packages/iSulad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
iSulad/0126-2154-fix-code-bug.patch
openeuler-sync-bot bc22968026 !624 [sync] PR-623: upgrade from upstream 
* upgrade from upstream
2023-09-19 02:54:09 +00:00

1085 lines
35 KiB
Diff
Raw Permalink Blame History

From e904e2d75963262032ae5f78c83849b754427fa9 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Tue, 29 Aug 2023 12:37:07 +0000
Subject: [PATCH 126/145] !2154 fix code bug * fix code bug
---
src/daemon/common/events_format.c | 6 +-
src/daemon/common/selinux_label.c | 22 +-
src/daemon/common/selinux_label.h | 8 +-
src/daemon/common/sysinfo.c | 1 -
src/daemon/config/isulad_config.c | 280 ++++++++++--------
src/daemon/config/isulad_config.h | 62 ++--
src/daemon/executor/container_cb/execution.c | 4 +-
.../executor/container_cb/execution_create.c | 2 +-
.../executor/container_cb/execution_network.c | 9 +
.../executor/container_cb/execution_stream.h | 6 +-
src/daemon/executor/container_cb/list.c | 4 +-
src/daemon/executor/image_cb/image_cb.c | 18 +-
12 files changed, 235 insertions(+), 187 deletions(-)
diff --git a/src/daemon/common/events_format.c b/src/daemon/common/events_format.c
index e5ceab92..514b060e 100644
--- a/src/daemon/common/events_format.c
+++ b/src/daemon/common/events_format.c
@@ -83,7 +83,11 @@ struct isulad_events_format *dup_event(const struct isulad_events_format *event)
return NULL;
}
- event_copy(event, out);
+ if (event_copy(event, out) != 0) {
+ ERROR("Failed to copy event");
+ isulad_events_format_free(out);
+ return NULL;
+ }
return out;
}
diff --git a/src/daemon/common/selinux_label.c b/src/daemon/common/selinux_label.c
index d8bc1e08..7a295250 100644
--- a/src/daemon/common/selinux_label.c
+++ b/src/daemon/common/selinux_label.c
@@ -247,7 +247,7 @@ static int get_current_label(char **content)
return read_con(path, content);
}
-bool selinux_get_enable()
+bool selinux_get_enable(void)
{
bool enabled_set = false;
bool enabled = false;
@@ -295,7 +295,7 @@ bool selinux_get_enable()
}
// just disable selinux support for iSulad
-void selinux_set_disabled()
+void selinux_set_disabled(void)
{
(void)set_state_enable(false);
}
@@ -376,9 +376,10 @@ int selinux_state_init(void)
return 0;
}
-void selinux_state_free()
+void selinux_state_free(void)
{
do_selinux_state_free(g_selinux_state);
+ g_selinux_state = NULL;
}
/* MCS already exists */
@@ -987,6 +988,11 @@ int relabel(const char *path, const char *file_label, bool shared)
return 0;
}
+ if (path == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
tmp_file_label = util_strdup_s(file_label);
if (is_exclude_relabel_path(path)) {
ERROR("SELinux relabeling of %s is not allowed", path);
@@ -1060,6 +1066,11 @@ int dup_security_opt(const char *src, char ***dst, size_t *len)
return 0;
}
+ if (dst == NULL || len == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
context_t con = context_new(src);
if (con == NULL) {
ERROR("context new failed");
@@ -1108,6 +1119,11 @@ out:
int get_disable_security_opt(char ***labels, size_t *labels_len)
{
+ if (labels == NULL || labels_len == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (util_array_append(labels, "disable") != 0) {
ERROR("Failed to append label");
return -1;
diff --git a/src/daemon/common/selinux_label.h b/src/daemon/common/selinux_label.h
index 625e94c3..4a3c03d4 100644
--- a/src/daemon/common/selinux_label.h
+++ b/src/daemon/common/selinux_label.h
@@ -24,14 +24,14 @@ extern "C" {
#endif
int selinux_state_init(void);
-void selinux_set_disabled();
-bool selinux_get_enable();
-int init_label(const char **label_opts, size_t label_opts_len, char **process_label, char **mount_label);
+void selinux_set_disabled(void);
+bool selinux_get_enable(void);
+int init_label(const char **label_opts, size_t label_opts_len, char **dst_process_label, char **dst_mount_label);
int relabel(const char *path, const char *file_label, bool shared);
int get_disable_security_opt(char ***labels, size_t *labels_len);
int dup_security_opt(const char *src, char ***dst, size_t *len);
char *selinux_format_mountlabel(const char *src, const char *mount_label);
-void selinux_state_free();
+void selinux_state_free(void);
#ifdef __cplusplus
}
#endif
diff --git a/src/daemon/common/sysinfo.c b/src/daemon/common/sysinfo.c
index d0927f58..fbdea4e8 100644
--- a/src/daemon/common/sysinfo.c
+++ b/src/daemon/common/sysinfo.c
@@ -46,7 +46,6 @@
#define CGROUP_CPU_RT_RUNTIME "cpu.rt_runtime_us"
#define CGROUP_CPUSET_CPUS "cpuset.cpus"
#define CGROUP_CPUSET_MEMS "cpuset.mems"
-#define CGROUP_MEMORY_LIMIT "memory.limit_in_bytes"
#define CGROUP_MEMORY_SWAP "memory.memsw.limit_in_bytes"
#define CGROUP_MEMORY_SWAPPINESS "memory.swappiness"
#define CGROUP_MEMORY_RESERVATION "memory.soft_limit_in_bytes"
diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
index 6db4e2a4..c9e64617 100644
--- a/src/daemon/config/isulad_config.c
+++ b/src/daemon/config/isulad_config.c
@@ -119,7 +119,7 @@ out:
}
/* isulad server conf wrlock */
-int isulad_server_conf_wrlock()
+int isulad_server_conf_wrlock(void)
{
int ret = 0;
@@ -132,7 +132,7 @@ int isulad_server_conf_wrlock()
}
/* isulad server conf rdlock */
-int isulad_server_conf_rdlock()
+int isulad_server_conf_rdlock(void)
{
int ret = 0;
@@ -145,7 +145,7 @@ int isulad_server_conf_rdlock()
}
/* isulad server conf unlock */
-int isulad_server_conf_unlock()
+int isulad_server_conf_unlock(void)
{
int ret = 0;
@@ -157,13 +157,13 @@ int isulad_server_conf_unlock()
return ret;
}
-struct service_arguments *conf_get_server_conf()
+struct service_arguments *conf_get_server_conf(void)
{
return g_isulad_conf.server_conf;
}
/* conf get isulad pidfile */
-char *conf_get_isulad_pidfile()
+char *conf_get_isulad_pidfile(void)
{
char *filename = NULL;
struct service_arguments *conf = NULL;
@@ -185,7 +185,7 @@ out:
}
/* conf get engine rootpath */
-char *conf_get_engine_rootpath()
+char *conf_get_engine_rootpath(void)
{
char *epath = NULL;
char *rootpath = NULL;
@@ -236,7 +236,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
(void)isulad_server_conf_unlock();
return -1;
}
@@ -252,7 +252,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime)
}
/* conf get graph checked flag file path */
-char *conf_get_graph_check_flag_file()
+char *conf_get_graph_check_flag_file(void)
{
char *epath = NULL;
char *rootpath = NULL;
@@ -309,7 +309,7 @@ char *conf_get_routine_rootdir(const char *runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->graph == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) {
ERROR("Server conf is NULL or rootpath is NULL");
goto out;
}
@@ -359,7 +359,7 @@ char *conf_get_routine_statedir(const char *runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->state == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) {
goto out;
}
@@ -390,7 +390,7 @@ out:
}
/* conf get isulad rootdir */
-char *conf_get_isulad_rootdir()
+char *conf_get_isulad_rootdir(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -400,7 +400,7 @@ char *conf_get_isulad_rootdir()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->graph == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) {
goto out;
}
@@ -412,7 +412,7 @@ out:
}
/* conf get registry */
-char **conf_get_registry_list()
+char **conf_get_registry_list(void)
{
int nret = 0;
size_t i;
@@ -425,7 +425,7 @@ char **conf_get_registry_list()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->registry_mirrors_len == 0) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->registry_mirrors_len == 0) {
goto out;
}
@@ -448,7 +448,7 @@ out:
}
/* conf get insecure registry */
-char **conf_get_insecure_registry_list()
+char **conf_get_insecure_registry_list(void)
{
int nret = 0;
size_t i;
@@ -461,7 +461,7 @@ char **conf_get_insecure_registry_list()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->insecure_registries_len == 0) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->insecure_registries_len == 0) {
goto out;
}
@@ -484,7 +484,7 @@ out:
}
/* conf get isulad statedir */
-char *conf_get_isulad_statedir()
+char *conf_get_isulad_statedir(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -494,7 +494,7 @@ char *conf_get_isulad_statedir()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->state == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) {
goto out;
}
@@ -506,7 +506,7 @@ out:
}
/* isulad monitor fifo name */
-char *conf_get_isulad_monitor_fifo_path()
+char *conf_get_isulad_monitor_fifo_path(void)
{
int ret;
char fifo_file_path[PATH_MAX] = { 0 };
@@ -561,7 +561,7 @@ static char *get_parent_mount_dir(char *graph)
}
/* conf get isulad mount rootfs */
-char *conf_get_isulad_mount_rootfs()
+char *conf_get_isulad_mount_rootfs(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -583,7 +583,7 @@ out:
}
/* conf get isulad umask for containers */
-char *conf_get_isulad_native_umask()
+char *conf_get_isulad_native_umask(void)
{
char *umask = NULL;
struct service_arguments *conf = NULL;
@@ -593,7 +593,7 @@ char *conf_get_isulad_native_umask()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->native_umask == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->native_umask == NULL) {
goto out;
}
@@ -605,7 +605,7 @@ out:
}
/* conf get isulad cgroup parent for containers */
-char *conf_get_isulad_cgroup_parent()
+char *conf_get_isulad_cgroup_parent(void)
{
char *cgroup_parent = NULL;
struct service_arguments *conf = NULL;
@@ -615,7 +615,7 @@ char *conf_get_isulad_cgroup_parent()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->cgroup_parent == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->cgroup_parent == NULL) {
goto out;
}
@@ -627,7 +627,7 @@ out:
}
/* conf get isulad engine */
-char *conf_get_isulad_engine()
+char *conf_get_isulad_engine(void)
{
char *engine = NULL;
struct service_arguments *conf = NULL;
@@ -637,7 +637,7 @@ char *conf_get_isulad_engine()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->engine == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->engine == NULL) {
goto out;
}
@@ -649,7 +649,7 @@ out:
}
/* conf get isulad loglevel */
-char *conf_get_isulad_loglevel()
+char *conf_get_isulad_loglevel(void)
{
char *loglevel = NULL;
struct service_arguments *conf = NULL;
@@ -659,7 +659,7 @@ char *conf_get_isulad_loglevel()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->log_level == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_level == NULL) {
goto out;
}
@@ -677,7 +677,7 @@ char *get_log_file_helper(const struct service_arguments *conf, const char *suff
size_t len = 0;
int nret = 0;
- if (suffix == NULL) {
+ if (conf == NULL || suffix == NULL) {
return NULL;
}
@@ -709,7 +709,7 @@ out:
}
/* conf get isulad log gather fifo path */
-char *conf_get_isulad_log_gather_fifo_path()
+char *conf_get_isulad_log_gather_fifo_path(void)
{
#define LOG_GATHER_FIFO_NAME "/isulad_log_gather_fifo"
char *logfile = NULL;
@@ -752,7 +752,7 @@ out:
}
/* conf get isulad log file */
-char *conf_get_isulad_log_file()
+char *conf_get_isulad_log_file(void)
{
char *logfile = NULL;
struct service_arguments *conf = NULL;
@@ -774,7 +774,7 @@ out:
}
/* conf get engine log file */
-char *conf_get_engine_log_file()
+char *conf_get_engine_log_file(void)
{
char *logfile = NULL;
char *full_path = NULL;
@@ -841,7 +841,7 @@ int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_
}
/* conf get isulad logdriver */
-char *conf_get_isulad_logdriver()
+char *conf_get_isulad_logdriver(void)
{
char *logdriver = NULL;
struct service_arguments *conf = NULL;
@@ -851,7 +851,7 @@ char *conf_get_isulad_logdriver()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->log_driver == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_driver == NULL) {
goto out;
}
@@ -871,12 +871,17 @@ int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts)
size_t i;
int ret = 0;
+ if (opts == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->container_log == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->container_log == NULL) {
goto out;
}
work = conf->json_confs->container_log;
@@ -918,7 +923,7 @@ out:
}
/* conf get image layer check flag */
-bool conf_get_image_layer_check_flag()
+bool conf_get_image_layer_check_flag(void)
{
bool check_flag = false;
struct service_arguments *conf = NULL;
@@ -928,7 +933,7 @@ bool conf_get_image_layer_check_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -940,7 +945,7 @@ out:
}
/* conf get flag of use decrypted key to pull image */
-bool conf_get_use_decrypted_key_flag()
+bool conf_get_use_decrypted_key_flag(void)
{
bool check_flag = true;
struct service_arguments *conf = NULL;
@@ -950,7 +955,7 @@ bool conf_get_use_decrypted_key_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->use_decrypted_key == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->use_decrypted_key == NULL) {
goto out;
}
@@ -961,7 +966,7 @@ out:
return check_flag;
}
-bool conf_get_skip_insecure_verify_flag()
+bool conf_get_skip_insecure_verify_flag(void)
{
bool check_flag = false;
struct service_arguments *conf = NULL;
@@ -971,7 +976,7 @@ bool conf_get_skip_insecure_verify_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -982,69 +987,86 @@ out:
return check_flag;
}
-#define OCI_STR_ARRAY_DUP(src, dest, srclen, destlen, ret) \
- do { \
- if ((src) != NULL) { \
- (dest) = util_str_array_dup((const char **)(src), (srclen)); \
- if ((dest) == NULL) { \
- (ret) = -1; \
- goto out; \
- } \
- (destlen) = (srclen); \
- } \
- } while (0)
-
-#define HOOKS_ELEM_DUP_DEF(item) \
- defs_hook *hooks_##item##_elem_dup(const defs_hook *src) \
- { \
- int ret = 0; \
- defs_hook *dest = NULL; \
- if (src == NULL) \
- return NULL; \
- dest = util_common_calloc_s(sizeof(defs_hook)); \
- if (dest == NULL) \
- return NULL; \
- dest->path = util_strdup_s(src->path); \
- OCI_STR_ARRAY_DUP(src->args, dest->args, src->args_len, dest->args_len, ret); \
- OCI_STR_ARRAY_DUP(src->env, dest->env, src->env_len, dest->env_len, ret); \
- dest->timeout = src->timeout; \
- out: \
- if (ret != 0 && dest != NULL) { \
- free_defs_hook(dest); \
- dest = NULL; \
- } \
- return dest; \
- }
-
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(prestart)
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(poststart)
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(poststop)
-
-#define HOOKS_ITEM_DUP_DEF(item) \
- int hooks_##item##_dup(oci_runtime_spec_hooks *dest, const oci_runtime_spec_hooks *src) \
- { \
- int i = 0; \
- dest->item = util_smart_calloc_s(sizeof(defs_hook *), (src->item##_len + 1)); \
- if (dest->item == NULL) \
- return -1; \
- dest->item##_len = src->item##_len; \
- for (; (size_t)i < src->item##_len; ++i) { \
- dest->item[i] = hooks_##item##_elem_dup(src->item[i]); \
- if (dest->item[i] == NULL) \
- return -1; \
- } \
- return 0; \
- }
-
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(prestart)
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(poststart)
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(poststop)
+static defs_hook *hooks_elem_dup(const defs_hook *src)
+{
+ defs_hook *dest = NULL;
+
+ if (src == NULL) {
+ return NULL;
+ }
+
+ dest = (defs_hook *)util_common_calloc_s(sizeof(defs_hook));
+ if (dest == NULL) {
+ ERROR("Out of memory");
+ return NULL;
+ }
+
+ dest->path = util_strdup_s(src->path);
+ dest->timeout = src->timeout;
+
+ if (src->args_len != 0) {
+ dest->args = util_str_array_dup((const char **)(src->args), src->args_len);
+ if (dest->args == NULL) {
+ ERROR("Failed to duplicate string array");
+ goto err_out;
+ }
+ dest->args_len = src->args_len;
+ }
+
+ if (src->env_len != 0) {
+ dest->env = util_str_array_dup((const char **)(src->env), src->env_len);
+ if (dest->env == NULL) {
+ ERROR("Failed to duplicate string array");
+ goto err_out;
+ }
+ dest->env_len = src->env_len;
+ }
+
+ return dest;
+
+err_out:
+ free_defs_hook(dest);
+ return NULL;
+}
+
+static int hooks_array_dup(const defs_hook **src, const size_t src_len, defs_hook ***dst, size_t *dst_len)
+{
+ size_t i;
+ size_t tmp_len = 0;
+ defs_hook **tmp_dst = NULL;
+
+ if (src_len > SIZE_MAX - 1) {
+ ERROR("Invalid hooks array length");
+ return -1;
+ }
+
+ tmp_dst = (defs_hook **)util_smart_calloc_s(sizeof(defs_hook *), src_len + 1);
+ if (tmp_dst == NULL) {
+ ERROR("Out of memory");
+ return -1;
+ }
+
+ for(i = 0; i < src_len; i++) {
+ tmp_dst[i] = hooks_elem_dup(src[i]);
+ if (tmp_dst[i] == NULL) {
+ ERROR("Failed to duplicate hooks element");
+ goto err_out;
+ }
+ tmp_len++;
+ }
+
+ *dst = tmp_dst;
+ *dst_len = tmp_len;
+ return 0;
+
+err_out:
+ for(i = 0; i < tmp_len; i++) {
+ free_defs_hook(tmp_dst[i]);
+ }
+ free(tmp_dst);
+
+ return -1;
+}
/* hooks_dup */
oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src)
@@ -1060,17 +1082,17 @@ oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src)
return NULL;
}
- ret = hooks_prestart_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->prestart, src->prestart_len, &dest->prestart, &dest->prestart_len);
if (ret != 0) {
goto out;
}
- ret = hooks_poststart_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->poststart, src->poststart_len, &dest->poststart, &dest->poststart_len);
if (ret != 0) {
goto out;
}
- ret = hooks_poststop_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->poststop, src->poststop_len, &dest->poststop, &dest->poststop_len);
out:
if (ret != 0) {
@@ -1086,6 +1108,11 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks)
int ret = 0;
struct service_arguments *conf = NULL;
+ if (phooks == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
@@ -1140,7 +1167,7 @@ out:
}
/* conf get start timeout */
-unsigned int conf_get_start_timeout()
+unsigned int conf_get_start_timeout(void)
{
struct service_arguments *conf = NULL;
unsigned int ret = 0;
@@ -1160,7 +1187,7 @@ out:
return ret;
}
-char *conf_get_default_runtime()
+char *conf_get_default_runtime(void)
{
struct service_arguments *conf = NULL;
char *result = NULL;
@@ -1182,7 +1209,7 @@ out:
return result;
}
-char *conf_get_enable_plugins()
+char *conf_get_enable_plugins(void)
{
struct service_arguments *conf = NULL;
char *plugins = NULL;
@@ -1205,7 +1232,7 @@ out:
}
#ifdef ENABLE_USERNS_REMAP
-char *conf_get_isulad_userns_remap()
+char *conf_get_isulad_userns_remap(void)
{
struct service_arguments *conf = NULL;
char *userns_remap = NULL;
@@ -1229,7 +1256,7 @@ out:
#endif
/* conf get websocket server listening port */
-int32_t conf_get_websocket_server_listening_port()
+int32_t conf_get_websocket_server_listening_port(void)
{
int32_t port = 0;
struct service_arguments *conf = NULL;
@@ -1239,7 +1266,7 @@ int32_t conf_get_websocket_server_listening_port()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -1295,6 +1322,10 @@ int set_unix_socket_group(const char *socket, const char *group)
return -1;
}
+ if (!util_has_prefix(socket, UNIX_SOCKET_PREFIX)) {
+ ERROR("Invalid unix socket: %s", socket);
+ return -1;
+ }
path = socket + strlen(UNIX_SOCKET_PREFIX);
if (strlen(path) > PATH_MAX || realpath(path, rpath) == NULL) {
@@ -1324,15 +1355,6 @@ out:
return ret;
}
-#define OVERRIDE_STRING_VALUE(dst, src) \
- do { \
- if ((src) != NULL && strlen((src)) != 0) { \
- free((dst)); \
- (dst) = (src); \
- (src) = NULL; \
- } \
- } while (0)
-
static int string_array_append(char **suffix, size_t suffix_len, size_t *curr_len, char ***result)
{
if (suffix_len > 0) {
@@ -1357,6 +1379,11 @@ int parse_log_opts(struct service_arguments *args, const char *key, const char *
{
int ret = -1;
+ if (args == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (key == NULL || value == NULL) {
return 0;
}
@@ -1576,6 +1603,11 @@ int merge_json_confs_into_global(struct service_arguments *args)
parser_error err = NULL;
int ret = 0;
+ if (args == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
tmp_json_confs = isulad_daemon_configs_parse_file(ISULAD_DAEMON_JSON_CONF_FILE, NULL, &err);
if (tmp_json_confs == NULL) {
COMMAND_ERROR("Load isulad json config failed: %s", err != NULL ? err : "");
@@ -1715,7 +1747,7 @@ static bool valid_isulad_daemon_constants(isulad_daemon_constants *config)
return true;
}
-int init_isulad_daemon_constants()
+int init_isulad_daemon_constants(void)
{
parser_error err = NULL;
int ret = 0;
@@ -1742,7 +1774,7 @@ out:
return ret;
}
-isulad_daemon_constants *get_isulad_daemon_constants()
+isulad_daemon_constants *get_isulad_daemon_constants(void)
{
return g_isulad_daemon_constants;
}
diff --git a/src/daemon/config/isulad_config.h b/src/daemon/config/isulad_config.h
index e3ae17ca..cf0cd2a4 100644
--- a/src/daemon/config/isulad_config.h
+++ b/src/daemon/config/isulad_config.h
@@ -36,42 +36,42 @@ struct isulad_conf {
struct service_arguments *server_conf;
};
-char *conf_get_isulad_pidfile();
-char *conf_get_engine_rootpath();
+char *conf_get_isulad_pidfile(void);
+char *conf_get_engine_rootpath(void);
char *conf_get_routine_rootdir(const char *runtime);
char *conf_get_routine_statedir(const char *runtime);
-char *conf_get_isulad_rootdir();
-char *conf_get_isulad_statedir();
-char *conf_get_isulad_mount_rootfs();
-char *conf_get_isulad_engine();
-char *conf_get_isulad_loglevel();
-char *conf_get_isulad_logdriver();
+char *conf_get_isulad_rootdir(void);
+char *conf_get_isulad_statedir(void);
+char *conf_get_isulad_mount_rootfs(void);
+char *conf_get_isulad_engine(void);
+char *conf_get_isulad_loglevel(void);
+char *conf_get_isulad_logdriver(void);
int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_log_path);
-char *conf_get_isulad_log_gather_fifo_path();
+char *conf_get_isulad_log_gather_fifo_path(void);
int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime);
int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts);
-char *conf_get_isulad_log_file();
-char *conf_get_engine_log_file();
-char *conf_get_enable_plugins();
+char *conf_get_isulad_log_file(void);
+char *conf_get_engine_log_file(void);
+char *conf_get_enable_plugins(void);
#ifdef ENABLE_USERNS_REMAP
-char *conf_get_isulad_userns_remap();
+char *conf_get_isulad_userns_remap(void);
#endif
-int32_t conf_get_websocket_server_listening_port();
+int32_t conf_get_websocket_server_listening_port(void);
int save_args_to_conf(struct service_arguments *args);
int set_unix_socket_group(const char *socket, const char *group);
-int isulad_server_conf_wrlock();
+int isulad_server_conf_wrlock(void);
-int isulad_server_conf_rdlock();
+int isulad_server_conf_rdlock(void);
-int isulad_server_conf_unlock();
+int isulad_server_conf_unlock(void);
-struct service_arguments *conf_get_server_conf();
+struct service_arguments *conf_get_server_conf(void);
int get_system_cpu_usage(uint64_t *val);
@@ -79,31 +79,31 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks);
int conf_get_isulad_default_ulimit(host_config_ulimits_element ***ulimit);
-unsigned int conf_get_start_timeout();
+unsigned int conf_get_start_timeout(void);
-char **conf_get_insecure_registry_list();
+char **conf_get_insecure_registry_list(void);
-char **conf_get_registry_list();
-char *conf_get_isulad_native_umask();
+char **conf_get_registry_list(void);
+char *conf_get_isulad_native_umask(void);
-char *conf_get_isulad_cgroup_parent();
+char *conf_get_isulad_cgroup_parent(void);
-char *conf_get_default_runtime();
+char *conf_get_default_runtime(void);
-char *conf_get_graph_check_flag_file();
+char *conf_get_graph_check_flag_file(void);
-bool conf_get_image_layer_check_flag();
+bool conf_get_image_layer_check_flag(void);
int merge_json_confs_into_global(struct service_arguments *args);
-bool conf_get_use_decrypted_key_flag();
-bool conf_get_skip_insecure_verify_flag();
+bool conf_get_use_decrypted_key_flag(void);
+bool conf_get_skip_insecure_verify_flag(void);
int parse_log_opts(struct service_arguments *args, const char *key, const char *value);
-char *conf_get_isulad_monitor_fifo_path();
+char *conf_get_isulad_monitor_fifo_path(void);
-int init_isulad_daemon_constants();
-isulad_daemon_constants *get_isulad_daemon_constants();
+int init_isulad_daemon_constants(void);
+isulad_daemon_constants *get_isulad_daemon_constants(void);
#ifdef __cplusplus
}
diff --git a/src/daemon/executor/container_cb/execution.c b/src/daemon/executor/container_cb/execution.c
index fe9d7aaa..f78965df 100644
--- a/src/daemon/executor/container_cb/execution.c
+++ b/src/daemon/executor/container_cb/execution.c
@@ -915,8 +915,8 @@ static int container_kill_cb(const container_kill_request *request, container_ki
}
if (!util_valid_signal((int)signal)) {
- isulad_set_error_message("Not supported signal %d", signal);
- ERROR("Not supported signal %d", signal);
+ isulad_set_error_message("Not supported signal %u", signal);
+ ERROR("Not supported signal %u", signal);
cc = ISULAD_ERR_EXEC;
goto pack_response;
}
diff --git a/src/daemon/executor/container_cb/execution_create.c b/src/daemon/executor/container_cb/execution_create.c
index 6097dd7e..7e0d681c 100644
--- a/src/daemon/executor/container_cb/execution_create.c
+++ b/src/daemon/executor/container_cb/execution_create.c
@@ -739,7 +739,7 @@ out:
free(runtime_root);
free(runtime_stat);
if (ret != 0) {
- /* fail, do not use the input v2 spec and host spec, the memeory will be free by caller*/
+ /* fail, do not use the input v2 spec and host spec, the memeory will be free by caller */
if (cont != NULL) {
cont->common_config = NULL;
cont->hostconfig = NULL;
diff --git a/src/daemon/executor/container_cb/execution_network.c b/src/daemon/executor/container_cb/execution_network.c
index 95cfcce3..597c3d6e 100644
--- a/src/daemon/executor/container_cb/execution_network.c
+++ b/src/daemon/executor/container_cb/execution_network.c
@@ -80,11 +80,20 @@ out:
static int fopen_network(FILE **fp, char **file_path, const char *rootfs, const char *filename)
{
+ int64_t size = 0;
+
if (util_realpath_in_scope(rootfs, filename, file_path) < 0) {
SYSERROR("Failed to get real path '%s' under rootfs '%s'", filename, rootfs);
isulad_set_error_message("Failed to get real path '%s' under rootfs '%s'", filename, rootfs);
return -1;
}
+
+ size = util_file_size(*file_path);
+ if (size > REGULAR_FILE_SIZE) {
+ ERROR("Target file '%s', size exceed limit: %lld", *file_path, REGULAR_FILE_SIZE);
+ return -1;
+ }
+
*fp = util_fopen(*file_path, "a+");
if (*fp == NULL) {
SYSERROR("Failed to open %s", *file_path);
diff --git a/src/daemon/executor/container_cb/execution_stream.h b/src/daemon/executor/container_cb/execution_stream.h
index 227cc2c3..c0dba7d0 100644
--- a/src/daemon/executor/container_cb/execution_stream.h
+++ b/src/daemon/executor/container_cb/execution_stream.h
@@ -1,6 +1,3 @@
-#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
-#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
-
/******************************************************************************
* Copyright (c) Huawei Technologies Co., Ltd. 2017-2019. All rights reserved.
* iSulad licensed under the Mulan PSL v2.
@@ -16,6 +13,9 @@
* Description: provide container list callback function definition
*********************************************************************************/
+#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
+#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
+
#include "callback.h"
#ifdef __cplusplus
diff --git a/src/daemon/executor/container_cb/list.c b/src/daemon/executor/container_cb/list.c
index 026f1efb..754241fc 100644
--- a/src/daemon/executor/container_cb/list.c
+++ b/src/daemon/executor/container_cb/list.c
@@ -166,14 +166,14 @@ static int append_ids(const map_t *matches, char ***filtered_ids)
return 0;
}
-static int insert_matched_id(char **ids, map_t *matches, void *value, size_t ids_len)
+static int insert_matched_id(char **ids, map_t *matches, bool *value, size_t ids_len)
{
size_t i;
for (i = 0; i < ids_len; i++) {
container_t *cont = containers_store_get_by_prefix(ids[i]);
if (cont != NULL) {
- bool inserted = map_insert(matches, cont->common_config->id, value);
+ bool inserted = map_insert(matches, (void *)cont->common_config->id, (void *)value);
container_unref(cont);
if (!inserted) {
ERROR("Insert map failed: %s", ids[i]);
diff --git a/src/daemon/executor/image_cb/image_cb.c b/src/daemon/executor/image_cb/image_cb.c
index c087a679..396e8a6e 100644
--- a/src/daemon/executor/image_cb/image_cb.c
+++ b/src/daemon/executor/image_cb/image_cb.c
@@ -592,7 +592,7 @@ static int trans_one_image(image_list_images_response *response, size_t image_in
goto out;
}
- if (!unix_nanos_to_timestamp(created_nanos, &timestamp) != 0) {
+ if (!unix_nanos_to_timestamp(created_nanos, &timestamp)) {
ERROR("Failed to translate nanos to timestamp");
ret = -1;
goto out;
@@ -668,19 +668,6 @@ out:
return ret;
}
-static im_list_request *image_list_context_new(const image_list_images_request *request)
-{
- im_list_request *ctx = NULL;
-
- ctx = util_common_calloc_s(sizeof(im_list_request));
- if (ctx == NULL) {
- ERROR("Out of memory");
- return NULL;
- }
-
- return ctx;
-}
-
#ifdef ENABLE_OCI_IMAGE
struct image_list_context {
struct filters_args *image_filters;
@@ -769,11 +756,12 @@ static im_list_request *fold_filter(const image_list_images_request *request)
{
im_list_request *ctx = NULL;
- ctx = image_list_context_new(request);
+ ctx = (im_list_request *)util_common_calloc_s(sizeof(im_list_request));
if (ctx == NULL) {
ERROR("Out of memory");
goto error_out;
}
+
#ifdef ENABLE_OCI_IMAGE
size_t i;
if (request->filters == NULL) {
--
2.40.1
Reference in New Issue View Git Blame Copy Permalink