[lxc-devel] [lxd/master] Bugfixes
stgraber on Github
lxc-bot at linuxcontainers.org
Tue Feb 28 06:02:13 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170228/f28882f0/attachment.bin>
-------------- next part --------------
From 784ff280bc02fb75ef694612bd1a146e417aacd6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 27 Feb 2017 23:48:05 -0500
Subject: [PATCH 1/2] Properly validate architectures
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #2971
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/container.go | 4 ++++
lxd/containers_post.go | 33 +++++++++++++++++++--------------
2 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/lxd/container.go b/lxd/container.go
index 96257cc..bf8d297 100644
--- a/lxd/container.go
+++ b/lxd/container.go
@@ -703,6 +703,10 @@ func containerCreateInternal(d *Daemon, args containerArgs) (container, error) {
return nil, err
}
+ if !shared.IntInSlice(args.Architecture, d.architectures) {
+ return nil, fmt.Errorf("Requested architecture isn't supported by this host")
+ }
+
// Validate profiles
profiles, err := dbProfiles(d.db)
if err != nil {
diff --git a/lxd/containers_post.go b/lxd/containers_post.go
index 7042634..1843b86 100644
--- a/lxd/containers_post.go
+++ b/lxd/containers_post.go
@@ -113,11 +113,10 @@ func createFromImage(d *Daemon, req *api.ContainersPost) Response {
hash = imgInfo.Fingerprint
- architecture, err := osarch.ArchitectureId(imgInfo.Architecture)
+ args.Architecture, err = osarch.ArchitectureId(imgInfo.Architecture)
if err != nil {
- architecture = 0
+ return err
}
- args.Architecture = architecture
_, err = containerCreateFromImage(d, args, hash)
return err
@@ -135,19 +134,25 @@ func createFromImage(d *Daemon, req *api.ContainersPost) Response {
}
func createFromNone(d *Daemon, req *api.ContainersPost) Response {
- architecture, err := osarch.ArchitectureId(req.Architecture)
- if err != nil {
- architecture = 0
+ args := containerArgs{
+ Config: req.Config,
+ Ctype: cTypeRegular,
+ Devices: req.Devices,
+ Ephemeral: req.Ephemeral,
+ Name: req.Name,
+ Profiles: req.Profiles,
}
- args := containerArgs{
- Architecture: architecture,
- Config: req.Config,
- Ctype: cTypeRegular,
- Devices: req.Devices,
- Ephemeral: req.Ephemeral,
- Name: req.Name,
- Profiles: req.Profiles,
+ if req.Architecture != "" {
+ architecture, err := osarch.ArchitectureId(req.Architecture)
+ if err != nil {
+ return InternalError(err)
+ }
+ args.Architecture = architecture
+ }
+
+ if !shared.IntInSlice(args.Architecture, d.architectures) {
+ return BadRequest(fmt.Errorf("Image architecture unsupported by this host"))
}
run := func(op *operation) error {
From a88a65e896b7a0d7b9194519c0f3309a37bd814c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 28 Feb 2017 00:21:40 -0500
Subject: [PATCH 2/2] Detect and fail to transfer symlinks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #2970
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
client.go | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/client.go b/client.go
index bd911a7..bc4ce80 100644
--- a/client.go
+++ b/client.go
@@ -1864,7 +1864,12 @@ func (c *Client) RecursivePushFile(container string, source string, target strin
sendFile := func(p string, fInfo os.FileInfo, err error) error {
if err != nil {
- return fmt.Errorf("got error sending path %s: %s", p, err)
+ return fmt.Errorf("Failed to walk path for %s: %s", p, err)
+ }
+
+ // Detect symlinks
+ if !fInfo.Mode().IsRegular() && !fInfo.Mode().IsDir() {
+ return fmt.Errorf("'%s' isn't a regular file or directory.", p)
}
appendLen := len(sourceDir)
More information about the lxc-devel
mailing list