sync from upstream

Signed-off-by: jikai <jikai11@huawei.com>
(cherry picked from commit 35815058031561339484cdbdff29d3c4beef7a99)

0001-add-systemd-cgroup-field-in-isulad-and-shim-config.patch

@@ -1,7 +1,7 @@
 From 3bcb8f3f60abb6ab6cde999cadb6a836744d4104 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Thu, 11 Jan 2024 19:00:19 +0800
-Subject: [PATCH 01/10] add systemd-cgroup field in isulad and shim config
+Subject: [PATCH 01/14] add systemd-cgroup field in isulad and shim config
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---

0002-Add-http-parser-as-third-party-component.patch

@@ -1,7 +1,7 @@
 From 30558b07c80895e748e4754010d3bfa99f1a52da Mon Sep 17 00:00:00 2001
 From: xuxuepeng <xuxuepeng1@huawei.com>
 Date: Mon, 19 Feb 2024 23:41:50 +0800
-Subject: [PATCH 02/10] Add http-parser as third party component
+Subject: [PATCH 02/14] Add http-parser as third party component
 
 Signed-off-by: xuxuepeng <xuxuepeng1@huawei.com>
 ---

0003-add-enable-pod-events-field.patch

@@ -1,7 +1,7 @@
 From 19655a5df138acda0a57b0411bc69f82511a32b4 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Wed, 13 Mar 2024 15:21:09 +0800
-Subject: [PATCH 03/10] add enable pod events field
+Subject: [PATCH 03/14] add enable pod events field
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---

0004-add-swap-usage-fields-in-shim-stats-and-container-in.patch

@@ -1,7 +1,7 @@
 From 299f54b13a85855540e6d28e9c9bfefb7bc66f14 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Fri, 12 Jan 2024 11:30:34 +0800
-Subject: [PATCH 04/10] add swap usage fields in shim stats and container info
+Subject: [PATCH 04/14] add swap usage fields in shim stats and container info
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---

0005-Add-oomkilled-field-in-inspect.json.patch

@@ -1,7 +1,7 @@
 From 5adb5c82cb48f55fec1d6750e0648a0ffc5a372c Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Mon, 18 Mar 2024 20:23:58 +0800
-Subject: [PATCH 05/10] Add oomkilled field in inspect.json
+Subject: [PATCH 05/14] Add oomkilled field in inspect.json
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---

0006-add-runtime-in-process-state.patch

@@ -1,7 +1,7 @@
 From ffe13775740957f55c4a87cdee63481b1e6f4adb Mon Sep 17 00:00:00 2001
 From: zhongtao <zhongtao17@huawei.com>
 Date: Mon, 8 Apr 2024 11:38:21 +0800
-Subject: [PATCH 06/10] add runtime in process-state
+Subject: [PATCH 06/14] add runtime in process-state
 
 Signed-off-by: zhongtao <zhongtao17@huawei.com>
 ---

0007-restore-bufsize-to-prevent-log-loss.patch

@@ -1,7 +1,7 @@
 From 27b2deef3e4d64b44a7a4cdfd76ac99bfad80f64 Mon Sep 17 00:00:00 2001
 From: zhongtao <zhongtao17@huawei.com>
 Date: Tue, 9 Apr 2024 10:34:32 +0800
-Subject: [PATCH 07/10] restore bufsize to prevent log loss
+Subject: [PATCH 07/14] restore bufsize to prevent log loss
 
 Signed-off-by: zhongtao <zhongtao17@huawei.com>
 ---

0008-support-clang-build.patch

@@ -1,7 +1,7 @@
 From f1d0acce748fdccb750424b75f5de8fd760fb98e Mon Sep 17 00:00:00 2001
 From: luofeng14 <luofeng13@huawei.com>
 Date: Wed, 10 Apr 2024 11:29:29 +0800
-Subject: [PATCH 08/10] support clang build
+Subject: [PATCH 08/14] support clang build
 
 ---
  cmake/set_build_flags.cmake | 2 +-

0009-support-cdi-spec.patch

@@ -1,7 +1,7 @@
 From 63b48aafaa17616d75f79f7cfe54fc0f2827692d Mon Sep 17 00:00:00 2001
 From: liuxu <liuxu156@huawei.com>
 Date: Tue, 5 Mar 2024 22:20:43 +0800
-Subject: [PATCH 09/10] support cdi spec
+Subject: [PATCH 09/14] support cdi spec
 
 ---
  src/json/schema/cdi/container_edits.json   | 28 ++++++++++++++++

0010-remove-file-mode-check-in-ut.patch

@@ -1,7 +1,7 @@
 From e7db434109376a88013d739c81c71dd1db86e3a5 Mon Sep 17 00:00:00 2001
 From: jikai <jikai11@huawei.com>
 Date: Fri, 19 Apr 2024 04:04:12 +0000
-Subject: [PATCH 10/10] remove file mode check in ut
+Subject: [PATCH 10/14] remove file mode check in ut
 
 Signed-off-by: jikai <jikai11@huawei.com>
 ---

0011-remove-lcr-created-spec-only-if-create-failed.patch

@@ -0,0 +1,103 @@
+From d059f53cad4f3063df4f7f93107ad2fbffdb301c Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Fri, 26 Apr 2024 03:46:43 +0000
+Subject: [PATCH 11/14] remove lcr-created spec only if create failed
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/runtime/lcrcontainer.c        |  8 +++---
+ src/runtime/lcrcontainer_extend.c | 44 +++++++++++++++++++++++++++++++
+ src/runtime/lcrcontainer_extend.h |  2 ++
+ 3 files changed, 49 insertions(+), 5 deletions(-)
+
+diff --git a/src/runtime/lcrcontainer.c b/src/runtime/lcrcontainer.c
+index 2f0c9dd..c6959aa 100644
+--- a/src/runtime/lcrcontainer.c
++++ b/src/runtime/lcrcontainer.c
+@@ -186,15 +186,13 @@ bool lcr_create(const char *name, const char *lcrpath, void *oci_config)
+ 
+     bret = true;
+ out_unlock:
++    if (!bret) {
++        lcr_delete_spec(c, oci_spec);
++    }
+     if (partial_fd >= 0) {
+         close(partial_fd);
+         remove_partial(c);
+     }
+-    if (!bret) {
+-        if (!c->destroy(c)) {
+-            WARN("Unable to clean lxc resources");
+-        }
+-    }
+     lxc_container_put(c);
+     isula_libutils_free_log_prefix();
+     return bret;
+diff --git a/src/runtime/lcrcontainer_extend.c b/src/runtime/lcrcontainer_extend.c
+index 1409ea4..0b420d2 100644
+--- a/src/runtime/lcrcontainer_extend.c
++++ b/src/runtime/lcrcontainer_extend.c
+@@ -999,3 +999,47 @@ out_free_conf:
+     return ret;
+ }
+ 
++static void delete_specific_spec(const char *bundle, const char *name)
++{
++    char filepath[PATH_MAX] = { 0 };
++    int nret = snprintf(filepath, sizeof(filepath), "%s/%s", bundle, name);
++    if (nret < 0 || (size_t)nret >= sizeof(filepath)) {
++        ERROR("Failed to print string");
++        return;
++    }
++
++    if (unlink(filepath) != 0) {
++        SYSERROR("Failed to delete %s", filepath);
++        return;
++    }
++}
++
++void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container)
++{
++    const char *path = NULL;
++    const char *name = NULL;
++    char *bundle = NULL;
++
++    if (c == NULL || c->name == NULL || container == NULL) {
++        ERROR("Invalid arguments");
++        return;
++    }
++
++    path = c->config_path ? c->config_path : LCRPATH;
++    name = c->name;
++    bundle = lcr_get_bundle(path, name);
++    if (bundle == NULL) {
++        return;
++    }
++
++    if (container->hooks != NULL) {
++        delete_specific_spec(bundle, OCIHOOKSFILE);
++    }
++
++    delete_specific_spec(bundle, "config");
++
++    // There might not exist seccomp file, try to delete anyway
++    delete_specific_spec(bundle, "seccomp");
++
++    free(bundle);
++}
+diff --git a/src/runtime/lcrcontainer_extend.h b/src/runtime/lcrcontainer_extend.h
+index 539747c..c286450 100644
+--- a/src/runtime/lcrcontainer_extend.h
++++ b/src/runtime/lcrcontainer_extend.h
+@@ -76,6 +76,8 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct isula_lin
+ 
+ bool translate_spec(const struct lxc_container *c, oci_runtime_spec *container);
+ 
++void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container);
++
+ #ifdef __cplusplus
+ }
+ #endif
+-- 
+2.34.1
+

0012-Fix-info-inproper-data-type-for-timestamp.patch

@@ -0,0 +1,26 @@
+From d5805dda2500ff4b0676e30c800a188c93a7d59d Mon Sep 17 00:00:00 2001
+From: xuxuepeng <xuxuepeng1@huawei.com>
+Date: Fri, 3 May 2024 04:07:30 +0800
+Subject: [PATCH 12/14] Fix info inproper data type for timestamp
+
+Signed-off-by: xuxuepeng <xuxuepeng1@huawei.com>
+---
+ src/json/schema/container/info.json | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/json/schema/container/info.json b/src/json/schema/container/info.json
+index 3bf1033..d7209db 100644
+--- a/src/json/schema/container/info.json
++++ b/src/json/schema/container/info.json
+@@ -78,7 +78,7 @@
+       "type": "uint64"
+     },
+     "timestamp": {
+-      "type": "uint64"
++      "type": "int64"
+     },
+     "swap_used": {
+       "type": "uint64"
+-- 
+2.34.1
+

0013-fix-bug-for-potential-config-seccomp-ocihook-write-e.patch

@@ -0,0 +1,208 @@
+From fef260da5d0acf8d730ad6a809382989c521b0ef Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Thu, 9 May 2024 12:28:44 +0000
+Subject: [PATCH 13/14] fix bug for potential config/seccomp/ocihook write
+ error
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/runtime/lcrcontainer_extend.c | 62 +++++++++++++++----------------
+ 1 file changed, 31 insertions(+), 31 deletions(-)
+
+diff --git a/src/runtime/lcrcontainer_extend.c b/src/runtime/lcrcontainer_extend.c
+index 0b420d2..93ec60f 100644
+--- a/src/runtime/lcrcontainer_extend.c
++++ b/src/runtime/lcrcontainer_extend.c
+@@ -347,12 +347,13 @@ out:
+     return ret;
+ }
+ 
+-static int lcr_spec_write_seccomp_line(FILE *fp, const char *seccomp)
++static int lcr_spec_write_seccomp_line(int fd, const char *seccomp)
+ {
+     size_t len;
+     char *line = NULL;
+     int ret = -1;
+     int nret;
++    ssize_t nwritten = -1;
+ 
+     if (strlen(seccomp) > SIZE_MAX - strlen("lxc.seccomp.profile") - 3 - 1) {
+         ERROR("the length of lxc.seccomp is too long!");
+@@ -378,7 +379,8 @@ static int lcr_spec_write_seccomp_line(FILE *fp, const char *seccomp)
+     }
+ 
+     line[nret] = '\n';
+-    if (fwrite(line, 1, len ,fp) != len) {
++    nwritten = isula_file_total_write_nointr(fd, line, len);
++    if (nwritten < 0 || (size_t)nwritten != len) {
+         SYSERROR("Write file failed");
+         goto cleanup;
+     }
+@@ -395,7 +397,7 @@ static char *lcr_save_seccomp_file(const char *bundle, const char *seccomp_conf)
+     char *real_seccomp = NULL;
+     int fd = -1;
+     int nret;
+-    ssize_t written_cnt;
++    ssize_t nwritten = -1;
+ 
+     nret = snprintf(seccomp, sizeof(seccomp), "%s/seccomp", bundle);
+     if (nret < 0 || (size_t)nret >= sizeof(seccomp)) {
+@@ -414,9 +416,9 @@ static char *lcr_save_seccomp_file(const char *bundle, const char *seccomp_conf)
+         goto cleanup;
+     }
+ 
+-    written_cnt = write(fd, seccomp_conf, strlen(seccomp_conf));
++    nwritten = isula_file_total_write_nointr(fd, seccomp_conf, strlen(seccomp_conf));
+     close(fd);
+-    if (written_cnt == -1) {
++    if (nwritten < 0 || (size_t)nwritten != strlen(seccomp_conf)) {
+         SYSERROR("write seccomp_conf failed");
+         goto cleanup;
+     }
+@@ -609,14 +611,12 @@ out_free:
+     return NULL;
+ }
+ 
+-
+-static FILE *lcr_open_config_file(const char *bundle)
++static int lcr_open_config_file(const char *bundle)
+ {
+     char config[PATH_MAX] = { 0 };
+     char *real_config = NULL;
+     int fd = -1;
+     int nret;
+-    FILE *fp = NULL;
+ 
+     nret = snprintf(config, sizeof(config), "%s/config", bundle);
+     if (nret < 0 || (size_t)nret >= sizeof(config)) {
+@@ -636,15 +636,9 @@ static FILE *lcr_open_config_file(const char *bundle)
+         goto out;
+     }
+ 
+-    fp = fdopen(fd, "w");
+-    if(fp == NULL){
+-        ERROR("FILE open failed");
+-        goto out;
+-    }
+-
+ out:
+     free(real_config);
+-    return fp;
++    return fd;
+ }
+ 
+ // escape_string_encode unzip some escape characters
+@@ -710,17 +704,19 @@ static char *escape_string_encode(const char *src)
+     return dst;
+ }
+ 
+-static int lcr_spec_write_config(FILE *fp, const struct isula_linked_list *lcr_conf)
++static int lcr_spec_write_config(int fd, const struct isula_linked_list *lcr_conf)
+ {
+     size_t len;
+-    int ret = -1;
++    char *line = NULL;
+     struct isula_linked_list *it = NULL;
+     char *line_encode = NULL;
+-    char *line = NULL;
++    int ret = -1;
+ 
+     isula_linked_list_for_each(it, lcr_conf) {
+         lcr_config_item_t *item = it->elem;
+         int nret;
++        size_t encode_len;
++        ssize_t nwritten = -1;
+         if (item != NULL) {
+             if (strlen(item->value) > ((SIZE_MAX - strlen(item->name)) - 4)) {
+                 goto cleanup;
+@@ -733,6 +729,7 @@ static int lcr_spec_write_config(FILE *fp, const struct isula_linked_list *lcr_c
+             }
+ 
+             nret = snprintf(line, len, "%s = %s", item->name, item->value);
++
+             if (nret < 0 || (size_t)nret >= len) {
+                 ERROR("Sprintf failed");
+                 goto cleanup;
+@@ -744,10 +741,11 @@ static int lcr_spec_write_config(FILE *fp, const struct isula_linked_list *lcr_c
+                 goto cleanup;
+             }
+ 
+-            len = strlen(line_encode);
+-            line_encode[len] = '\n';
++            encode_len = strlen(line_encode);
+ 
+-            if (fwrite(line_encode, 1, len + 1, fp) != len + 1) {
++            line_encode[encode_len] = '\n';
++            nwritten = isula_file_total_write_nointr(fd, line_encode, encode_len + 1);
++            if (nwritten < 0 || (size_t)nwritten != encode_len + 1) {
+                 SYSERROR("Write file failed");
+                 goto cleanup;
+             }
+@@ -816,7 +814,7 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct isula_lin
+     const char *path = lcrpath ? lcrpath : LCRPATH;
+     char *bundle = NULL;
+     char *seccomp = NULL;
+-    FILE *fp = NULL;
++    int fd = -1;
+     int nret = 0;
+ 
+     if (name == NULL) {
+@@ -841,17 +839,17 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct isula_lin
+         }
+     }
+ 
+-    fp = lcr_open_config_file(bundle);
+-    if (fp == NULL) {
++    fd = lcr_open_config_file(bundle);
++    if (fd == -1) {
+         goto out_free;
+     }
+ 
+-    if (lcr_spec_write_config(fp, lcr_conf)) {
++    if (lcr_spec_write_config(fd, lcr_conf)) {
+         goto out_free;
+     }
+ 
+     if (seccomp_conf != NULL) {
+-        nret = lcr_spec_write_seccomp_line(fp, seccomp);
++        nret = lcr_spec_write_seccomp_line(fd, seccomp);
+         if (nret) {
+             goto out_free;
+         }
+@@ -860,11 +858,11 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct isula_lin
+     bret = true;
+ 
+ out_free:
+-    if (fp != NULL) {
+-        fclose(fp);
+-    }
+-    free(seccomp);
+     free(bundle);
++    free(seccomp);
++    if (fd != -1) {
++        close(fd);
++    }
+ 
+     return bret;
+ }
+@@ -874,6 +872,7 @@ static int lcr_write_file(const char *path, const char *data, size_t len)
+     char *real_path = NULL;
+     int fd = -1;
+     int ret = -1;
++    ssize_t nwritten = -1;
+ 
+     if (path == NULL || strlen(path) == 0 || data == NULL || len == 0) {
+         return -1;
+@@ -891,7 +890,8 @@ static int lcr_write_file(const char *path, const char *data, size_t len)
+         goto out_free;
+     }
+ 
+-    if (write(fd, data, len) == -1) {
++    nwritten = isula_file_total_write_nointr(fd, data, len);
++    if (nwritten < 0 || (size_t)nwritten != len) {
+         SYSERROR("write data to %s failed", real_path);
+         goto out_free;
+     }
+-- 
+2.34.1
+

0014-add-codecheck-fix.patch

@@ -0,0 +1,250 @@
+From c215d7911baf0c17181dda3f2d613bedab11cb88 Mon Sep 17 00:00:00 2001
+From: jikai <jikai11@huawei.com>
+Date: Tue, 14 May 2024 07:50:38 +0000
+Subject: [PATCH 14/14] add codecheck fix
+
+Signed-off-by: jikai <jikai11@huawei.com>
+---
+ src/runtime/conf.c         |  2 +-
+ src/runtime/conf.h         |  2 +-
+ src/runtime/error.c        |  1 -
+ src/utils/utils_array.h    |  6 +++---
+ src/utils/utils_cgroup.c   |  2 +-
+ src/utils/utils_cgroup.h   |  5 +++--
+ src/utils/utils_convert.c  |  2 +-
+ src/utils/utils_convert.h  |  2 +-
+ src/utils/utils_file.c     | 16 ++++++++--------
+ src/utils/utils_mainloop.c |  2 +-
+ src/utils/utils_memory.h   |  1 -
+ src/utils/utils_string.h   |  2 +-
+ 12 files changed, 21 insertions(+), 22 deletions(-)
+
+diff --git a/src/runtime/conf.c b/src/runtime/conf.c
+index de07353..5cf6e3f 100644
+--- a/src/runtime/conf.c
++++ b/src/runtime/conf.c
+@@ -3242,7 +3242,7 @@ static int add_needed_net_conf(struct isula_linked_list *conf)
+ }
+ 
+ /* get needed lxc conf */
+-struct isula_linked_list *get_needed_lxc_conf()
++struct isula_linked_list *get_needed_lxc_conf(void)
+ {
+     struct isula_linked_list *conf = isula_common_calloc_s(sizeof(*conf));
+     if (conf == NULL) {
+diff --git a/src/runtime/conf.h b/src/runtime/conf.h
+index 7ee8184..45cee0a 100644
+--- a/src/runtime/conf.h
++++ b/src/runtime/conf.h
+@@ -117,7 +117,7 @@ struct isula_linked_list *trans_annotations(const json_map_string_string *anno);
+ /*
+  * Get other lxc needed configurations
+  */
+-struct isula_linked_list *get_needed_lxc_conf();
++struct isula_linked_list *get_needed_lxc_conf(void);
+ 
+ 
+ bool is_system_container(const oci_runtime_spec *container);
+diff --git a/src/runtime/error.c b/src/runtime/error.c
+index d0bfcce..52561b1 100644
+--- a/src/runtime/error.c
++++ b/src/runtime/error.c
+@@ -27,7 +27,6 @@
+ 
+ #include "utils_memory.h"
+ #include "utils_string.h"
+-#include "constants.h"
+ 
+ // record the lcr error
+ __thread engine_error_t g_lcr_error = {
+diff --git a/src/utils/utils_array.h b/src/utils/utils_array.h
+index 1fc167d..527b0f4 100644
+--- a/src/utils/utils_array.h
++++ b/src/utils/utils_array.h
+@@ -29,11 +29,11 @@
+ extern "C" {
+ #endif
+ 
+-void isula_free_array(void **array);
++void isula_free_array(void **orig_array);
+ 
+-int isula_grow_array(void ***array, size_t *capacity, size_t new_size, size_t capacity_increment);
++int isula_grow_array(void ***orig_array, size_t *orig_capacity, size_t size, size_t increment);
+ 
+-size_t isula_array_len(void **array);
++size_t isula_array_len(void **orig_array);
+ 
+ typedef void *(*clone_cb)(const void *src);
+ int isula_array_append(void ***array, const void *element, clone_cb cb);
+diff --git a/src/utils/utils_cgroup.c b/src/utils/utils_cgroup.c
+index bd3bc42..71fcc1b 100644
+--- a/src/utils/utils_cgroup.c
++++ b/src/utils/utils_cgroup.c
+@@ -81,7 +81,7 @@ uint64_t lcr_util_trans_blkio_weight_to_io_bfq_weight(int weight)
+     return (uint64_t)(1 + ((uint64_t)weight - 10) * 999 / 990);
+ }
+ 
+-int lcr_util_get_cgroup_version()
++int lcr_util_get_cgroup_version(void)
+ {
+     struct statfs fs = {0};
+ 
+diff --git a/src/utils/utils_cgroup.h b/src/utils/utils_cgroup.h
+index 18b404b..e82adfb 100644
+--- a/src/utils/utils_cgroup.h
++++ b/src/utils/utils_cgroup.h
+@@ -23,9 +23,10 @@
+ #ifndef _ISULA_UTILS_UTILS_CGROUP_H
+ #define _ISULA_UTILS_UTILS_CGROUP_H
+ 
++#include <stdint.h>
++
+ #include <sys/types.h>
+ #include <linux/magic.h>
+-#include <stdint.h>
+ 
+ #ifdef __cplusplus
+ extern "C" {
+@@ -54,7 +55,7 @@ int lcr_util_get_real_swap(int64_t memory, int64_t memory_swap, int64_t *swap);
+ int lcr_util_trans_cpushare_to_cpuweight(int64_t cpu_share);
+ uint64_t lcr_util_trans_blkio_weight_to_io_weight(int weight);
+ uint64_t lcr_util_trans_blkio_weight_to_io_bfq_weight(int weight);
+-int lcr_util_get_cgroup_version();
++int lcr_util_get_cgroup_version(void);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/src/utils/utils_convert.c b/src/utils/utils_convert.c
+index f3e38c4..6bdeb04 100644
+--- a/src/utils/utils_convert.c
++++ b/src/utils/utils_convert.c
+@@ -325,7 +325,7 @@ int isula_parse_byte_size_string(const char *s, int64_t *converted)
+     }
+ 
+     ret = parse_unit_multiple(pmlt, &mltpl);
+-    if (ret) {
++    if (ret != 0) {
+         return ret;
+     }
+ 
+diff --git a/src/utils/utils_convert.h b/src/utils/utils_convert.h
+index 47d37e7..ac34772 100644
+--- a/src/utils/utils_convert.h
++++ b/src/utils/utils_convert.h
+@@ -43,7 +43,7 @@ int isula_safe_strto_uint16(const char *numstr, uint16_t *converted);
+ 
+ int isula_safe_strto_uint64(const char *numstr, uint64_t *converted);
+ 
+-int isula_safe_strto_int(const char *numstr, int *converted);
++int isula_safe_strto_int(const char *num_str, int *converted);
+ 
+ int isula_safe_strto_uint(const char *numstr, unsigned int *converted);
+ 
+diff --git a/src/utils/utils_file.c b/src/utils/utils_file.c
+index d7ff4af..b742d20 100644
+--- a/src/utils/utils_file.c
++++ b/src/utils/utils_file.c
+@@ -62,12 +62,12 @@ static int do_clean_path(const char *respath, const char *limit_respath, const c
+     char *dest = *dst;
+     const char *endpos = stpos;
+ 
+-    for (; *stpos; stpos = endpos) {
++    for (; *stpos != '\0'; stpos = endpos) {
+         while (ISSLASH(*stpos)) {
+             ++stpos;
+         }
+ 
+-        for (endpos = stpos; *endpos && !ISSLASH(*endpos); ++endpos) {
++        for (endpos = stpos; (*endpos != '\0') && !ISSLASH(*endpos); ++endpos) {
+         }
+ 
+         if (endpos - stpos == 0) {
+@@ -139,7 +139,7 @@ char *isula_clean_path(const char *path, char *realpath, size_t realpath_len)
+         stpos = path;
+     }
+ 
+-    if (do_clean_path(respath, limit_respath, stpos, &dest)) {
++    if (do_clean_path(respath, limit_respath, stpos, &dest) != 0) {
+         return NULL;
+     }
+ 
+@@ -243,7 +243,7 @@ static void util_rmdir_one(const char *dirpath, const struct dirent *pdirent, in
+     }
+ 
+     nret = lstat(fname, &fstat);
+-    if (nret) {
++    if (nret != 0) {
+         ERROR("Failed to stat %s", fname);
+         *failure = -1;
+         return;
+@@ -405,9 +405,9 @@ int isula_dir_build(const char *name)
+             continue;
+         }
+         set_char_to_terminator(p);
+-        if (access(n, F_OK)) {
++        if (access(n, F_OK) != 0) {
+             nret = mkdir(n, DEFAULT_SECURE_DIRECTORY_MODE);
+-            if (nret && (errno != EEXIST || !isula_dir_exists(n))) {
++            if (nret != 0 && (errno != EEXIST || !isula_dir_exists(n))) {
+                 ERROR("failed to create directory '%s'.", n);
+                 free(n);
+                 return -1;
+@@ -451,7 +451,7 @@ int isula_dir_recursive_mk(const char *dir, mode_t mode)
+             ERROR("strndup failed");
+             return -1;
+         }
+-        if (*cur_dir) {
++        if (*cur_dir != '\0') {
+             ret = mkdir(cur_dir, mode);
+             if (ret != 0 && (errno != EEXIST || !isula_dir_exists(cur_dir))) {
+                 SYSERROR("failed to create directory '%s'", cur_dir);
+@@ -536,7 +536,7 @@ static int append_new_content_to_file(FILE *fp, const char *content)
+             return -1;
+         }
+         util_trim_newline(line);
+-        if (!strcmp(content, line)) {
++        if (strcmp(content, line) == 0) {
+             need_append = false;
+             break;
+         }
+diff --git a/src/utils/utils_mainloop.c b/src/utils/utils_mainloop.c
+index cc6a8ae..c45b32c 100644
+--- a/src/utils/utils_mainloop.c
++++ b/src/utils/utils_mainloop.c
+@@ -142,7 +142,7 @@ int isula_epoll_remove_handler(isula_epoll_descr_t *descr, int fd)
+         epoll_handler = index->elem;
+ 
+         if (fd == epoll_handler->cbfd) {
+-            if (epoll_ctl(descr->fd, EPOLL_CTL_DEL, fd, NULL)) {
++            if (epoll_ctl(descr->fd, EPOLL_CTL_DEL, fd, NULL) != 0) {
+                 return -1;
+             }
+ 
+diff --git a/src/utils/utils_memory.h b/src/utils/utils_memory.h
+index 4749622..7b9528c 100644
+--- a/src/utils/utils_memory.h
++++ b/src/utils/utils_memory.h
+@@ -23,7 +23,6 @@
+ #ifndef _ISULA_UTILS_UTILS_MEMORY_H
+ #define _ISULA_UTILS_UTILS_MEMORY_H
+ 
+-#include <stdbool.h>
+ #include <stdint.h>
+ #include <sys/types.h>
+ 
+diff --git a/src/utils/utils_string.h b/src/utils/utils_string.h
+index 5a25531..407158c 100644
+--- a/src/utils/utils_string.h
++++ b/src/utils/utils_string.h
+@@ -48,7 +48,7 @@ char *isula_string_append(const char *pre, const char *add_str);
+ /*
+  * Replace 'needle' in string haystack with 'replacement';
+ */
+-char *isula_string_replace(const char *needle, const char *replacement, const char *haystack);
++char *isula_string_replace(const char *needle, const char *replace, const char *haystack);
+ 
+ struct __isula_string_array;
+ 
+-- 
+2.34.1
+

lcr.spec

@@ -1,5 +1,5 @@
 %global _version 2.1.4
-%global _release 7
+%global _release 8
 %global _inner_name isula_libutils
 %global enable_lxc 1
 
@@ -23,6 +23,10 @@ Patch0007: 0007-restore-bufsize-to-prevent-log-loss.patch
 Patch0008: 0008-support-clang-build.patch
 Patch0009: 0009-support-cdi-spec.patch
 Patch0010: 0010-remove-file-mode-check-in-ut.patch
+Patch0011: 0011-remove-lcr-created-spec-only-if-create-failed.patch
+Patch0012: 0012-Fix-info-inproper-data-type-for-timestamp.patch
+Patch0013: 0013-fix-bug-for-potential-config-seccomp-ocihook-write-e.patch
+Patch0014: 0014-add-codecheck-fix.patch
 
 %define lxcver_lower 4.0.3-2022102400
 %define lxcver_upper 5.0.3
@@ -143,6 +147,12 @@ rm -rf %{buildroot}
 %{_includedir}/lcr/utils_compile.h
 
 %changelog
+* Tue June 11 2024 jikai<jikai11@huawei.com> - 2.1.4-8
+- Type:enhancement
+- CVE:NA
+- SUG:NA
+- DESC:sync from upstream
+
 * Fri Apr 12 2024 luofeng<luofeng13@huawei.com> - 2.1.4-7
 - Type:enhancement
 - CVE:NA