main/lxc/fix-multislash.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

Description: fix mount target mismatches due to multiple slashes
 The patch to fix symlink tocttou's in mount entries at container start
 notices that target and actual mount point don't match.
 We introduce a // when the user specifies an absolute mount target, but
 rather than fix that, check for all '//' since user may have them in
 their container configuration, and we don't want to break configs which
 worked before.
Author: Serge Hallyn <serge.hallyn@ubuntu.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1476662
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1501310

Index: lxc-1.0.7/src/lxc/utils.c
===================================================================
--- lxc-1.0.7.orig/src/lxc/utils.c
+++ lxc-1.0.7/src/lxc/utils.c
@@ -1335,6 +1335,17 @@ static char *next_word(char *ws) {
 	return ws;
 }
 
+/* copy src to dest, collapsing multiple '/' into one */
+static void copy_cleanedup(char *dest, const char *src)
+{
+	while (*src) {
+		while (*src == '/' && *(src+1) == '/')
+			src++;
+		*(dest++) = *(src++);
+	}
+	*dest = '\0';
+}
+
 /*
  * This is only used during container startup.  So we know we won't race
  * with anyone else mounting.  Check the last line in /proc/self/mountinfo
@@ -1343,7 +1354,7 @@ static char *next_word(char *ws) {
 static bool ensure_not_symlink(const char *target, const char *croot)
 {
 	FILE *f = fopen("/proc/self/mountinfo", "r");
-	char *line = NULL, *ws = NULL, *we = NULL;
+	char *line = NULL, *ws = NULL, *we = NULL, *tgtcopy;
 	size_t len = 0, i;
 	bool ret = false;
 
@@ -1373,14 +1384,17 @@ static bool ensure_not_symlink(const cha
 		goto out;
 	*we = '\0';
 
+	tgtcopy = alloca(strlen(target) + 1);
+	copy_cleanedup(tgtcopy, target);
 	/* now make sure that ws starts with croot and ends with rest of target */
 	if (croot && strncmp(ws, croot, strlen(croot)) != 0) {
-		ERROR("Mount onto %s resulted in %s\n", target, ws);
+		ERROR("Mount onto %s resulted in %s, does not match root %s\n",
+			target, ws, croot);
 		goto out;
 	}
 
 	size_t start = croot ? strlen(croot) : 0;
-	if (strcmp(ws + start, target + start) != 0) {
+	if (strcmp(ws + start, tgtcopy + start) != 0) {
 		ERROR("Mount onto %s resulted in %s\n", target, ws);
 		goto out;
 	}