[lxc-devel] [lxc/master] coverity: bug smash
brauner on Github
lxc-bot at linuxcontainers.org
Thu Feb 8 23:26:38 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180208/51e85352/attachment.bin>
-------------- next part --------------
From bd01b7d552bdf20706dd01bc64cc3a55c7defe86 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 15:31:59 +0100
Subject: [PATCH 1/7] coverity: #1429139
Resource leak
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/cgroups/cgfsng.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 53963d1bb..de98080c6 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1143,6 +1143,7 @@ static bool cg_hybrid_init(void)
f = fopen("/proc/self/mountinfo", "r");
if (!f) {
CGFSNG_DEBUG("Failed to open \"/proc/self/mountinfo\"\n");
+ free(basecginfo);
return false;
}
From fa456191d07b60109e625e6ce1984d6ff6f5cbb3 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 15:42:16 +0100
Subject: [PATCH 2/7] coverity: #1426734
Argument cannot be negative
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/monitor.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/lxc/monitor.c b/src/lxc/monitor.c
index 644d2a52f..09fb14d42 100644
--- a/src/lxc/monitor.c
+++ b/src/lxc/monitor.c
@@ -239,7 +239,6 @@ int lxc_monitor_open(const char *lxcpath)
if (fd < 0) {
ERROR("Failed to connect to monitor socket: %s.", strerror(errno));
- close(fd);
return -1;
}
From d3ceb1fc8a57c90d3db2cce0e4cace690a79cb02 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 15:47:32 +0100
Subject: [PATCH 3/7] coverity: #1426126
Unchecked return value
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/start.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index 1cbfcae35..d0d3f52b9 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1657,7 +1657,10 @@ static int lxc_spawn(struct lxc_handler *handler)
DEBUG("Preserved cgroup namespace via fd %d", ret);
}
- snprintf(pidstr, 20, "%d", handler->pid);
+ ret = snprintf(pidstr, 20, "%d", handler->pid);
+ if (ret < 0 || ret > = 20)
+ goto out_delete_net;
+
if (setenv("LXC_PID", pidstr, 1))
SYSERROR("Failed to set environment variable: LXC_PID=%s.", pidstr);
From 8130ee8229b38e3b8eb7352ad062e3c1ffcc66f4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 15:48:15 +0100
Subject: [PATCH 4/7] start: use goto instead of simple return
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/start.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index d0d3f52b9..eb97128df 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1667,7 +1667,7 @@ static int lxc_spawn(struct lxc_handler *handler)
/* Run any host-side start hooks */
if (run_lxc_hooks(name, "start-host", conf, NULL)) {
ERROR("Failed to run lxc.hook.start-host for container \"%s\".", name);
- return -1;
+ goto out_delete_net;
}
/* Tell the child to complete its initialization and wait for it to exec
@@ -1677,7 +1677,7 @@ static int lxc_spawn(struct lxc_handler *handler)
* value, causing us to error out).
*/
if (lxc_sync_barrier_child(handler, LXC_SYNC_READY_START))
- return -1;
+ goto out_delete_net;
if (lxc_network_recv_name_and_ifindex_from_child(handler) < 0) {
ERROR("Failed to receive names and ifindices for network "
From 7f4ff80e79947f61450da6658ec5e572154e3fee Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 15:57:02 +0100
Subject: [PATCH 5/7] lxccontainer: satisfy coverity
The container name can't be NULL so don't give coverity the impression that it
could be.
Silences coverity #1426123.
Silences coverity #1426124.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/lxccontainer.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 465d27fb8..f0191c177 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -2727,7 +2727,7 @@ static bool container_destroy(struct lxc_container *c,
if (conf && !lxc_list_empty(&conf->hooks[LXCHOOK_DESTROY])) {
/* Start of environment variable setup for hooks */
- if (c->name && setenv("LXC_NAME", c->name, 1))
+ if (setenv("LXC_NAME", c->name, 1))
SYSERROR("Failed to set environment variable for container name");
if (conf->rcfile && setenv("LXC_CONFIG_FILE", conf->rcfile, 1))
@@ -3425,7 +3425,7 @@ static int clone_update_rootfs(struct clone_update_data *data)
if (c0->name && setenv("LXC_SRC_NAME", c0->name, 1)) {
SYSERROR("failed to set environment variable for source container name");
}
- if (c->name && setenv("LXC_NAME", c->name, 1)) {
+ if (setenv("LXC_NAME", c->name, 1)) {
SYSERROR("failed to set environment variable for container name");
}
if (conf->rcfile && setenv("LXC_CONFIG_FILE", conf->rcfile, 1)) {
From a249be9b69ddda30ce640c498035c755a2d14139 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 16:04:03 +0100
Subject: [PATCH 6/7] coverity: #1426083
Dereference after null check
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/tests/share_ns.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tests/share_ns.c b/src/tests/share_ns.c
index 70a755946..d65aef85a 100644
--- a/src/tests/share_ns.c
+++ b/src/tests/share_ns.c
@@ -56,7 +56,7 @@ void *ns_sharing_wrapper(void *data)
c = lxc_container_new(name, NULL);
if (!c) {
lxc_error("Failed to create container \"%s\"\n", name);
- goto out;
+ return NULL;
}
if (c->is_defined(c)) {
From 4d610513f94c7322f1446ba8fecaf931773148b7 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 8 Feb 2018 16:06:31 +0100
Subject: [PATCH 7/7] coverity: #1425971
Dereference after null check
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/cgroups/cgfs.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c
index 89aec91f7..a2630efa4 100644
--- a/src/lxc/cgroups/cgfs.c
+++ b/src/lxc/cgroups/cgfs.c
@@ -523,6 +523,8 @@ static bool find_hierarchy_mountpts( struct cgroup_meta_data *meta_data, char **
}
}
lxc_free_array((void **)subsystems, free);
+ if (!h)
+ goto out;
r = lxc_grow_array((void ***)&meta_data->mount_points, &mount_point_capacity, mount_point_count + 1, 12);
if (r < 0)
More information about the lxc-devel
mailing list