to set environment "
"variable: LXC_NET_PEER=%s", peer); "variable: LXC_NET_PEER=%s", peer);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_NET_PEER=%s", peer); TRACE("Set environment variable: LXC_NET_PEER=%s", peer);
...@@ -464,7 +468,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -464,7 +468,7 @@ int run_script_argv(const char *name, unsigned int hook_version,
if (ret < 0) { if (ret < 0) {
SYSERROR("Failed to set environment " SYSERROR("Failed to set environment "
"variable: LXC_NET_PARENT=%s", parent); "variable: LXC_NET_PARENT=%s", parent);
return -1; goto on_error;
} }
TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); TRACE("Set environment variable: LXC_NET_PARENT=%s", parent);
} }
...@@ -477,12 +481,16 @@ int run_script_argv(const char *name, unsigned int hook_version, ...@@ -477,12 +481,16 @@ int run_script_argv(const char *name, unsigned int hook_version,
ret = snprintf(buffer + buf_pos, len, " %s", argsin[i]); ret = snprintf(buffer + buf_pos, len, " %s", argsin[i]);
if (ret < 0 || (size_t)ret >= len) { if (ret < 0 || (size_t)ret >= len) {
ERROR("Failed to create command line for script \"%s\"", script); ERROR("Failed to create command line for script \"%s\"", script);
return -1; goto on_error;
} }
buf_pos += ret; buf_pos += ret;
} }
return run_buffer(buffer); fret = run_buffer(buffer);
on_error:
free(buffer);
return fret;
} }
int run_script(const char *name, const char *section, const char *script, ...) int run_script(const char *name, const char *section, const char *script, ...)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment