packages/iSulad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
iSulad/0006-2168-fix-code-bug.patch
xuxuepeng f2271d04b4 !621 Add vsock support for exec 
* Add vsock support for exec
2023-09-13 02:47:13 +00:00

1055 lines
34 KiB
Diff
Raw Blame History

From f6c1ec5c8603124511c7a726a487757609a1d7a5 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Tue, 5 Sep 2023 02:15:57 +0000
Subject: [PATCH 06/33] !2168 fix code bug * fix code bug
---
src/daemon/common/events_format.c | 6 +-
src/daemon/common/selinux_label.c | 22 +-
src/daemon/common/selinux_label.h | 8 +-
src/daemon/config/isulad_config.c | 276 ++++++++++--------
src/daemon/config/isulad_config.h | 62 ++--
src/daemon/executor/container_cb/execution.c | 4 +-
.../executor/container_cb/execution_create.c | 2 +-
.../executor/container_cb/execution_network.c | 9 +
.../executor/container_cb/execution_stream.h | 6 +-
src/daemon/executor/container_cb/list.c | 4 +-
src/daemon/executor/image_cb/image_cb.c | 18 +-
11 files changed, 233 insertions(+), 184 deletions(-)
diff --git a/src/daemon/common/events_format.c b/src/daemon/common/events_format.c
index e5ceab92..514b060e 100644
--- a/src/daemon/common/events_format.c
+++ b/src/daemon/common/events_format.c
@@ -83,7 +83,11 @@ struct isulad_events_format *dup_event(const struct isulad_events_format *event)
return NULL;
}
- event_copy(event, out);
+ if (event_copy(event, out) != 0) {
+ ERROR("Failed to copy event");
+ isulad_events_format_free(out);
+ return NULL;
+ }
return out;
}
diff --git a/src/daemon/common/selinux_label.c b/src/daemon/common/selinux_label.c
index 585a5e35..e6527bd0 100644
--- a/src/daemon/common/selinux_label.c
+++ b/src/daemon/common/selinux_label.c
@@ -247,7 +247,7 @@ static int get_current_label(char **content)
return read_con(path, content);
}
-bool selinux_get_enable()
+bool selinux_get_enable(void)
{
bool enabled_set = false;
bool enabled = false;
@@ -295,7 +295,7 @@ bool selinux_get_enable()
}
// just disable selinux support for iSulad
-void selinux_set_disabled()
+void selinux_set_disabled(void)
{
(void)set_state_enable(false);
}
@@ -376,9 +376,10 @@ int selinux_state_init(void)
return 0;
}
-void selinux_state_free()
+void selinux_state_free(void)
{
do_selinux_state_free(g_selinux_state);
+ g_selinux_state = NULL;
}
/* MCS already exists */
@@ -986,6 +987,11 @@ int relabel(const char *path, const char *file_label, bool shared)
return 0;
}
+ if (path == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
tmp_file_label = util_strdup_s(file_label);
if (is_exclude_relabel_path(path)) {
ERROR("SELinux relabeling of %s is not allowed", path);
@@ -1059,6 +1065,11 @@ int dup_security_opt(const char *src, char ***dst, size_t *len)
return 0;
}
+ if (dst == NULL || len == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
context_t con = context_new(src);
if (con == NULL) {
ERROR("context new failed");
@@ -1107,6 +1118,11 @@ out:
int get_disable_security_opt(char ***labels, size_t *labels_len)
{
+ if (labels == NULL || labels_len == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (util_array_append(labels, "disable") != 0) {
ERROR("Failed to append label");
return -1;
diff --git a/src/daemon/common/selinux_label.h b/src/daemon/common/selinux_label.h
index 625e94c3..4a3c03d4 100644
--- a/src/daemon/common/selinux_label.h
+++ b/src/daemon/common/selinux_label.h
@@ -24,14 +24,14 @@ extern "C" {
#endif
int selinux_state_init(void);
-void selinux_set_disabled();
-bool selinux_get_enable();
-int init_label(const char **label_opts, size_t label_opts_len, char **process_label, char **mount_label);
+void selinux_set_disabled(void);
+bool selinux_get_enable(void);
+int init_label(const char **label_opts, size_t label_opts_len, char **dst_process_label, char **dst_mount_label);
int relabel(const char *path, const char *file_label, bool shared);
int get_disable_security_opt(char ***labels, size_t *labels_len);
int dup_security_opt(const char *src, char ***dst, size_t *len);
char *selinux_format_mountlabel(const char *src, const char *mount_label);
-void selinux_state_free();
+void selinux_state_free(void);
#ifdef __cplusplus
}
#endif
diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
index 269ab310..f600f0cf 100644
--- a/src/daemon/config/isulad_config.c
+++ b/src/daemon/config/isulad_config.c
@@ -125,7 +125,7 @@ out:
}
/* isulad server conf wrlock */
-int isulad_server_conf_wrlock()
+int isulad_server_conf_wrlock(void)
{
int ret = 0;
@@ -138,7 +138,7 @@ int isulad_server_conf_wrlock()
}
/* isulad server conf rdlock */
-int isulad_server_conf_rdlock()
+int isulad_server_conf_rdlock(void)
{
int ret = 0;
@@ -151,7 +151,7 @@ int isulad_server_conf_rdlock()
}
/* isulad server conf unlock */
-int isulad_server_conf_unlock()
+int isulad_server_conf_unlock(void)
{
int ret = 0;
@@ -163,13 +163,13 @@ int isulad_server_conf_unlock()
return ret;
}
-struct service_arguments *conf_get_server_conf()
+struct service_arguments *conf_get_server_conf(void)
{
return g_isulad_conf.server_conf;
}
/* conf get isulad pidfile */
-char *conf_get_isulad_pidfile()
+char *conf_get_isulad_pidfile(void)
{
char *filename = NULL;
struct service_arguments *conf = NULL;
@@ -191,7 +191,7 @@ out:
}
/* conf get engine rootpath */
-char *conf_get_engine_rootpath()
+char *conf_get_engine_rootpath(void)
{
char *epath = NULL;
char *rootpath = NULL;
@@ -238,7 +238,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
(void)isulad_server_conf_unlock();
return -1;
}
@@ -254,7 +254,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime)
}
/* conf get graph checked flag file path */
-char *conf_get_graph_check_flag_file()
+char *conf_get_graph_check_flag_file(void)
{
char *epath = NULL;
char *rootpath = NULL;
@@ -307,7 +307,7 @@ char *conf_get_routine_rootdir(const char *runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->graph == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) {
ERROR("Server conf is NULL or rootpath is NULL");
goto out;
}
@@ -357,7 +357,7 @@ char *conf_get_routine_statedir(const char *runtime)
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->state == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) {
goto out;
}
@@ -460,7 +460,7 @@ out:
#endif
/* conf get isulad rootdir */
-char *conf_get_isulad_rootdir()
+char *conf_get_isulad_rootdir(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -470,7 +470,7 @@ char *conf_get_isulad_rootdir()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->graph == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) {
goto out;
}
@@ -482,7 +482,7 @@ out:
}
/* conf get registry */
-char **conf_get_registry_list()
+char **conf_get_registry_list(void)
{
int nret = 0;
size_t i;
@@ -495,7 +495,7 @@ char **conf_get_registry_list()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->registry_mirrors_len == 0) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->registry_mirrors_len == 0) {
goto out;
}
@@ -518,7 +518,7 @@ out:
}
/* conf get insecure registry */
-char **conf_get_insecure_registry_list()
+char **conf_get_insecure_registry_list(void)
{
int nret = 0;
size_t i;
@@ -531,7 +531,7 @@ char **conf_get_insecure_registry_list()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->insecure_registries_len == 0) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->insecure_registries_len == 0) {
goto out;
}
@@ -554,7 +554,7 @@ out:
}
/* conf get isulad statedir */
-char *conf_get_isulad_statedir()
+char *conf_get_isulad_statedir(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -564,7 +564,7 @@ char *conf_get_isulad_statedir()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->state == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) {
goto out;
}
@@ -576,7 +576,7 @@ out:
}
/* isulad monitor fifo name */
-char *conf_get_isulad_monitor_fifo_path()
+char *conf_get_isulad_monitor_fifo_path(void)
{
int ret;
char fifo_file_path[PATH_MAX] = { 0 };
@@ -631,7 +631,7 @@ static char *get_parent_mount_dir(char *graph)
}
/* conf get isulad mount rootfs */
-char *conf_get_isulad_mount_rootfs()
+char *conf_get_isulad_mount_rootfs(void)
{
char *path = NULL;
struct service_arguments *conf = NULL;
@@ -653,7 +653,7 @@ out:
}
/* conf get isulad umask for containers */
-char *conf_get_isulad_native_umask()
+char *conf_get_isulad_native_umask(void)
{
char *umask = NULL;
struct service_arguments *conf = NULL;
@@ -663,7 +663,7 @@ char *conf_get_isulad_native_umask()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->native_umask == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->native_umask == NULL) {
goto out;
}
@@ -675,7 +675,7 @@ out:
}
/* conf get isulad cgroup parent for containers */
-char *conf_get_isulad_cgroup_parent()
+char *conf_get_isulad_cgroup_parent(void)
{
char *cgroup_parent = NULL;
struct service_arguments *conf = NULL;
@@ -685,7 +685,7 @@ char *conf_get_isulad_cgroup_parent()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->cgroup_parent == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->cgroup_parent == NULL) {
goto out;
}
@@ -697,7 +697,7 @@ out:
}
/* conf get isulad loglevel */
-char *conf_get_isulad_loglevel()
+char *conf_get_isulad_loglevel(void)
{
char *loglevel = NULL;
struct service_arguments *conf = NULL;
@@ -707,7 +707,7 @@ char *conf_get_isulad_loglevel()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->log_level == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_level == NULL) {
goto out;
}
@@ -725,7 +725,7 @@ char *get_log_file_helper(const struct service_arguments *conf, const char *suff
size_t len = 0;
int nret = 0;
- if (suffix == NULL) {
+ if (conf == NULL || suffix == NULL) {
return NULL;
}
@@ -757,7 +757,7 @@ out:
}
/* conf get isulad log gather fifo path */
-char *conf_get_isulad_log_gather_fifo_path()
+char *conf_get_isulad_log_gather_fifo_path(void)
{
#define LOG_GATHER_FIFO_NAME "/isulad_log_gather_fifo"
char *logfile = NULL;
@@ -796,7 +796,7 @@ out:
}
/* conf get isulad log file */
-char *conf_get_isulad_log_file()
+char *conf_get_isulad_log_file(void)
{
char *logfile = NULL;
struct service_arguments *conf = NULL;
@@ -818,7 +818,7 @@ out:
}
/* conf get engine log file */
-char *conf_get_engine_log_file()
+char *conf_get_engine_log_file(void)
{
char *logfile = NULL;
char *full_path = NULL;
@@ -885,7 +885,7 @@ int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_
}
/* conf get isulad logdriver */
-char *conf_get_isulad_logdriver()
+char *conf_get_isulad_logdriver(void)
{
char *logdriver = NULL;
struct service_arguments *conf = NULL;
@@ -895,7 +895,7 @@ char *conf_get_isulad_logdriver()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->log_driver == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_driver == NULL) {
goto out;
}
@@ -915,12 +915,17 @@ int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts)
size_t i;
int ret = 0;
+ if (opts == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->container_log == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->container_log == NULL) {
goto out;
}
work = conf->json_confs->container_log;
@@ -962,7 +967,7 @@ out:
}
/* conf get image layer check flag */
-bool conf_get_image_layer_check_flag()
+bool conf_get_image_layer_check_flag(void)
{
bool check_flag = false;
struct service_arguments *conf = NULL;
@@ -972,7 +977,7 @@ bool conf_get_image_layer_check_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -984,7 +989,7 @@ out:
}
/* conf get flag of use decrypted key to pull image */
-bool conf_get_use_decrypted_key_flag()
+bool conf_get_use_decrypted_key_flag(void)
{
bool check_flag = true;
struct service_arguments *conf = NULL;
@@ -994,7 +999,7 @@ bool conf_get_use_decrypted_key_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL || conf->json_confs->use_decrypted_key == NULL) {
+ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->use_decrypted_key == NULL) {
goto out;
}
@@ -1005,7 +1010,7 @@ out:
return check_flag;
}
-bool conf_get_skip_insecure_verify_flag()
+bool conf_get_skip_insecure_verify_flag(void)
{
bool check_flag = false;
struct service_arguments *conf = NULL;
@@ -1015,7 +1020,7 @@ bool conf_get_skip_insecure_verify_flag()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -1026,69 +1031,86 @@ out:
return check_flag;
}
-#define OCI_STR_ARRAY_DUP(src, dest, srclen, destlen, ret) \
- do { \
- if ((src) != NULL) { \
- (dest) = util_str_array_dup((const char **)(src), (srclen)); \
- if ((dest) == NULL) { \
- (ret) = -1; \
- goto out; \
- } \
- (destlen) = (srclen); \
- } \
- } while (0)
-
-#define HOOKS_ELEM_DUP_DEF(item) \
- defs_hook *hooks_##item##_elem_dup(const defs_hook *src) \
- { \
- int ret = 0; \
- defs_hook *dest = NULL; \
- if (src == NULL) \
- return NULL; \
- dest = util_common_calloc_s(sizeof(defs_hook)); \
- if (dest == NULL) \
- return NULL; \
- dest->path = util_strdup_s(src->path); \
- OCI_STR_ARRAY_DUP(src->args, dest->args, src->args_len, dest->args_len, ret); \
- OCI_STR_ARRAY_DUP(src->env, dest->env, src->env_len, dest->env_len, ret); \
- dest->timeout = src->timeout; \
- out: \
- if (ret != 0 && dest != NULL) { \
- free_defs_hook(dest); \
- dest = NULL; \
- } \
- return dest; \
- }
-
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(prestart)
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(poststart)
-/* HOOKS ELEM DUP DEF */
-HOOKS_ELEM_DUP_DEF(poststop)
-
-#define HOOKS_ITEM_DUP_DEF(item) \
- int hooks_##item##_dup(oci_runtime_spec_hooks *dest, const oci_runtime_spec_hooks *src) \
- { \
- int i = 0; \
- dest->item = util_smart_calloc_s(sizeof(defs_hook *), (src->item##_len + 1)); \
- if (dest->item == NULL) \
- return -1; \
- dest->item##_len = src->item##_len; \
- for (; (size_t)i < src->item##_len; ++i) { \
- dest->item[i] = hooks_##item##_elem_dup(src->item[i]); \
- if (dest->item[i] == NULL) \
- return -1; \
- } \
- return 0; \
- }
-
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(prestart)
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(poststart)
-/* HOOKS ITEM DUP DEF */
-HOOKS_ITEM_DUP_DEF(poststop)
+static defs_hook *hooks_elem_dup(const defs_hook *src)
+{
+ defs_hook *dest = NULL;
+
+ if (src == NULL) {
+ return NULL;
+ }
+
+ dest = (defs_hook *)util_common_calloc_s(sizeof(defs_hook));
+ if (dest == NULL) {
+ ERROR("Out of memory");
+ return NULL;
+ }
+
+ dest->path = util_strdup_s(src->path);
+ dest->timeout = src->timeout;
+
+ if (src->args_len != 0) {
+ dest->args = util_str_array_dup((const char **)(src->args), src->args_len);
+ if (dest->args == NULL) {
+ ERROR("Failed to duplicate string array");
+ goto err_out;
+ }
+ dest->args_len = src->args_len;
+ }
+
+ if (src->env_len != 0) {
+ dest->env = util_str_array_dup((const char **)(src->env), src->env_len);
+ if (dest->env == NULL) {
+ ERROR("Failed to duplicate string array");
+ goto err_out;
+ }
+ dest->env_len = src->env_len;
+ }
+
+ return dest;
+
+err_out:
+ free_defs_hook(dest);
+ return NULL;
+}
+
+static int hooks_array_dup(const defs_hook **src, const size_t src_len, defs_hook ***dst, size_t *dst_len)
+{
+ size_t i;
+ size_t tmp_len = 0;
+ defs_hook **tmp_dst = NULL;
+
+ if (src_len > SIZE_MAX - 1) {
+ ERROR("Invalid hooks array length");
+ return -1;
+ }
+
+ tmp_dst = (defs_hook **)util_smart_calloc_s(sizeof(defs_hook *), src_len + 1);
+ if (tmp_dst == NULL) {
+ ERROR("Out of memory");
+ return -1;
+ }
+
+ for(i = 0; i < src_len; i++) {
+ tmp_dst[i] = hooks_elem_dup(src[i]);
+ if (tmp_dst[i] == NULL) {
+ ERROR("Failed to duplicate hooks element");
+ goto err_out;
+ }
+ tmp_len++;
+ }
+
+ *dst = tmp_dst;
+ *dst_len = tmp_len;
+ return 0;
+
+err_out:
+ for(i = 0; i < tmp_len; i++) {
+ free_defs_hook(tmp_dst[i]);
+ }
+ free(tmp_dst);
+
+ return -1;
+}
/* hooks_dup */
oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src)
@@ -1104,17 +1126,17 @@ oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src)
return NULL;
}
- ret = hooks_prestart_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->prestart, src->prestart_len, &dest->prestart, &dest->prestart_len);
if (ret != 0) {
goto out;
}
- ret = hooks_poststart_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->poststart, src->poststart_len, &dest->poststart, &dest->poststart_len);
if (ret != 0) {
goto out;
}
- ret = hooks_poststop_dup(dest, src);
+ ret = hooks_array_dup((const defs_hook **)src->poststop, src->poststop_len, &dest->poststop, &dest->poststop_len);
out:
if (ret != 0) {
@@ -1130,6 +1152,11 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks)
int ret = 0;
struct service_arguments *conf = NULL;
+ if (phooks == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (isulad_server_conf_rdlock() != 0) {
return -1;
}
@@ -1184,7 +1211,7 @@ out:
}
/* conf get start timeout */
-unsigned int conf_get_start_timeout()
+unsigned int conf_get_start_timeout(void)
{
struct service_arguments *conf = NULL;
unsigned int ret = 0;
@@ -1204,7 +1231,7 @@ out:
return ret;
}
-char *conf_get_default_runtime()
+char *conf_get_default_runtime(void)
{
struct service_arguments *conf = NULL;
char *result = NULL;
@@ -1226,7 +1253,7 @@ out:
return result;
}
-char *conf_get_enable_plugins()
+char *conf_get_enable_plugins(void)
{
struct service_arguments *conf = NULL;
char *plugins = NULL;
@@ -1249,7 +1276,7 @@ out:
}
#ifdef ENABLE_USERNS_REMAP
-char *conf_get_isulad_userns_remap()
+char *conf_get_isulad_userns_remap(void)
{
struct service_arguments *conf = NULL;
char *userns_remap = NULL;
@@ -1335,7 +1362,7 @@ int conf_get_cni_bin_dir(char ***dst)
}
/* conf get websocket server listening port */
-int32_t conf_get_websocket_server_listening_port()
+int32_t conf_get_websocket_server_listening_port(void)
{
int32_t port = 0;
struct service_arguments *conf = NULL;
@@ -1345,7 +1372,7 @@ int32_t conf_get_websocket_server_listening_port()
}
conf = conf_get_server_conf();
- if (conf == NULL) {
+ if (conf == NULL || conf->json_confs == NULL) {
goto out;
}
@@ -1401,6 +1428,10 @@ int set_unix_socket_group(const char *socket, const char *group)
return -1;
}
+ if (!util_has_prefix(socket, UNIX_SOCKET_PREFIX)) {
+ ERROR("Invalid unix socket: %s", socket);
+ return -1;
+ }
path = socket + strlen(UNIX_SOCKET_PREFIX);
if (strlen(path) > PATH_MAX || realpath(path, rpath) == NULL) {
@@ -1430,15 +1461,6 @@ out:
return ret;
}
-#define OVERRIDE_STRING_VALUE(dst, src) \
- do { \
- if ((src) != NULL && strlen((src)) != 0) { \
- free((dst)); \
- (dst) = (src); \
- (src) = NULL; \
- } \
- } while (0)
-
static int string_array_append(char **suffix, size_t suffix_len, size_t *curr_len, char ***result)
{
if (suffix_len > 0) {
@@ -1463,6 +1485,11 @@ int parse_log_opts(struct service_arguments *args, const char *key, const char *
{
int ret = -1;
+ if (args == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
if (key == NULL || value == NULL) {
return 0;
}
@@ -1682,6 +1709,11 @@ int merge_json_confs_into_global(struct service_arguments *args)
parser_error err = NULL;
int ret = 0;
+ if (args == NULL) {
+ ERROR("Empty arguments");
+ return -1;
+ }
+
tmp_json_confs = isulad_daemon_configs_parse_file(ISULAD_DAEMON_JSON_CONF_FILE, NULL, &err);
if (tmp_json_confs == NULL) {
COMMAND_ERROR("Load isulad json config failed: %s", err != NULL ? err : "");
@@ -1828,7 +1860,7 @@ static bool valid_isulad_daemon_constants(isulad_daemon_constants *config)
return true;
}
-int init_isulad_daemon_constants()
+int init_isulad_daemon_constants(void)
{
parser_error err = NULL;
int ret = 0;
@@ -1855,7 +1887,7 @@ out:
return ret;
}
-isulad_daemon_constants *get_isulad_daemon_constants()
+isulad_daemon_constants *get_isulad_daemon_constants(void)
{
return g_isulad_daemon_constants;
}
diff --git a/src/daemon/config/isulad_config.h b/src/daemon/config/isulad_config.h
index 92edd6e0..4fe1acdc 100644
--- a/src/daemon/config/isulad_config.h
+++ b/src/daemon/config/isulad_config.h
@@ -42,43 +42,43 @@ char *conf_get_sandbox_rootpath(void);
char *conf_get_sandbox_statepath(void);
#endif
-char *conf_get_isulad_pidfile();
-char *conf_get_engine_rootpath();
+char *conf_get_isulad_pidfile(void);
+char *conf_get_engine_rootpath(void);
char *conf_get_routine_rootdir(const char *runtime);
char *conf_get_routine_statedir(const char *runtime);
-char *conf_get_isulad_rootdir();
-char *conf_get_isulad_statedir();
-char *conf_get_isulad_mount_rootfs();
-char *conf_get_isulad_loglevel();
-char *conf_get_isulad_logdriver();
+char *conf_get_isulad_rootdir(void);
+char *conf_get_isulad_statedir(void);
+char *conf_get_isulad_mount_rootfs(void);
+char *conf_get_isulad_loglevel(void);
+char *conf_get_isulad_logdriver(void);
int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_log_path);
-char *conf_get_isulad_log_gather_fifo_path();
+char *conf_get_isulad_log_gather_fifo_path(void);
int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime);
int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts);
-char *conf_get_isulad_log_file();
-char *conf_get_engine_log_file();
-char *conf_get_enable_plugins();
+char *conf_get_isulad_log_file(void);
+char *conf_get_engine_log_file(void);
+char *conf_get_enable_plugins(void);
#ifdef ENABLE_USERNS_REMAP
-char *conf_get_isulad_userns_remap();
+char *conf_get_isulad_userns_remap(void);
#endif
-char *conf_get_cni_conf_dir();
+char *conf_get_cni_conf_dir(void);
int conf_get_cni_bin_dir(char ***dst);
-int32_t conf_get_websocket_server_listening_port();
+int32_t conf_get_websocket_server_listening_port(void);
int save_args_to_conf(struct service_arguments *args);
int set_unix_socket_group(const char *socket, const char *group);
-int isulad_server_conf_wrlock();
+int isulad_server_conf_wrlock(void);
-int isulad_server_conf_rdlock();
+int isulad_server_conf_rdlock(void);
-int isulad_server_conf_unlock();
+int isulad_server_conf_unlock(void);
-struct service_arguments *conf_get_server_conf();
+struct service_arguments *conf_get_server_conf(void);
int get_system_cpu_usage(uint64_t *val);
@@ -86,31 +86,31 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks);
int conf_get_isulad_default_ulimit(host_config_ulimits_element ***ulimit);
-unsigned int conf_get_start_timeout();
+unsigned int conf_get_start_timeout(void);
-char **conf_get_insecure_registry_list();
+char **conf_get_insecure_registry_list(void);
-char **conf_get_registry_list();
-char *conf_get_isulad_native_umask();
+char **conf_get_registry_list(void);
+char *conf_get_isulad_native_umask(void);
-char *conf_get_isulad_cgroup_parent();
+char *conf_get_isulad_cgroup_parent(void);
-char *conf_get_default_runtime();
+char *conf_get_default_runtime(void);
-char *conf_get_graph_check_flag_file();
+char *conf_get_graph_check_flag_file(void);
-bool conf_get_image_layer_check_flag();
+bool conf_get_image_layer_check_flag(void);
int merge_json_confs_into_global(struct service_arguments *args);
-bool conf_get_use_decrypted_key_flag();
-bool conf_get_skip_insecure_verify_flag();
+bool conf_get_use_decrypted_key_flag(void);
+bool conf_get_skip_insecure_verify_flag(void);
int parse_log_opts(struct service_arguments *args, const char *key, const char *value);
-char *conf_get_isulad_monitor_fifo_path();
+char *conf_get_isulad_monitor_fifo_path(void);
-int init_isulad_daemon_constants();
-isulad_daemon_constants *get_isulad_daemon_constants();
+int init_isulad_daemon_constants(void);
+isulad_daemon_constants *get_isulad_daemon_constants(void);
#ifdef __cplusplus
}
diff --git a/src/daemon/executor/container_cb/execution.c b/src/daemon/executor/container_cb/execution.c
index ca4061b4..dbfec59e 100644
--- a/src/daemon/executor/container_cb/execution.c
+++ b/src/daemon/executor/container_cb/execution.c
@@ -912,8 +912,8 @@ static int container_kill_cb(const container_kill_request *request, container_ki
}
if (!util_valid_signal((int)signal)) {
- isulad_set_error_message("Not supported signal %d", signal);
- ERROR("Not supported signal %d", signal);
+ isulad_set_error_message("Not supported signal %u", signal);
+ ERROR("Not supported signal %u", signal);
cc = ISULAD_ERR_EXEC;
goto pack_response;
}
diff --git a/src/daemon/executor/container_cb/execution_create.c b/src/daemon/executor/container_cb/execution_create.c
index c65aa281..9c097121 100644
--- a/src/daemon/executor/container_cb/execution_create.c
+++ b/src/daemon/executor/container_cb/execution_create.c
@@ -706,7 +706,7 @@ out:
free(runtime_root);
free(runtime_stat);
if (ret != 0) {
- /* fail, do not use the input v2 spec, host spec and network settings, the memeory will be free by caller*/
+ /* fail, do not use the input v2 spec, host spec and network settings, the memeory will be free by caller */
if (cont != NULL) {
cont->common_config = NULL;
cont->hostconfig = NULL;
diff --git a/src/daemon/executor/container_cb/execution_network.c b/src/daemon/executor/container_cb/execution_network.c
index 1ff360f2..ce924332 100644
--- a/src/daemon/executor/container_cb/execution_network.c
+++ b/src/daemon/executor/container_cb/execution_network.c
@@ -81,11 +81,20 @@ out:
static int fopen_network(FILE **fp, char **file_path, const char *rootfs, const char *filename)
{
+ int64_t size = 0;
+
if (util_realpath_in_scope(rootfs, filename, file_path) < 0) {
SYSERROR("Failed to get real path '%s' under rootfs '%s'", filename, rootfs);
isulad_set_error_message("Failed to get real path '%s' under rootfs '%s'", filename, rootfs);
return -1;
}
+
+ size = util_file_size(*file_path);
+ if (size > REGULAR_FILE_SIZE) {
+ ERROR("Target file '%s', size exceed limit: %lld", *file_path, REGULAR_FILE_SIZE);
+ return -1;
+ }
+
*fp = util_fopen(*file_path, "a+");
if (*fp == NULL) {
SYSERROR("Failed to open %s", *file_path);
diff --git a/src/daemon/executor/container_cb/execution_stream.h b/src/daemon/executor/container_cb/execution_stream.h
index 227cc2c3..c0dba7d0 100644
--- a/src/daemon/executor/container_cb/execution_stream.h
+++ b/src/daemon/executor/container_cb/execution_stream.h
@@ -1,6 +1,3 @@
-#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
-#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
-
/******************************************************************************
* Copyright (c) Huawei Technologies Co., Ltd. 2017-2019. All rights reserved.
* iSulad licensed under the Mulan PSL v2.
@@ -16,6 +13,9 @@
* Description: provide container list callback function definition
*********************************************************************************/
+#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
+#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H
+
#include "callback.h"
#ifdef __cplusplus
diff --git a/src/daemon/executor/container_cb/list.c b/src/daemon/executor/container_cb/list.c
index 539a1314..243eb4d2 100644
--- a/src/daemon/executor/container_cb/list.c
+++ b/src/daemon/executor/container_cb/list.c
@@ -164,14 +164,14 @@ static int append_ids(const map_t *matches, char ***filtered_ids)
return 0;
}
-static int insert_matched_id(char **ids, map_t *matches, void *value, size_t ids_len)
+static int insert_matched_id(char **ids, map_t *matches, bool *value, size_t ids_len)
{
size_t i;
for (i = 0; i < ids_len; i++) {
container_t *cont = containers_store_get_by_prefix(ids[i]);
if (cont != NULL) {
- bool inserted = map_insert(matches, cont->common_config->id, value);
+ bool inserted = map_insert(matches, (void *)cont->common_config->id, (void *)value);
container_unref(cont);
if (!inserted) {
ERROR("Insert map failed: %s", ids[i]);
diff --git a/src/daemon/executor/image_cb/image_cb.c b/src/daemon/executor/image_cb/image_cb.c
index 124feb21..61fa29db 100644
--- a/src/daemon/executor/image_cb/image_cb.c
+++ b/src/daemon/executor/image_cb/image_cb.c
@@ -597,7 +597,7 @@ static int trans_one_image(image_list_images_response *response, size_t image_in
goto out;
}
- if (!unix_nanos_to_timestamp(created_nanos, &timestamp) != 0) {
+ if (!unix_nanos_to_timestamp(created_nanos, &timestamp)) {
ERROR("Failed to translate nanos to timestamp");
ret = -1;
goto out;
@@ -673,19 +673,6 @@ out:
return ret;
}
-static im_list_request *image_list_context_new(const image_list_images_request *request)
-{
- im_list_request *ctx = NULL;
-
- ctx = util_common_calloc_s(sizeof(im_list_request));
- if (ctx == NULL) {
- ERROR("Out of memory");
- return NULL;
- }
-
- return ctx;
-}
-
#ifdef ENABLE_OCI_IMAGE
struct image_list_context {
struct filters_args *image_filters;
@@ -731,11 +718,12 @@ static im_list_request *fold_filter(const image_list_images_request *request)
{
im_list_request *ctx = NULL;
- ctx = image_list_context_new(request);
+ ctx = (im_list_request *)util_common_calloc_s(sizeof(im_list_request));
if (ctx == NULL) {
ERROR("Out of memory");
goto error_out;
}
+
#ifdef ENABLE_OCI_IMAGE
size_t i;
if (request->filters == NULL) {
--
2.40.1
Reference in New Issue View Git Blame Copy Permalink