[lxc-devel] [PATCH] fix segfault in capabilities drop code

[Sven Wegener]

the capabilities list contains a terminating NULL entry and looping over
all entries by index results in a segfault on the last entry, if the
capability in the config is invalid. switch to looping by pointer like
the mount option code does.

Signed-off-by: Sven Wegener <sven.wegener at stealer.net>
---
 src/lxc/conf.c |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 177f562..670336f 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -839,8 +839,9 @@ static int setup_mount_entries(struct lxc_list *mount)
 static int setup_caps(struct lxc_list *caps)
 {
 	struct lxc_list *iterator;
+	struct caps_opt *co;
 	char *drop_entry;
-	int i, capid;
+	int capid;
 
 	lxc_list_for_each(iterator, caps) {
 
@@ -848,12 +849,11 @@ static int setup_caps(struct lxc_list *caps)
 
 		capid = -1;
 
-		for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
-
-			if (strcmp(drop_entry, caps_opt[i].name))
+		for (co = &caps_opt[0]; co->name != NULL; co++) {
+			if (strcmp(drop_entry, co->name))
 				continue;
 
-			capid = caps_opt[i].value;
+			capid = co->value;
 			break;
 		}
 
-- 
1.6.6