From: Henrik Kjölhede Date: Tue, 9 Jun 2015 20:25:16 +0000 (+0200) Subject: Fixed memory checks and faulty loop in get_alloted according to comments X-Git-Tag: lxc-2.0.0.beta1~238^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21002b3950923d0a283d74af51cf5908c1af579b;p=thirdparty%2Flxc.git Fixed memory checks and faulty loop in get_alloted according to comments Signed-off-by: Henrik Kjölhede --- diff --git a/doc/lxc-usernet.sgml.in b/doc/lxc-usernet.sgml.in index aa9340798..8d3e9eb2c 100644 --- a/doc/lxc-usernet.sgml.in +++ b/doc/lxc-usernet.sgml.in @@ -133,12 +133,12 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Since a user can be be specified both by username as well as one or - more usergroups, it is possible that several configuration lines - enable that user to create network interfaces. In such cases, any - interfaces create are counted towards the quotas of the user or group - in the order in which they appear in the file. If the quota of one - line is full, the rest will be parsed until one is found or the end of + Since a user can be be specified both by username as well as one or + more usergroups, it is possible that several configuration lines + enable that user to create network interfaces. In such cases, any + interfaces create are counted towards the quotas of the user or group + in the order in which they appear in the file. If the quota of one + line is full, the rest will be parsed until one is found or the end of the file. diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c index 49d1ed75a..ca4bea57b 100644 --- a/src/lxc/lxc_user_nic.c +++ b/src/lxc/lxc_user_nic.c @@ -97,42 +97,63 @@ static char *get_username(void) return pwd->pw_name; } +static void free_groupnames(char **groupnames) +{ + char **group; + for (group=groupnames; group != NULL; group++) + free(*group); + free(groupnames); +} + static char **get_groupnames(void) { int ngroups; gid_t *group_ids; - int ret, i, j; + int ret, i; char **groupnames; struct group *gr; ngroups = getgroups(0, NULL); if (ngroups == -1) { - fprintf(stderr, "Failed to get number of groups user belongs to\n"); + fprintf(stderr, "Failed to get number of groups user belongs to: %s\n", strerror(errno)); return NULL; } + if (ngroups == 0) + return NULL; group_ids = (gid_t *)malloc(sizeof(gid_t)*ngroups); + + if (group_ids == NULL) { + fprintf(stderr, "Out of memory while getting groups the user belongs to\n"); + return NULL; + } + ret = getgroups(ngroups, group_ids); if (ret < 0) { free(group_ids); - fprintf(stderr, "Failed to get process groups\n"); + fprintf(stderr, "Failed to get process groups: %s\n", strerror(errno)); return NULL; } groupnames = (char **)malloc(sizeof(char *)*(ngroups+1)); + if (groupnames == NULL) { + free(group_ids); + fprintf(stderr, "Out of memory while getting group names\n"); + return NULL; + } + + memset(groupnames, 0, sizeof(char *)*(ngroups+1)); + for (i=0; igr_name); free(group_ids); - for (j=0; jname = strdup(name); + + if (al->name == NULL) { + free(al); + return NULL; + } + al->allowed = n; al->next = NULL; @@ -283,12 +297,13 @@ static int get_alloted(char *me, char *intype, char *link, struct alloted_s **al */ append_alloted(alloted, name, n); count += n; - break; } free_groupnames(groups); fclose(fin); free(line); + + // now return the total number of nics that this user can create return count; }