[lxc-devel] [PATCH] fix segfault in capabilities drop code
Sven Wegener
sven.wegener at stealer.net
Fri Jan 22 22:48:51 UTC 2010
the capabilities list contains a terminating NULL entry and looping over
all entries by index results in a segfault on the last entry, if the
capability in the config is invalid. switch to looping by pointer like
the mount option code does.
Signed-off-by: Sven Wegener <sven.wegener at stealer.net>
---
src/lxc/conf.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 177f562..670336f 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -839,8 +839,9 @@ static int setup_mount_entries(struct lxc_list *mount)
static int setup_caps(struct lxc_list *caps)
{
struct lxc_list *iterator;
+ struct caps_opt *co;
char *drop_entry;
- int i, capid;
+ int capid;
lxc_list_for_each(iterator, caps) {
@@ -848,12 +849,11 @@ static int setup_caps(struct lxc_list *caps)
capid = -1;
- for (i = 0; i < sizeof(caps_opt)/sizeof(caps_opt[0]); i++) {
-
- if (strcmp(drop_entry, caps_opt[i].name))
+ for (co = &caps_opt[0]; co->name != NULL; co++) {
+ if (strcmp(drop_entry, co->name))
continue;
- capid = caps_opt[i].value;
+ capid = co->value;
break;
}
--
1.6.6
More information about the lxc-devel
mailing list