conf: safely retrieve path of slave device

openpty() is a horrible function that uses strcpy() into the char *name argument if name != NULL. We can't rely on the path being sane in all cases so let's split out the name retrieval to ttyname_r(). Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: safely retrieve path of slave device
77a39805 · Christian Brauner · 615f24ff · 77a39805
Unverified Commit 77a39805 authored Jul 04, 2018 by Christian Brauner
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 3 deletions

conf.c src/lxc/conf.c +10 -3

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -971,15 +971,22 @@ int lxc_allocate_ttys(struct lxc_conf *conf)

 		tty->master = -EBADF;
 		tty->slave = -EBADF;
-		ret = openpty(&tty->master, &tty->slave,
-			      tty->name, NULL, NULL);
-		if (ret) {
+		ret = openpty(&tty->master, &tty->slave, NULL, NULL, NULL);
+		if (ret < 0) {
 			SYSERROR("Failed to create tty %d", i);
 			ttys->max = i;
 			lxc_delete_tty(ttys);
 			return -ENOTTY;
 		}

+		ret = ttyname_r(tty->slave, tty->name, sizeof(tty->name));
+		if (ret < 0) {
+			SYSERROR("Failed to retrieve name of tty %d slave", i);
+			ttys->max = i;
+			lxc_delete_tty(ttys);
+			return -ENOTTY;
+		}
+
 		DEBUG("Created tty \"%s\" with master fd %d and slave fd %d",
 		      tty->name, tty->master, tty->slave);