[lxc-devel] [lxc/master] compiler: compiler based hardening
brauner on Github
lxc-bot at linuxcontainers.org
Sun Sep 23 11:21:35 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180923/9bc0bb5d/attachment.bin>
-------------- next part --------------
From 4ca5257be9882cc950e51dd89141ad1417f58535 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 23 Sep 2018 13:13:46 +0200
Subject: [PATCH 1/3] autotools: support -Wformat=2 -Wformat-security
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 1 +
src/lxc/criu.c | 34 +++++++++++++++++-----------------
src/lxc/storage/lvm.c | 2 +-
src/lxc/string_utils.c | 6 +++---
4 files changed, 22 insertions(+), 21 deletions(-)
diff --git a/configure.ac b/configure.ac
index 33fdfcbed..1398e0fd1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -685,6 +685,7 @@ LXC_CHECK_TLS
AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-color"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-implicit-fallthrough], [CFLAGS="$CFLAGS -Wimplicit-fallthrough"],,[-Werror])
+AX_CHECK_COMPILE_FLAG([-Wformat=2 -Wformat-security], [CFLAGS="$CFLAGS -Wformat=2 -Wformat-security"],,[-Werror])
CFLAGS="$CFLAGS -Wvla -std=gnu11"
if test "x$enable_werror" = "xyes"; then
diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index ffcb1bb0f..37cb0e362 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -384,7 +384,7 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct criu_opts *opts)
goto err;
while (getmntent_r(mnts, &mntent, buf, sizeof(buf))) {
- char *fmt, *key, *val, *mntdata;
+ char *mntdata;
char arg[2 * PATH_MAX + 2];
unsigned long flags;
@@ -398,17 +398,12 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct criu_opts *opts)
continue;
if (strcmp(opts->action, "dump") == 0) {
- fmt = "/%s:%s";
- key = mntent.mnt_dir;
- val = mntent.mnt_dir;
+ ret = snprintf(arg, sizeof(arg), "/%s:%s", mntent.mnt_dir, mntent.mnt_dir);
} else {
- fmt = "%s:%s";
- key = mntent.mnt_dir;
- val = mntent.mnt_fsname;
+ ret = snprintf(arg, sizeof(arg), "%s:%s", mntent.mnt_dir, mntent.mnt_fsname);
}
- ret = snprintf(arg, sizeof(arg), fmt, key, val);
- if (ret < 0 || ret >= sizeof(arg)) {
+ if (ret < 0 || (size_t)ret >= sizeof(arg)) {
fclose(mnts);
ERROR("snprintf failed");
goto err;
@@ -575,18 +570,23 @@ static void exec_criu(struct cgroup_ops *cgroup_ops, struct criu_opts *opts)
if (n->link[0] != '\0') {
if (external_not_veth)
- fmt = "veth[%s]:%s@%s";
+ ret = snprintf(buf, sizeof(buf),
+ "veth[%s]:%s@%s",
+ eth, veth,
+ n->link);
else
- fmt = "%s=%s@%s";
-
- ret = snprintf(buf, sizeof(buf), fmt, eth, veth, n->link);
+ ret = snprintf(buf, sizeof(buf),
+ "%s=%s@%s", eth,
+ veth, n->link);
} else {
if (external_not_veth)
- fmt = "veth[%s]:%s";
+ ret = snprintf(buf, sizeof(buf),
+ "veth[%s]:%s",
+ eth, veth);
else
- fmt = "%s=%s";
-
- ret = snprintf(buf, sizeof(buf), fmt, eth, veth);
+ ret = snprintf(buf, sizeof(buf),
+ "%s=%s", eth,
+ veth);
}
if (ret < 0 || ret >= sizeof(buf))
goto err;
diff --git a/src/lxc/storage/lvm.c b/src/lxc/storage/lvm.c
index 2d4f12d7a..2b0c02972 100644
--- a/src/lxc/storage/lvm.c
+++ b/src/lxc/storage/lvm.c
@@ -270,7 +270,7 @@ int lvm_compare_lv_attr(const char *path, int pos, const char expected)
char *cmd;
char output[12];
int start = 0;
- const char *lvscmd = "lvs --unbuffered --noheadings -o lv_attr %s 2>/dev/null";
+ const char lvscmd[] = "lvs --unbuffered --noheadings -o lv_attr %s 2>/dev/null";
len = strlen(lvscmd) + strlen(path) + 1;
cmd = alloca(len);
diff --git a/src/lxc/string_utils.c b/src/lxc/string_utils.c
index fb5cb54e7..dcce044ff 100644
--- a/src/lxc/string_utils.c
+++ b/src/lxc/string_utils.c
@@ -295,19 +295,19 @@ char *lxc_append_paths(const char *first, const char *second)
int ret;
size_t len;
char *result = NULL;
- const char *pattern = "%s%s";
+ bool needs_slash = false;
len = strlen(first) + strlen(second) + 1;
if (second[0] != '/') {
len += 1;
- pattern = "%s/%s";
+ needs_slash = true;
}
result = calloc(1, len);
if (!result)
return NULL;
- ret = snprintf(result, len, pattern, first, second);
+ ret = snprintf(result, len, needs_slash ? "%s/%s" : "%s%s", first, second);
if (ret < 0 || (size_t)ret >= len) {
free(result);
return NULL;
From f91e49540315427ab53622ce486bf738075546dd Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 23 Sep 2018 13:16:52 +0200
Subject: [PATCH 2/3] autotools: support -Wcast-align
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 1 +
1 file changed, 1 insertion(+)
diff --git a/configure.ac b/configure.ac
index 1398e0fd1..fe8ab646f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -686,6 +686,7 @@ LXC_CHECK_TLS
AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-color"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-implicit-fallthrough], [CFLAGS="$CFLAGS -Wimplicit-fallthrough"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wformat=2 -Wformat-security], [CFLAGS="$CFLAGS -Wformat=2 -Wformat-security"],,[-Werror])
+AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror])
CFLAGS="$CFLAGS -Wvla -std=gnu11"
if test "x$enable_werror" = "xyes"; then
From 154aa8fa8698437a85c4db8021a3558008114d15 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 23 Sep 2018 13:19:55 +0200
Subject: [PATCH 3/3] autotools: support -Wstrict-prototypes
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 1 +
1 file changed, 1 insertion(+)
diff --git a/configure.ac b/configure.ac
index fe8ab646f..038fd6d34 100644
--- a/configure.ac
+++ b/configure.ac
@@ -687,6 +687,7 @@ AX_CHECK_COMPILE_FLAG([-fdiagnostics-color], [CFLAGS="$CFLAGS -fdiagnostics-colo
AX_CHECK_COMPILE_FLAG([-implicit-fallthrough], [CFLAGS="$CFLAGS -Wimplicit-fallthrough"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wformat=2 -Wformat-security], [CFLAGS="$CFLAGS -Wformat=2 -Wformat-security"],,[-Werror])
AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror])
+AX_CHECK_COMPILE_FLAG([-Wstrict-prototypes], [CFLAGS="$CFLAGS -Wstrict-prototypes"],,[-Werror])
CFLAGS="$CFLAGS -Wvla -std=gnu11"
if test "x$enable_werror" = "xyes"; then
More information about the lxc-devel
mailing list