From: Christian Brauner Date: Wed, 15 Apr 2020 11:51:51 +0000 (+0200) Subject: conf: don't double free in get_minimal_idmap() X-Git-Tag: lxc-5.0.0~451^2~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2c99621932e0a8822ae6ba1e6404ba92f43fc57e;p=thirdparty%2Flxc.git conf: don't double free in get_minimal_idmap() Fixes: Coverity 1461725. Fixes: Coverity 1461727. Signed-off-by: Christian Brauner --- diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 5bbc1a1d7..474b01f92 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -3954,7 +3954,7 @@ static struct lxc_list *get_minimal_idmap(const struct lxc_conf *conf, euid = geteuid(); if (euid >= container_root_uid->hostid && euid < (container_root_uid->hostid + container_root_uid->range)) - host_uid_map = container_root_uid; + host_uid_map = move_ptr(container_root_uid); container_root_gid = mapped_nsid_add(conf, nsgid, ID_TYPE_GID); if (!container_root_gid) @@ -3962,7 +3962,7 @@ static struct lxc_list *get_minimal_idmap(const struct lxc_conf *conf, egid = getegid(); if (egid >= container_root_gid->hostid && egid < (container_root_gid->hostid + container_root_gid->range)) - host_gid_map = container_root_gid; + host_gid_map = move_ptr(container_root_gid); /* Check whether the {g,u}id of the user has a mapping. */ if (!host_uid_map) @@ -3988,7 +3988,7 @@ static struct lxc_list *get_minimal_idmap(const struct lxc_conf *conf, lxc_list_add_elem(tmplist, container_root_uid); lxc_list_add_tail(idmap, tmplist); - if (host_uid_map != container_root_uid) { + if (container_root_uid) { /* idmap will now keep track of that memory. */ move_ptr(container_root_uid); @@ -4010,7 +4010,7 @@ static struct lxc_list *get_minimal_idmap(const struct lxc_conf *conf, lxc_list_add_elem(tmplist, container_root_gid); lxc_list_add_tail(idmap, tmplist); - if (host_gid_map != container_root_gid) { + if (container_root_gid) { /* idmap will now keep track of that memory. */ move_ptr(container_root_gid);