confile: sanity-check netdev->type before setting netdev->priv elements

The netdev->priv is shared for the netdev types. A bad config file could mix configuration for different types, resulting in a bad netdev->priv when starting or even destroying a container. So sanity check the netdev->type before setting a netdev->priv element. This should fix https://github.com/lxc/lxc/issues/254Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>

confile: sanity-check netdev->type before setting netdev->priv elements
c5316d60 · Serge Hallyn · Stéphane Graber · acf9f89e · c5316d60
Commit c5316d60 authored Jul 14, 2014 by Serge Hallyn Committed by Stéphane Graber Jul 14, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

confile.c src/lxc/confile.c +12 -0

No files found.
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -595,6 +595,10 @@ static int config_network_veth_pair(const char *key, const char *value,
 	if (!netdev)
 		return -1;
+	if (netdev->type != LXC_NET_VETH) {
+		ERROR("Invalid veth pair for a non-veth netdev")
+		return -1;
+	}
 	return network_ifname(&netdev->priv.veth_attr.pair, value);
 }
@@ -607,6 +611,10 @@ static int config_network_macvlan_mode(const char *key, const char *value,
 	if (!netdev)
 		return -1;
+	if (netdev->type != LXC_NET_MACVLAN) {
+		ERROR("Invalid macvlan.mode for a non-macvlan netdev")
+		return -1;
+	}
 	return macvlan_mode(&netdev->priv.macvlan_attr.mode, value);
 }
@@ -647,6 +655,10 @@ static int config_network_vlan_id(const char *key, const char *value,
 	if (!netdev)
 		return -1;
+	if (netdev->type != LXC_NET_VLAN) {
+		ERROR("Invalid vlan.id for a non-macvlan netdev")
+		return -1;
+	}
 	if (get_u16(&netdev->priv.vlan_attr.vid, value, 0))
 		return -1;