[systemd-commits] 5 commits - src/import src/nspawn

Tom Gundersen tomegun at kemper.freedesktop.org
Mon May 25 14:07:33 PDT 2015 

 src/import/pull-dkr.c |    2 +-
 src/nspawn/nspawn.c   |   31 +++++++------------------------
 2 files changed, 8 insertions(+), 25 deletions(-)

New commits:
commit cc9fce65544117f9c5e02daed6fb445c10127e37
Author: Tom Gundersen <teg at jklm.no>
Date:   Mon May 25 23:01:45 2015 +0200

    nspawn: fix memleak
    
    This was a typo, swapping prefix_root() in place of prefix_roota().
    
    Fixes CID 1299640.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 3226752..23bb959 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1782,7 +1782,7 @@ static int setup_pts(const char *dest) {
                 return log_oom();
 
         /* Mount /dev/pts itself */
-        p = prefix_root(dest, "/dev/pts");
+        p = prefix_roota(dest, "/dev/pts");
         if (mkdir(p, 0755) < 0)
                 return log_error_errno(errno, "Failed to create /dev/pts: %m");
         if (mount("devpts", p, "devpts", MS_NOSUID|MS_NOEXEC, options) < 0)

commit 2371271c2acaeab31e232b6749f12aeac7c18348
Author: Tom Gundersen <teg at jklm.no>
Date:   Mon May 25 22:55:52 2015 +0200

    nspawn: avoid memleak
    
    Simplify the code a bit, at the cost of potentially duplicating some
    memory unneccessarily.
    
    Fixes CID 1299641.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 4e41990..3226752 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4065,7 +4065,7 @@ static int inner_child(
                 NULL
         };
 
-        char **env_use;
+        _cleanup_strv_free_ char **env_use = NULL;
         int r;
 
         assert(barrier);
@@ -4173,16 +4173,9 @@ static int inner_child(
                         return log_oom();
         }
 
-        if (!strv_isempty(arg_setenv)) {
-                char **n;
-
-                n = strv_env_merge(2, envp, arg_setenv);
-                if (!n)
-                        return log_oom();
-
-                env_use = n;
-        } else
-                env_use = (char**) envp;
+        env_use = strv_env_merge(2, envp, arg_setenv);
+        if (!env_use)
+                return log_oom();
 
         /* Let the parent know that we are ready and
          * wait until the parent is ready with the

commit 4b53a9d21b5d280e1c2e42f5bd29193754251c1e
Author: Tom Gundersen <teg at jklm.no>
Date:   Mon May 25 22:49:14 2015 +0200

    nspawn: drop some debugging code
    
    These have no effect.
    
    Fixes CID 1299643.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index a0eece6..4e41990 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -4307,34 +4307,24 @@ static int outer_child(
         if (mount(directory, directory, NULL, MS_BIND|MS_REC, NULL) < 0)
                 return log_error_errno(errno, "Failed to make bind mount: %m");
 
-        access("alive12", F_OK);
-
         r = setup_volatile(directory);
         if (r < 0)
                 return r;
 
-        access("alive3", F_OK);
-
         r = setup_volatile_state(directory);
         if (r < 0)
                 return r;
 
-        access("alive4", F_OK);
-
         r = base_filesystem_create(directory, arg_uid_shift, (gid_t) arg_uid_shift);
         if (r < 0)
                 return r;
 
-        access("alive5", F_OK);
-
         if (arg_read_only) {
                 r = bind_remount_recursive(directory, true);
                 if (r < 0)
                         return log_error_errno(r, "Failed to make tree read-only: %m");
         }
 
-        access("alive6", F_OK);
-
         r = mount_all(directory, false);
         if (r < 0)
                 return r;

commit 37591152d261ba980b8992de37ee940c9e5c5da0
Author: Tom Gundersen <teg at jklm.no>
Date:   Mon May 25 22:47:42 2015 +0200

    import: dkr - avoid NULL-pointer dereference
    
    A malformed manifest could in principle cause a NULL pointer dereference of. Check
    for this and fail early.
    
    Fixes CID 1299642.

diff --git a/src/import/pull-dkr.c b/src/import/pull-dkr.c
index 40aca78..d7476dc 100644
--- a/src/import/pull-dkr.c
+++ b/src/import/pull-dkr.c
@@ -864,7 +864,7 @@ static void dkr_pull_job_on_finished_v2(PullJob *j) {
                 }
 
                 e = json_variant_value(doc, "fsLayers");
-                if (!e || e->type != JSON_VARIANT_ARRAY) {
+                if (!e || e->type != JSON_VARIANT_ARRAY || e->size == 0) {
                         r = -EBADMSG;
                         goto finish;
                 }

commit f001a83522284bc85c1fdc352229e58316ce0e16
Author: Tom Gundersen <teg at jklm.no>
Date:   Mon May 25 22:27:14 2015 +0200

    nspawn: make coverity happy
    
    Rather than checking the return of asprintf() we are checking if buf gets allocated,
    make it clear that it is ok to ignore the return value.
    
    Fixes CID 1299644.

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 646edea..a0eece6 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1026,9 +1026,9 @@ static int tmpfs_patch_options(const char *options, char **ret) {
         if (arg_userns && arg_uid_shift != 0) {
 
                 if (options)
-                        asprintf(&buf, "%s,uid=" UID_FMT ",gid=" UID_FMT, options, arg_uid_shift, arg_uid_shift);
+                        (void) asprintf(&buf, "%s,uid=" UID_FMT ",gid=" UID_FMT, options, arg_uid_shift, arg_uid_shift);
                 else
-                        asprintf(&buf, "uid=" UID_FMT ",gid=" UID_FMT, arg_uid_shift, arg_uid_shift);
+                        (void) asprintf(&buf, "uid=" UID_FMT ",gid=" UID_FMT, arg_uid_shift, arg_uid_shift);
                 if (!buf)
                         return -ENOMEM;

More information about the systemd-commits mailing list