packages/iSulad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!356 fix different type convert and add check to arguments

Browse Source 
From: @zh_xiaoyu 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
This commit is contained in:
openeuler-ci-bot 2022-05-31 14:15:06 +00:00 committed by Gitee
commit a2d194cfda
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
4 changed files with 1033 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

264
0006-fix-different-type-convert.patch Normal file
View File

@ -0,0 +1,264 @@
From 1db2941da2eba089f3ed07c59f4925c857860023 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Tue, 31 May 2022 03:33:16 +0100
Subject: [PATCH 6/8] fix different type convert
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
src/cmd/isula/isula_host_spec.c | 23 ++++++++++++++-----
src/cmd/isula/stream/exec.c | 6 +++--
src/cmd/isulad/isulad_commands.c | 11 +++++++--
src/cmd/options/opt_ulimit.c | 9 ++++++--
.../modules/runtime/engines/lcr/lcr_engine.c | 2 +-
src/daemon/modules/spec/specs_mount.c | 8 +++++--
src/utils/http/parser.c | 2 +-
7 files changed, 45 insertions(+), 16 deletions(-)
diff --git a/src/cmd/isula/isula_host_spec.c b/src/cmd/isula/isula_host_spec.c
index 85451dd4..297f9299 100644
--- a/src/cmd/isula/isula_host_spec.c
+++ b/src/cmd/isula/isula_host_spec.c
@@ -516,6 +516,7 @@ static int parse_blkio_throttle_bps_device(const char *device, char **path, uint
{
int ret = 0;
char **split = NULL;
+ int64_t converted = 0;
split = util_string_split_multi(device, ':');
if (split == NULL || util_array_len((const char **)split) != 2) {
@@ -530,13 +531,16 @@ static int parse_blkio_throttle_bps_device(const char *device, char **path, uint
goto out;
}
- if (util_parse_byte_size_string(split[1], (int64_t *)rate) != 0) {
+ ret = util_parse_byte_size_string(split[1], &converted);
+ if (ret != 0 || converted < 0) {
COMMAND_ERROR("invalid rate for device: %s. The correct format is <device-path>:<number>[<unit>]."
" Number must be a positive integer. Unit is optional and can be kb, mb, or gb",
device);
ret = -1;
goto out;
}
+
+ *rate = converted;
*path = util_strdup_s(split[0]);
out:
@@ -691,6 +695,7 @@ static host_config_hugetlbs_element *pase_hugetlb_limit(const char *input)
char *trans_page = NULL;
uint64_t limit = 0;
uint64_t page = 0;
+ int64_t tconverted = 0;
host_config_hugetlbs_element *limit_element = NULL;
temp = util_strdup_s(input);
@@ -704,18 +709,21 @@ static host_config_hugetlbs_element *pase_hugetlb_limit(const char *input)
goto free_out;
}
- ret = util_parse_byte_size_string(limit_value, (int64_t *)(&limit));
- if (ret != 0) {
+ ret = util_parse_byte_size_string(limit_value, &tconverted);
+ if (ret != 0 || tconverted < 0) {
COMMAND_ERROR("Parse limit value: %s failed:%s", limit_value, strerror(-ret));
goto free_out;
}
+ limit = (uint64_t)tconverted;
if (pagesize != NULL) {
- ret = util_parse_byte_size_string(pagesize, (int64_t *)(&page));
- if (ret != 0) {
+ tconverted = 0;
+ ret = util_parse_byte_size_string(pagesize, &tconverted);
+ if (ret != 0 || tconverted < 0) {
COMMAND_ERROR("Parse pagesize error.Invalid hugepage size: %s: %s", pagesize, strerror(-ret));
goto free_out;
}
+ page = (uint64_t)tconverted;
trans_page = util_human_size(page);
if (trans_page == NULL) {
@@ -842,15 +850,18 @@ static bool parse_size(const char *input, const char *token, host_config_host_ch
uint64_t size = 0;
uint64_t mem_total_size = 0;
uint64_t mem_available_size = 0;
+ int64_t converted = 0;
if (strcmp(token, "") == 0) {
host_channel->size = 64 * SIZE_MB;
return true;
}
- if (util_parse_byte_size_string(token, (int64_t *)(&size))) {
+ if (util_parse_byte_size_string(token, &converted) != 0 || converted < 0) {
COMMAND_ERROR("Invalid size limit for host channel: %s", input);
return false;
}
+ size = (uint64_t)converted;
+
if (size < HOST_CHANNLE_MIN_SIZE) {
COMMAND_ERROR("Invalid size, larger than 4KB is allowed");
return false;
diff --git a/src/cmd/isula/stream/exec.c b/src/cmd/isula/stream/exec.c
index aa702b90..df911d0b 100644
--- a/src/cmd/isula/stream/exec.c
+++ b/src/cmd/isula/stream/exec.c
@@ -49,6 +49,7 @@ static int fill_exec_request(const struct client_arguments *args, const struct c
{
int ret = 0;
size_t i = 0;
+ size_t tconverted = 0;
char *new_env = NULL;
request->name = util_strdup_s(args->name);
@@ -67,12 +68,13 @@ static int fill_exec_request(const struct client_arguments *args, const struct c
request->user = util_strdup_s(args->custom_conf.user);
request->workdir = util_strdup_s(args->custom_conf.workdir);
- if (util_dup_array_of_strings((const char **)args->argv, args->argc, &(request->argv),
- (size_t *)(&request->argc)) != 0) {
+ ret = util_dup_array_of_strings((const char **)args->argv, args->argc, &(request->argv), &tconverted);
+ if (ret != 0 || tconverted >= INT_MAX) {
ERROR("Failed to dup args");
ret = -1;
goto out;
}
+ request->argc = (int)tconverted;
/* environment variables */
for (i = 0; i < util_array_len((const char **)(args->extra_env)); i++) {
diff --git a/src/cmd/isulad/isulad_commands.c b/src/cmd/isulad/isulad_commands.c
index 2a0ccf92..f73a82e2 100644
--- a/src/cmd/isulad/isulad_commands.c
+++ b/src/cmd/isulad/isulad_commands.c
@@ -517,7 +517,6 @@ out:
static int do_merge_conf_default_ulimit_into_global(struct service_arguments *args)
{
size_t i, j, json_default_ulimit_len;
- isulad_daemon_configs_default_ulimits_element *ptr = NULL;
if (args->json_confs->default_ulimits == NULL) {
return 0;
@@ -525,6 +524,9 @@ static int do_merge_conf_default_ulimit_into_global(struct service_arguments *ar
json_default_ulimit_len = args->json_confs->default_ulimits->len;
for (i = 0; i < json_default_ulimit_len; i++) {
+ isulad_daemon_configs_default_ulimits_element *ptr = NULL;
+ host_config_ulimits_element telem = { 0 };
+
ptr = args->json_confs->default_ulimits->values[i];
for (j = 0; j < args->default_ulimit_len; j++) {
if (strcmp(ptr->name, args->default_ulimit[j]->name) == 0) {
@@ -532,12 +534,17 @@ static int do_merge_conf_default_ulimit_into_global(struct service_arguments *ar
}
}
+ // ulimit of name setted, just update values
if (j < args->default_ulimit_len) {
args->default_ulimit[j]->soft = ptr->soft;
args->default_ulimit[j]->hard = ptr->hard;
continue;
}
- if (ulimit_array_append(&args->default_ulimit, (host_config_ulimits_element *)ptr, args->default_ulimit_len) !=
+
+ telem.name = ptr->name;
+ telem.hard = ptr->hard;
+ telem.soft = ptr->soft;
+ if (ulimit_array_append(&args->default_ulimit, &telem, args->default_ulimit_len) !=
0) {
ERROR("merge json confs default ulimit config failed");
return -1;
diff --git a/src/cmd/options/opt_ulimit.c b/src/cmd/options/opt_ulimit.c
index 1a9c6165..b9eddf8a 100644
--- a/src/cmd/options/opt_ulimit.c
+++ b/src/cmd/options/opt_ulimit.c
@@ -58,22 +58,27 @@ static void get_ulimit_split_parts(const char *val, char ***parts, size_t *parts
static int parse_soft_hard_ulimit(const char *val, char **limitvals, size_t limitvals_len, int64_t *soft, int64_t *hard)
{
int ret = 0;
+ long long converted = 0;
+
// parse soft
- ret = util_safe_llong(limitvals[0], (long long *)soft);
+ ret = util_safe_llong(limitvals[0], &converted);
if (ret < 0) {
COMMAND_ERROR("Invalid ulimit soft value: \"%s\", parse int64 failed: %s", val, strerror(-ret));
ret = -1;
goto out;
}
+ *soft = (int64_t)converted;
// parse hard if exists
if (limitvals_len > 1) {
- ret = util_safe_llong(limitvals[1], (long long *)hard);
+ converted = 0;
+ ret = util_safe_llong(limitvals[1], &converted);
if (ret < 0) {
COMMAND_ERROR("Invalid ulimit hard value: \"%s\", parse int64 failed: %s", val, strerror(-ret));
ret = -1;
goto out;
}
+ *hard = (int64_t)converted;
if (*soft > *hard) {
COMMAND_ERROR("Ulimit soft limit must be less than or equal to hard limit: %lld > %lld",
diff --git a/src/daemon/modules/runtime/engines/lcr/lcr_engine.c b/src/daemon/modules/runtime/engines/lcr/lcr_engine.c
index 0d29e362..2ca12545 100644
--- a/src/daemon/modules/runtime/engines/lcr/lcr_engine.c
+++ b/src/daemon/modules/runtime/engines/lcr/lcr_engine.c
@@ -30,7 +30,7 @@
typedef bool (*lcr_state_op_t)(const char *name, const char *lcrpath, struct lcr_container_state *lcs);
typedef void (*lcr_container_state_free_t)(struct lcr_container_state *lcs);
typedef bool (*lcr_update_op_t)(const char *name, const char *lcrpath, struct lcr_cgroup_resources *cr);
-typedef bool (*lcr_start_op_t)(struct lcr_start_request *request);
+typedef bool (*lcr_start_op_t)(const struct lcr_start_request *request);
typedef bool (*lcr_exec_op_t)(const struct lcr_exec_request *request, int *exit_code);
static lcr_state_op_t g_lcr_state_op = NULL;
diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c
index c89f077f..b35061d8 100644
--- a/src/daemon/modules/spec/specs_mount.c
+++ b/src/daemon/modules/spec/specs_mount.c
@@ -2089,21 +2089,25 @@ static int parse_device_cgroup_rule(defs_device_cgroup *spec_dev_cgroup, const c
if (strcmp(file_mode[0], "*") == 0) {
spec_dev_cgroup->major = -1;
} else {
- if (util_safe_llong(file_mode[0], (long long *)&spec_dev_cgroup->major) != 0) {
+ long long converted = 0;
+ if (util_safe_llong(file_mode[0], &converted) != 0) {
ERROR("Invalid rule mode %s", file_mode[0]);
ret = -1;
goto free_out;
}
+ spec_dev_cgroup->major = converted;
}
if (strcmp(file_mode[1], "*") == 0) {
spec_dev_cgroup->minor = -1;
} else {
- if (util_safe_llong(file_mode[1], (long long *)&spec_dev_cgroup->minor) != 0) {
+ long long converted = 0;
+ if (util_safe_llong(file_mode[1], &converted) != 0) {
ERROR("Invalid rule mode %s", file_mode[1]);
ret = -1;
goto free_out;
}
+ spec_dev_cgroup->minor = (int64_t)converted;
}
free_out:
diff --git a/src/utils/http/parser.c b/src/utils/http/parser.c
index 5ea1677c..37475b33 100644
--- a/src/utils/http/parser.c
+++ b/src/utils/http/parser.c
@@ -47,7 +47,7 @@
#include "utils.h"
#include "isula_libutils/log.h"
-size_t strlncat(char *dststr, size_t size, const char *srcstr, size_t nsize)
+static size_t strlncat(char *dststr, size_t size, const char *srcstr, size_t nsize)
{
size_t ssize, dsize;
--
2.25.1

226
0007-add-pointer-parameters-NULL-check.patch Normal file
View File

@ -0,0 +1,226 @@
From 17b6015d5abe3500a5a89d171af79698e57545f2 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Tue, 31 May 2022 19:35:35 +0800
Subject: [PATCH 7/8] add pointer parameters NULL check
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
src/cmd/isula/extend/update.c | 24 +++++++++----------
src/cmd/isula/extend/update.h | 1 -
src/cmd/isula/isula_commands.c | 2 +-
src/cmd/isula/isula_commands.h | 2 --
src/daemon/config/isulad_config.c | 4 ++++
src/daemon/modules/api/container_api.h | 2 --
src/daemon/modules/api/plugin_api.h | 1 -
.../modules/container/container_state.c | 2 +-
.../modules/container/containers_store.c | 5 ++++
.../graphdriver/devmapper/deviceset.c | 2 +-
.../graphdriver/overlay2/driver_overlay2.c | 2 +-
src/daemon/modules/plugin/plugin.c | 2 +-
src/daemon/modules/spec/specs_extend.c | 4 ++++
13 files changed, 30 insertions(+), 23 deletions(-)
diff --git a/src/cmd/isula/extend/update.c b/src/cmd/isula/extend/update.c
index a9b0fccf..27cd07c0 100644
--- a/src/cmd/isula/extend/update.c
+++ b/src/cmd/isula/extend/update.c
@@ -86,6 +86,18 @@ error_out:
return NULL;
}
+static int update_checker(const struct client_arguments *args)
+{
+ int ret = 0;
+
+ if (args->argc == 0) {
+ COMMAND_ERROR("Update requires at least 1 container names");
+ return EINVALIDARGS;
+ }
+
+ return ret;
+}
+
static int client_update(const struct client_arguments *args)
{
int ret = 0;
@@ -191,15 +203,3 @@ int cmd_update_main(int argc, const char **argv)
return ret;
}
-
-int update_checker(const struct client_arguments *args)
-{
- int ret = 0;
-
- if (args->argc == 0) {
- COMMAND_ERROR("Update requires at least 1 container names");
- return EINVALIDARGS;
- }
-
- return ret;
-}
diff --git a/src/cmd/isula/extend/update.h b/src/cmd/isula/extend/update.h
index a527b46a..15a6ce59 100644
--- a/src/cmd/isula/extend/update.h
+++ b/src/cmd/isula/extend/update.h
@@ -114,7 +114,6 @@ extern const char g_cmd_update_desc[];
extern const char g_cmd_update_usage[];
extern struct client_arguments g_cmd_update_args;
int cmd_update_main(int argc, const char **argv);
-int update_checker(const struct client_arguments *args);
#ifdef __cplusplus
}
diff --git a/src/cmd/isula/isula_commands.c b/src/cmd/isula/isula_commands.c
index db37f705..89d9ca96 100644
--- a/src/cmd/isula/isula_commands.c
+++ b/src/cmd/isula/isula_commands.c
@@ -94,7 +94,7 @@ static void print_version()
}
/* compare commands */
-int compare_commands(const void *s1, const void *s2)
+static int compare_commands(const void *s1, const void *s2)
{
return strcmp((*(const struct command *)s1).name, (*(const struct command *)s2).name);
}
diff --git a/src/cmd/isula/isula_commands.h b/src/cmd/isula/isula_commands.h
index 0518025f..1ee773ee 100644
--- a/src/cmd/isula/isula_commands.h
+++ b/src/cmd/isula/isula_commands.h
@@ -44,8 +44,6 @@ struct command {
// NOTE: Command arrays must end in a command with all member is NULL
const struct command *command_by_name(const struct command *cmds, const char * const name);
-int compare_commands(const void *s1, const void *s2);
-
// Default help command if implementation doesn't prvide one
int command_default_help(const char * const program_name, struct command *commands, int argc, const char **argv);
diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
index 287e5707..92d86a3b 100644
--- a/src/daemon/config/isulad_config.c
+++ b/src/daemon/config/isulad_config.c
@@ -1069,6 +1069,10 @@ int conf_get_isulad_default_ulimit(host_config_ulimits_element ***ulimit)
size_t i, ulimit_len;
struct service_arguments *conf = NULL;
+ if (ulimit == NULL) {
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
diff --git a/src/daemon/modules/api/container_api.h b/src/daemon/modules/api/container_api.h
index 3b7f2889..1140d4d5 100644
--- a/src/daemon/modules/api/container_api.h
+++ b/src/daemon/modules/api/container_api.h
@@ -244,8 +244,6 @@ char *container_state_get_started_at(container_state_t *s);
bool container_is_valid_state_string(const char *state);
-int container_dup_health_check_status(defs_health **dst, const defs_health *src);
-
void container_update_health_monitor(const char *container_id);
extern int container_supervisor_add_exit_monitor(int fd, const pid_ppid_info_t *pid_info, const char *name,
diff --git a/src/daemon/modules/api/plugin_api.h b/src/daemon/modules/api/plugin_api.h
index 82011363..4346b9e9 100644
--- a/src/daemon/modules/api/plugin_api.h
+++ b/src/daemon/modules/api/plugin_api.h
@@ -68,7 +68,6 @@ plugin_t *plugin_new(const char *name, const char *addr);
void plugin_get(plugin_t *plugin); /* ref++ */
void plugin_put(plugin_t *plugin); /* ref-- */
-int plugin_set_activated(plugin_t *plugin, bool activated, const char *errmsg);
int plugin_set_manifest(plugin_t *plugin, const plugin_manifest_t *manifest);
bool plugin_is_watching(plugin_t *plugin, uint64_t pe);
diff --git a/src/daemon/modules/container/container_state.c b/src/daemon/modules/container/container_state.c
index 834901f3..efcbe852 100644
--- a/src/daemon/modules/container/container_state.c
+++ b/src/daemon/modules/container/container_state.c
@@ -462,7 +462,7 @@ Container_Status container_state_get_status(container_state_t *s)
return status;
}
-int container_dup_health_check_status(defs_health **dst, const defs_health *src)
+static int container_dup_health_check_status(defs_health **dst, const defs_health *src)
{
int ret = 0;
size_t i = 0;
diff --git a/src/daemon/modules/container/containers_store.c b/src/daemon/modules/container/containers_store.c
index 42972392..e0700296 100644
--- a/src/daemon/modules/container/containers_store.c
+++ b/src/daemon/modules/container/containers_store.c
@@ -247,6 +247,11 @@ int containers_store_list(container_t ***out, size_t *size)
container_t **conts = NULL;
map_itor *itor = NULL;
+ if (out == NULL || size == NULL) {
+ ERROR("Invalid arguments");
+ return -1;
+ }
+
if (pthread_rwlock_rdlock(&g_containers_store->rwlock) != 0) {
ERROR("lock memory store failed");
return -1;
diff --git a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
index 728b0a62..e20d4f1b 100644
--- a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
+++ b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
@@ -3019,7 +3019,7 @@ int unmount_device(const char *hash, const char *mount_path, struct device_set *
int ret = 0;
devmapper_device_info_t *device_info = NULL;
- if (hash == NULL || mount_path == NULL) {
+ if (hash == NULL || mount_path == NULL || devset == NULL) {
ERROR("devmapper: invalid input params to unmount device");
return -1;
}
diff --git a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/overlay2/driver_overlay2.c b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/overlay2/driver_overlay2.c
index 6d1832be..7a45f880 100644
--- a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/overlay2/driver_overlay2.c
+++ b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/overlay2/driver_overlay2.c
@@ -2123,7 +2123,7 @@ int overlay2_get_layer_fs_info(const char *id, const struct graphdriver *driver,
char *layer_dir = NULL;
char *layer_diff = NULL;
- if (id == NULL || fs_info == NULL) {
+ if (id == NULL || driver == NULL || fs_info == NULL) {
ERROR("Invalid input arguments");
return -1;
}
diff --git a/src/daemon/modules/plugin/plugin.c b/src/daemon/modules/plugin/plugin.c
index 4a14ee46..4cea2b2a 100644
--- a/src/daemon/modules/plugin/plugin.c
+++ b/src/daemon/modules/plugin/plugin.c
@@ -785,7 +785,7 @@ bad:
return NULL;
}
-int plugin_set_activated(plugin_t *plugin, bool activated, const char *errmsg)
+static int plugin_set_activated(plugin_t *plugin, bool activated, const char *errmsg)
{
plugin_wrlock(plugin);
plugin->activated = activated;
diff --git a/src/daemon/modules/spec/specs_extend.c b/src/daemon/modules/spec/specs_extend.c
index 7f43ae57..6276a586 100644
--- a/src/daemon/modules/spec/specs_extend.c
+++ b/src/daemon/modules/spec/specs_extend.c
@@ -496,6 +496,10 @@ int make_sure_oci_spec_linux_resources(oci_runtime_spec *oci_spec)
{
int ret = 0;
+ if (oci_spec == NULL) {
+ return -1;
+ }
+
ret = make_sure_oci_spec_linux(oci_spec);
if (ret < 0) {
return -1;
--
2.25.1

533
0008-add-check-to-arguments.patch Normal file
View File

@ -0,0 +1,533 @@
From 56c2a6a98d51ea893939079cc31e3a7897fa5aba Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Tue, 31 May 2022 12:53:10 +0100
Subject: [PATCH 8/8] add check to arguments
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
src/cmd/isula/base/create.c | 7 ++-
src/cmd/isula/stream/attach.c | 5 ++
src/cmd/isulad/isulad_commands.c | 2 +-
src/daemon/common/err_msg.c | 5 +-
src/daemon/common/selinux_label.c | 7 ++-
src/daemon/common/sysinfo.c | 9 +++
src/daemon/config/isulad_config.c | 9 +++
src/daemon/modules/api/plugin_api.h | 1 -
src/daemon/modules/image/image.c | 6 ++
.../modules/image/oci/oci_common_operators.c | 2 +-
.../graphdriver/devmapper/deviceset.c | 5 ++
.../graphdriver/devmapper/metadata_store.c | 4 ++
src/daemon/modules/plugin/plugin.c | 58 ++-----------------
src/utils/console/console.c | 10 ++++
src/utils/cutils/filters.c | 2 +-
src/utils/cutils/map/rb_tree.c | 4 ++
src/utils/cutils/path.c | 5 ++
src/utils/cutils/utils.c | 48 +++++++--------
src/utils/http/http.c | 7 ++-
src/utils/http/parser.c | 5 ++
test/path/path_ut.cc | 5 ++
21 files changed, 120 insertions(+), 86 deletions(-)
diff --git a/src/cmd/isula/base/create.c b/src/cmd/isula/base/create.c
index ce485f0d..2db2fd21 100644
--- a/src/cmd/isula/base/create.c
+++ b/src/cmd/isula/base/create.c
@@ -393,7 +393,7 @@ static int read_label_from_file(const char *path, size_t file_size, isula_contai
if (file_size == 0) {
return 0;
}
- fp = fopen(path, "re");
+ fp = util_fopen(path, "re");
if (fp == NULL) {
ERROR("Failed to open '%s'", path);
return -1;
@@ -1477,12 +1477,13 @@ int callback_log_opt(command_option_t *option, const char *value)
int callback_log_driver(command_option_t *option, const char *value)
{
- struct client_arguments *args = (struct client_arguments *)option->data;
+ struct client_arguments *args = NULL;
- if (value == NULL) {
+ if (value == NULL || option == NULL) {
COMMAND_ERROR("log driver is NULL");
return -1;
}
+ args = (struct client_arguments *)option->data;
if (!check_opt_container_log_driver(value)) {
COMMAND_ERROR("Unsupported log driver: %s", value);
diff --git a/src/cmd/isula/stream/attach.c b/src/cmd/isula/stream/attach.c
index 3a434bca..9cc19161 100644
--- a/src/cmd/isula/stream/attach.c
+++ b/src/cmd/isula/stream/attach.c
@@ -104,6 +104,11 @@ int inspect_container(const struct client_arguments *args, container_inspect **i
isula_connect_ops *ops = NULL;
parser_error perr = NULL;
+ if (inspect_data == NULL) {
+ COMMAND_ERROR("Empty inspect data");
+ return -1;
+ }
+
inspect_response = util_common_calloc_s(sizeof(struct isula_inspect_response));
if (inspect_response == NULL) {
COMMAND_ERROR("Out of memory");
diff --git a/src/cmd/isulad/isulad_commands.c b/src/cmd/isulad/isulad_commands.c
index f73a82e2..89d91c1b 100644
--- a/src/cmd/isulad/isulad_commands.c
+++ b/src/cmd/isulad/isulad_commands.c
@@ -657,7 +657,7 @@ static int check_conf_default_ulimit(const struct service_arguments *args)
ret = -1;
goto out;
}
- if (strcmp(ptr->name, type) != 0) {
+ if (type == NULL || strcmp(ptr->name, type) != 0) {
COMMAND_ERROR("Ulimit Name \"%s\" must same as type \"%s\" in %s", ptr->name, type,
ISULAD_DAEMON_JSON_CONF_FILE);
ret = -1;
diff --git a/src/daemon/common/err_msg.c b/src/daemon/common/err_msg.c
index 739cb353..3e62fad6 100644
--- a/src/daemon/common/err_msg.c
+++ b/src/daemon/common/err_msg.c
@@ -29,8 +29,11 @@ void isulad_set_error_message(const char *format, ...)
{
int ret = 0;
char errbuf[BUFSIZ + 1] = { 0 };
-
va_list argp;
+
+ if (format == NULL) {
+ return;
+ }
va_start(argp, format);
ret = vsnprintf(errbuf, BUFSIZ, format, argp);
diff --git a/src/daemon/common/selinux_label.c b/src/daemon/common/selinux_label.c
index 5468111e..533393a6 100644
--- a/src/daemon/common/selinux_label.c
+++ b/src/daemon/common/selinux_label.c
@@ -602,7 +602,7 @@ static int container_label(char **process_label, char **file_label)
return -1;
}
- file = fopen(lxc_path, "re");
+ file = util_fopen(lxc_path, "re");
if (file == NULL) {
ERROR("Failed to open '%s'", lxc_path);
return -1;
@@ -782,6 +782,11 @@ int init_label(const char **label_opts, size_t label_opts_len, char **dst_proces
return 0;
}
+ if (label_opts == NULL || dst_process_label == NULL || dst_mount_label == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (container_label(&process_label, &mount_label) != 0) {
ret = -1;
goto out;
diff --git a/src/daemon/common/sysinfo.c b/src/daemon/common/sysinfo.c
index 6fb4ec38..89ca5225 100644
--- a/src/daemon/common/sysinfo.c
+++ b/src/daemon/common/sysinfo.c
@@ -915,6 +915,11 @@ int find_cgroup_mountpoint_and_root(const char *subsystem, char **mountpoint, ch
size_t length = 0;
char *pline = NULL;
+ if (subsystem == NULL) {
+ ERROR("Empty subsystem");
+ return -1;
+ }
+
fp = util_fopen("/proc/self/mountinfo", "r");
if (fp == NULL) {
ERROR("Failed to open \"/proc/self/mountinfo\"\n");
@@ -1566,6 +1571,10 @@ mountinfo_t *find_mount_info(mountinfo_t **minfos, const char *dir)
{
mountinfo_t **it = NULL;
+ if (dir == NULL) {
+ return NULL;
+ }
+
for (it = minfos; it && *it; it++) {
if ((*it)->mountpoint && !strcmp((*it)->mountpoint, dir)) {
return *it;
diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
index 92d86a3b..38d2a0bf 100644
--- a/src/daemon/config/isulad_config.c
+++ b/src/daemon/config/isulad_config.c
@@ -227,6 +227,10 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime)
{
struct service_arguments *conf = NULL;
+ if (cpu_rt_period == NULL || cpu_rt_runtime == NULL) {
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
@@ -776,6 +780,11 @@ out:
int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_log_path)
{
+ if (loglevel == NULL || logdriver == NULL || engine_log_path == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
*loglevel = conf_get_isulad_loglevel();
if (*loglevel == NULL) {
ERROR("DoStart: Failed to get log level");
diff --git a/src/daemon/modules/api/plugin_api.h b/src/daemon/modules/api/plugin_api.h
index 4346b9e9..303ba6bf 100644
--- a/src/daemon/modules/api/plugin_api.h
+++ b/src/daemon/modules/api/plugin_api.h
@@ -101,7 +101,6 @@ int pm_del_plugin(const plugin_t *plugin);
*/
int pm_get_plugin(const char *name, plugin_t **rplugin);
void pm_put_plugin(plugin_t *plugin);
-int pm_get_plugins_nolock(uint64_t pe, plugin_t ***rplugins, size_t *count);
int start_plugin_manager(void);
int plugin_event_container_pre_create(const char *cid, oci_runtime_spec *ocic);
diff --git a/src/daemon/modules/image/image.c b/src/daemon/modules/image/image.c
index 6832aec3..f487f831 100644
--- a/src/daemon/modules/image/image.c
+++ b/src/daemon/modules/image/image.c
@@ -831,11 +831,17 @@ static int append_images_to_response(im_list_response *response, imagetool_image
out:
return ret;
}
+
int im_list_images(const im_list_request *ctx, im_list_response **response)
{
size_t i;
imagetool_images_list *images_tmp = NULL;
+ if (response == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
*response = util_common_calloc_s(sizeof(im_list_response));
if (*response == NULL) {
ERROR("Out of memory");
diff --git a/src/daemon/modules/image/oci/oci_common_operators.c b/src/daemon/modules/image/oci/oci_common_operators.c
index 09405651..fd23096a 100644
--- a/src/daemon/modules/image/oci/oci_common_operators.c
+++ b/src/daemon/modules/image/oci/oci_common_operators.c
@@ -459,7 +459,7 @@ int oci_status_image(im_status_request *request, im_status_response *response)
char *image_ref = NULL;
char *resolved_name = NULL;
- if (response == NULL) {
+ if (request == NULL || response == NULL) {
ERROR("Invalid arguments");
return -1;
}
diff --git a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
index e20d4f1b..d90dde50 100644
--- a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
+++ b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/deviceset.c
@@ -3183,6 +3183,11 @@ struct status *device_set_status(struct device_set *devset)
int sem_usz = 0;
int sem_mni = 0;
+ if (devset == NULL) {
+ ERROR("empty arguments");
+ return NULL;
+ }
+
if (pthread_rwlock_wrlock(&(devset->devmapper_driver_rwlock)) != 0) {
ERROR("lock devmapper conf failed");
return NULL;
diff --git a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/metadata_store.c b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/metadata_store.c
index c8d10b7a..93fc9758 100644
--- a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/metadata_store.c
+++ b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/devmapper/metadata_store.c
@@ -201,6 +201,10 @@ char **metadata_store_list_hashes(metadata_store_t *meta_store)
char **hashes_array = NULL;
map_itor *itor = NULL;
+ if (meta_store == NULL) {
+ return NULL;
+ }
+
if (map_size(meta_store->map) == 0) {
DEBUG("Metadata store hash list is empty");
ret = true;
diff --git a/src/daemon/modules/plugin/plugin.c b/src/daemon/modules/plugin/plugin.c
index 4cea2b2a..4e343a20 100644
--- a/src/daemon/modules/plugin/plugin.c
+++ b/src/daemon/modules/plugin/plugin.c
@@ -760,8 +760,14 @@ plugin_t *plugin_new(const char *name, const char *addr)
plugin_t *plugin = NULL;
int errcode = 0;
+ if (name == NULL || addr == NULL) {
+ ERROR("Empty arguments");
+ return NULL;
+ }
+
plugin = util_common_calloc_s(sizeof(plugin_t));
if (plugin == NULL) {
+ ERROR("Out of memory");
goto bad;
}
@@ -1234,58 +1240,6 @@ void pm_put_plugin(plugin_t *plugin)
plugin_put(plugin);
}
-int pm_get_plugins_nolock(uint64_t pe, plugin_t ***rplugins, size_t *count)
-{
- int ret = 0;
- int i = 0;
- size_t size = 0;
- plugin_t **plugins = NULL;
- map_itor *itor = NULL;
-
- size = map_size(g_plugin_manager->np);
- if (size == 0) { /* empty */
- return 0;
- }
- if (size > SIZE_MAX / sizeof(plugin_t *)) {
- ret = -1;
- ERROR("Invalid plugins size");
- goto out;
- }
-
- plugins = util_common_calloc_s(sizeof(plugin_t *) * size);
- if (plugins == NULL) {
- ret = -1;
- ERROR("Out of memory");
- goto out;
- }
-
- itor = map_itor_new(g_plugin_manager->np);
- if (itor == NULL) {
- ret = -1;
- ERROR("Out of memory");
- goto out;
- }
-
- for (i = 0; i < (int)size && map_itor_valid(itor); i++, map_itor_next(itor)) {
- plugins[i] = map_itor_value(itor);
- /* plugin_put() called in pm_put_plugins() */
- plugin_get(plugins[i]);
- }
-
- *rplugins = plugins;
- *count = (size_t)i;
-
-out:
- map_itor_free(itor);
- itor = NULL;
-
- if (ret < 0) {
- UTIL_FREE_AND_SET_NULL(plugins);
- }
-
- return ret;
-}
-
static void pm_np_item_free(void *key, void *val)
{
plugin_t *plugin = val;
diff --git a/src/utils/console/console.c b/src/utils/console/console.c
index 17c8b242..8492eb4d 100644
--- a/src/utils/console/console.c
+++ b/src/utils/console/console.c
@@ -253,6 +253,11 @@ int console_fifo_open(const char *fifo_path, int *fdout, int flags)
{
int fd = 0;
+ if (fifo_path ==NULL || fdout == NULL) {
+ ERROR("Argument must not be NULL");
+ return -1;
+ }
+
fd = util_open(fifo_path, flags, (mode_t)0);
if (fd < 0) {
ERROR("Failed to open fifo %s to send message: %s.", fifo_path, strerror(errno));
@@ -302,6 +307,11 @@ int setup_tios(int fd, struct termios *curr_tios)
struct termios tmptios;
int ret = 0;
+ if (curr_tios == NULL) {
+ ERROR("Empty terminal io setting");
+ return -1;
+ }
+
if (!isatty(fd)) {
ERROR("Specified fd: '%d' is not a tty", fd);
return -1;
diff --git a/src/utils/cutils/filters.c b/src/utils/cutils/filters.c
index a8fa220f..1885e9cc 100644
--- a/src/utils/cutils/filters.c
+++ b/src/utils/cutils/filters.c
@@ -66,7 +66,7 @@ char **filters_args_get(const struct filters_args *filters, const char *field)
map_t *field_values_map = NULL;
map_itor *itor = NULL;
- if (filters == NULL || filters->fields == NULL) {
+ if (filters == NULL || filters->fields == NULL || field == NULL) {
return NULL;
}
diff --git a/src/utils/cutils/map/rb_tree.c b/src/utils/cutils/map/rb_tree.c
index ddae0646..b63165d5 100644
--- a/src/utils/cutils/map/rb_tree.c
+++ b/src/utils/cutils/map/rb_tree.c
@@ -133,6 +133,10 @@ void rbtree_clear(rb_tree_t *tree)
void rbtree_free(rb_tree_t *tree)
{
+ if (tree == NULL) {
+ return;
+ }
+
rbtree_clear(tree);
free(tree->nil);
tree->nil = NULL;
diff --git a/src/utils/cutils/path.c b/src/utils/cutils/path.c
index f195257d..2446f479 100644
--- a/src/utils/cutils/path.c
+++ b/src/utils/cutils/path.c
@@ -590,6 +590,11 @@ int util_resolve_path(const char *rootpath, const char *path, char **resolvedpat
char tmppath[PATH_MAX] = { 0 };
char cleanedpath[PATH_MAX] = { 0 };
+ if (abspath == NULL || resolvedpath == NULL || rootpath == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
*resolvedpath = NULL;
*abspath = NULL;
diff --git a/src/utils/cutils/utils.c b/src/utils/cutils/utils.c
index 278a72c5..30ff629f 100644
--- a/src/utils/cutils/utils.c
+++ b/src/utils/cutils/utils.c
@@ -1475,32 +1475,32 @@ void util_parse_user_group(const char *username, char **user, char **group, char
return;
}
- if (username != NULL) {
- tmp = util_strdup_s(username);
-
- // for free tmp in caller
- *tmp_dup = tmp;
-
- pdot = strstr(tmp, ":");
- if (pdot != NULL) {
- *pdot = '\0';
- if (pdot != tmp) {
- // User found
- *user = tmp;
- }
- if (*(pdot + 1) != '\0') {
- // group found
- *group = pdot + 1;
- }
- } else {
- // No : found
- if (*tmp != '\0') {
- *user = tmp;
- }
- }
+ if (username == NULL) {
+ return;
}
- return;
+ tmp = util_strdup_s(username);
+
+ // for free tmp in caller
+ *tmp_dup = tmp;
+
+ pdot = strstr(tmp, ":");
+ if (pdot != NULL) {
+ *pdot = '\0';
+ if (pdot != tmp) {
+ // User found
+ *user = tmp;
+ }
+ if (*(pdot + 1) != '\0') {
+ // group found
+ *group = pdot + 1;
+ }
+ } else {
+ // No : found
+ if (*tmp != '\0') {
+ *user = tmp;
+ }
+ }
}
defs_map_string_object *dup_map_string_empty_object(defs_map_string_object *src)
diff --git a/src/utils/http/http.c b/src/utils/http/http.c
index 0b53cf1e..e4788efd 100644
--- a/src/utils/http/http.c
+++ b/src/utils/http/http.c
@@ -241,7 +241,7 @@ static void http_custom_general_options(CURL *curl_handle, const struct http_get
static int http_custom_options(CURL *curl_handle, const struct http_get_options *options)
{
- if (curl_handle == NULL || options == NULL) {
+ if (curl_handle == NULL) {
return -1;
}
@@ -413,6 +413,11 @@ int http_request(const char *url, struct http_get_options *options, long *respon
size_t fsize = 0;
char *replaced_url = 0;
+ if (url == NULL || options == NULL) {
+ ERROR("must set url and options to use http request");
+ return -1;
+ }
+
if (recursive_len + 1 >= MAX_REDIRCT_NUMS) {
ERROR("reach the max redirect num");
return -1;
diff --git a/src/utils/http/parser.c b/src/utils/http/parser.c
index 37475b33..0e0e603b 100644
--- a/src/utils/http/parser.c
+++ b/src/utils/http/parser.c
@@ -319,6 +319,11 @@ char *get_header_value(const struct parsed_http_message *m, const char *header)
int i = 0;
char *ret = NULL;
+ if (m == NULL || header == NULL) {
+ ERROR("Empty arguments");
+ return NULL;
+ }
+
for (i = 0; i < m->num_headers; i++) {
if (strcasecmp(m->headers[i][0], header) == 0) {
ret = (char *)m->headers[i][1];
diff --git a/test/path/path_ut.cc b/test/path/path_ut.cc
index ce6dcc08..0068ecb4 100644
--- a/test/path/path_ut.cc
+++ b/test/path/path_ut.cc
@@ -311,6 +311,11 @@ TEST(path_ut, test_resolve_path)
char *resolvedpath = nullptr;
char *abspath = nullptr;
+ rootpath = "/home";
+ path = "/home/dir/test";
+ ASSERT_EQ(util_resolve_path(rootpath.c_str(), path.c_str(), nullptr, &abspath), -1);
+ ASSERT_EQ(util_resolve_path(rootpath.c_str(), path.c_str(), &resolvedpath, nullptr), -1);
+
ASSERT_EQ(util_resolve_path(nullptr, nullptr, &resolvedpath, &abspath), -1);
free(resolvedpath);
resolvedpath = nullptr;
--
2.25.1

12
iSulad.spec
View File

@ -1,5 +1,5 @@
%global _version 2.0.14
%global _release 5
%global _release 6
%global is_systemd 1
%global enable_shimv2 1
%global is_embedded 1
@ -18,6 +18,9 @@ Patch0002: 0002-fix-install-error-when-android.patch
Patch0003: 0003-imp-fuzz-for-pw-gr-parser.patch
Patch0004: 0004-improve-fuzz-test.patch
Patch0005: 0005-Seccomp-optimization.patch
Patch0006: 0006-fix-different-type-convert.patch
Patch0007: 0007-add-pointer-parameters-NULL-check.patch
Patch0008: 0008-add-check-to-arguments.patch
%ifarch x86_64 aarch64
Provides: libhttpclient.so()(64bit)
@ -245,13 +248,18 @@ fi
%endif
%changelog
* Tue May 31 2022 zhangxiaoyu <zhangxiaoyu58@huawei.com> - 2.0.14-6
- Type: enhancement
- ID: NA
- SUG: NA
- DESC: fix different type convert and add check to arguments
* Mon May 30 2022 chengzrz <chengzeruizhi@huawei.com> - 2.0.14-5
- Type: enhancement
- ID: NA
- SUG: NA
- DESC: seccomp optimization
* Fri May 27 2022 haozi007 <liuhao27@huawei.com> - 2.0.14-4
- Type: enhancement
- ID: NA