代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/lxc 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From ff35c1cd6118668e13f7ca83d7d704bb9363155a Mon Sep 17 00:00:00 2001
From: wujing <wujing50@huawei.com>
Date: Wed, 15 Apr 2020 07:19:03 -0400
Subject: [PATCH 36/49] Security coding modification
Signed-off-by: wujing <wujing50@huawei.com>
---
src/lxc/commands_utils.c | 2 +-
src/lxc/confile.c | 22 ++++++++++++++++++++++
src/lxc/lxccontainer.c | 8 ++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/src/lxc/commands_utils.c b/src/lxc/commands_utils.c
index 2f2670d..c5fc094 100644
--- a/src/lxc/commands_utils.c
+++ b/src/lxc/commands_utils.c
@@ -114,7 +114,7 @@ int lxc_make_abstract_socket_name(char *path, size_t pathlen,
}
ret = snprintf(offset, len, "%s/%s/%s", lxcpath, name, suffix);
- if (ret < 0)
+ if (ret < 0 || (size_t)ret >= len)
return log_error_errno(-1, errno, "Failed to create abstract socket name");
/*
diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index f00afe9..8790494 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -4288,7 +4288,12 @@ static int get_config_prlimit(const char *key, char *retv, int inlen,
lxc_list_for_each(it, &c->limits) {
/* 2 colon separated 64 bit integers or the word 'unlimited' */
+#ifdef HAVE_ISULAD
+#define MAX_LIMIT_BUF_LEN ((INTTYPE_TO_STRLEN(uint64_t) * 2) + 2)
+ char buf[MAX_LIMIT_BUF_LEN] = { 0 };
+#else
char buf[INTTYPE_TO_STRLEN(uint64_t) * 2 + 2];
+#endif
int partlen;
struct lxc_limit *lim = it->elem;
@@ -4296,17 +4301,34 @@ static int get_config_prlimit(const char *key, char *retv, int inlen,
memcpy(buf, "unlimited", STRLITERALLEN("unlimited") + 1);
partlen = STRLITERALLEN("unlimited");
} else {
+#ifdef HAVE_ISULAD
+ partlen = snprintf(buf, MAX_LIMIT_BUF_LEN, "%" PRIu64, (uint64_t)lim->limit.rlim_cur);
+ if (partlen < 0 || partlen >= MAX_LIMIT_BUF_LEN) {
+ return -1;
+ }
+#else
partlen = sprintf(buf, "%" PRIu64,
(uint64_t)lim->limit.rlim_cur);
+#endif
}
if (lim->limit.rlim_cur != lim->limit.rlim_max) {
if (lim->limit.rlim_max == RLIM_INFINITY)
memcpy(buf + partlen, ":unlimited",
STRLITERALLEN(":unlimited") + 1);
+#ifdef HAVE_ISULAD
+ else {
+ int nret = snprintf(buf + partlen, (MAX_LIMIT_BUF_LEN - partlen),
+ ":%" PRIu64, (uint64_t)lim->limit.rlim_max);
+ if (nret < 0 || nret >= (MAX_LIMIT_BUF_LEN - partlen)) {
+ return -1;
+ }
+ }
+#else
else
sprintf(buf + partlen, ":%" PRIu64,
(uint64_t)lim->limit.rlim_max);
+#endif
}
if (get_all) {
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index f622a63..ab10ac6 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -3243,6 +3243,14 @@ static bool container_destroy(struct lxc_container *c,
if (ret < 0) {
ERROR("Failed to destroy directory \"%s\" for \"%s\"", path,
c->name);
+#ifdef HAVE_ISULAD
+ char msg[BUFSIZ] = { 0 };
+ ret = snprintf(msg, BUFSIZ, "Failed to destroy directory \"%s\": %s", path, errno ? strerror(errno) : "error");
+ if (ret < 0 || ret >= BUFSIZ) {
+ ERROR("Sprintf failed");
+ goto out;
+ }
+#endif
goto out;
}
INFO("Destroyed directory \"%s\" for \"%s\"", path, c->name);
--
1.8.3.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。