[lxc-devel] [PATCH] coverity: Do chdir following chroot
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Feb 13 16:56:49 UTC 2014
Quoting Stéphane Graber (stgraber at ubuntu.com):
> We used to do chdir(path), chroot(path). That's correct but not properly
> handled coverity, so do chroot(path), chdir("/") instead as that's the
> recommended way.
>
> Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> src/lxc/conf.c | 8 ++++----
> src/lxc/lxccontainer.c | 4 ++--
> 2 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index 8eccd36..6fa3db9 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -1516,14 +1516,14 @@ static int chroot_into_slave(struct lxc_conf *conf)
> SYSERROR("Failed to make tmp-/ at %s rslave", path);
> return -1;
> }
> - if (chdir(path)) {
> - SYSERROR("Failed to chdir into tmp-/");
> - return -1;
> - }
> if (chroot(path)) {
> SYSERROR("Failed to chroot into tmp-/");
> return -1;
> }
> + if (chdir("/")) {
> + SYSERROR("Failed to chdir into tmp-/");
> + return -1;
> + }
> INFO("Chrooted into tmp-/ at %s", path);
> return 0;
> }
> diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
> index a25c196..44e796c 100644
> --- a/src/lxc/lxccontainer.c
> +++ b/src/lxc/lxccontainer.c
> @@ -3142,9 +3142,9 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add,
> if (ret < 0 || ret >= MAXPATHLEN)
> return false;
>
> - if (chdir(chrootpath) < 0)
> + if (chroot(chrootpath) < 0)
> exit(1);
> - if (chroot(".") < 0)
> + if (chdir("/") < 0)
> exit(1);
> /* remove path if it exists */
> if(faccessat(AT_FDCWD, path, F_OK, AT_SYMLINK_NOFOLLOW) == 0) {
> --
> 1.9.rc1
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list