From 7e0145375201bbd9b49d65ed2ba7d736156ce7c5 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Wed, 25 Nov 2020 20:00:10 +0000
Subject: [PATCH] jail: fix segfault on missing name and refactor

Move check for named jail up to main() function, and also add that
condition in case an OCI container is loaded as that would segfault
in case no name was given.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 jail/jail.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/jail/jail.c b/jail/jail.c
index cf35c6f..f888848 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1880,7 +1880,7 @@ static int parseOCIuidgidmappings(struct blob_attr *msg, bool is_gidmap)
 	}
 
 	/* allocate combined mapping string */
-	map = calloc(1 + totallen, sizeof(char));
+	map = malloc(1 + totallen);
 	if (!map)
 		return ENOMEM;
 
@@ -2574,6 +2574,11 @@ int main(int argc, char **argv)
 		char *jsonfile;
 		int ocires;
 
+		if (!opts.name) {
+			ERROR("OCI bundle needs a named jail\n");
+			ret=-1;
+			goto errout;
+		}
 		asprintf(&jsonfile, "%s/config.json", opts.ocibundle);
 		ocires = parseOCI(jsonfile);
 		free(jsonfile);
@@ -2584,6 +2589,15 @@ int main(int argc, char **argv)
 		}
 	}
 
+	if (opts.namespace & CLONE_NEWNET) {
+		if (!opts.name) {
+			ERROR("netns needs a named jail\n");
+			ret=-1;
+			goto errout;
+		}
+	}
+
+
 	if (opts.tmpoverlaysize && strlen(opts.tmpoverlaysize) > 8) {
 		ERROR("size parameter too long: \"%s\"\n", opts.tmpoverlaysize);
 		ret=-1;
@@ -2827,13 +2841,10 @@ static void post_main(struct uloop_timeout *t)
 		}
 
 		if (opts.namespace & CLONE_NEWNET) {
-			if (!opts.name) {
-				ERROR("netns needs a named jail\n");
-				free_and_exit(-1);
-			}
 			netns_fd = ns_open_pid("net", jail_process.pid);
 			netns_updown(jail_process.pid, true);
 		}
+
 		if (jail_writepid(jail_process.pid)) {
 			ERROR("failed to write pidfile: %m\n");
 			free_and_exit(-1);
-- 
2.30.2