From: Daniel Golle <daniel@makrotopia.org>
Date: Wed, 25 Nov 2020 20:00:10 +0000 (+0000)
Subject: jail: fix segfault on missing name and refactor
X-Git-Url: http://git.openwrt.org/?a=commitdiff_plain;h=7e0145375201bbd9b49d65ed2ba7d736156ce7c5;p=project%2Fprocd.git

jail: fix segfault on missing name and refactor

Move check for named jail up to main() function, and also add that
condition in case an OCI container is loaded as that would segfault
in case no name was given.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---

diff --git a/jail/jail.c b/jail/jail.c
index cf35c6f..f888848 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1880,7 +1880,7 @@ static int parseOCIuidgidmappings(struct blob_attr *msg, bool is_gidmap)
 	}
 
 	/* allocate combined mapping string */
-	map = calloc(1 + totallen, sizeof(char));
+	map = malloc(1 + totallen);
 	if (!map)
 		return ENOMEM;
 
@@ -2574,6 +2574,11 @@ int main(int argc, char **argv)
 		char *jsonfile;
 		int ocires;
 
+		if (!opts.name) {
+			ERROR("OCI bundle needs a named jail\n");
+			ret=-1;
+			goto errout;
+		}
 		asprintf(&jsonfile, "%s/config.json", opts.ocibundle);
 		ocires = parseOCI(jsonfile);
 		free(jsonfile);
@@ -2584,6 +2589,15 @@ int main(int argc, char **argv)
 		}
 	}
 
+	if (opts.namespace & CLONE_NEWNET) {
+		if (!opts.name) {
+			ERROR("netns needs a named jail\n");
+			ret=-1;
+			goto errout;
+		}
+	}
+
+
 	if (opts.tmpoverlaysize && strlen(opts.tmpoverlaysize) > 8) {
 		ERROR("size parameter too long: \"%s\"\n", opts.tmpoverlaysize);
 		ret=-1;
@@ -2827,13 +2841,10 @@ static void post_main(struct uloop_timeout *t)
 		}
 
 		if (opts.namespace & CLONE_NEWNET) {
-			if (!opts.name) {
-				ERROR("netns needs a named jail\n");
-				free_and_exit(-1);
-			}
 			netns_fd = ns_open_pid("net", jail_process.pid);
 			netns_updown(jail_process.pid, true);
 		}
+
 		if (jail_writepid(jail_process.pid)) {
 			ERROR("failed to write pidfile: %m\n");
 			free_and_exit(-1);