From 04ee021566aa241792914782a68a8ba30383e738 Mon Sep 17 00:00:00 2001 From: Kazuki Hasegawa Date: Tue, 28 Mar 2023 19:54:11 +0900 Subject: [PATCH 3/4] Fix undefined behavior. Do not accept setjmp return value as variable. Reference:https://github.com/opencontainers/runc/commit/6053aea46f18f86a3e1cdb0f18a1094079af4aeb Signed-off-by: Kazuki Hasegawa --- libcontainer/nsenter/nsexec.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/libcontainer/nsenter/nsexec.c b/libcontainer/nsenter/nsexec.c index 52e4521c..96bf5b7d 100644 --- a/libcontainer/nsenter/nsexec.c +++ b/libcontainer/nsenter/nsexec.c @@ -958,8 +958,7 @@ void nsexec(void) * -- Aleksa "what has my life come to?" Sarai */ - current_stage = setjmp(env); - switch (current_stage) { + switch (setjmp(env)) { /* * Stage 0: We're in the parent. Our job is just to create a new child * (stage 1: STAGE_CHILD) process and write its uid_map and @@ -973,6 +972,7 @@ void nsexec(void) bool stage1_complete, stage2_complete; /* For debugging. */ + current_stage = STAGE_PARENT; prctl(PR_SET_NAME, (unsigned long)"runc:[0:PARENT]", 0, 0, 0); write_log(DEBUG, "~> nsexec stage-0"); @@ -1130,6 +1130,9 @@ void nsexec(void) pid_t stage2_pid = -1; enum sync_t s; + /* For debugging. */ + current_stage = STAGE_CHILD; + /* We're in a child and thus need to tell the parent if we die. */ syncfd = sync_child_pipe[0]; if (close(sync_child_pipe[1]) < 0) @@ -1310,6 +1313,9 @@ void nsexec(void) */ enum sync_t s; + /* For debugging. */ + current_stage = STAGE_INIT; + /* We're in a child and thus need to tell the parent if we die. */ syncfd = sync_grandchild_pipe[0]; if (close(sync_grandchild_pipe[1]) < 0) @@ -1365,7 +1371,7 @@ void nsexec(void) } break; default: - bail("unknown stage '%d' for jump value", current_stage); + bail("unexpected jump value"); } /* Should never be reached. */ -- 2.27.0