From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 26 Mar 2021 11:10:02 +0000 (+0100)
Subject: log: handle empty log name
X-Git-Tag: lxc-5.0.0~245^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2f6d309983feeb6942ca170961cf0663cbacbbd2;p=thirdparty%2Flxc.git

log: handle empty log name

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32491
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index c4d3e2c63..576e6f2d8 100644
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -1600,6 +1600,9 @@ static int set_config_log_file(const char *key, const char *value,
 		return 0;
 	}
 
+	if (!abspath(value))
+		return ret_errno(EINVAL);
+
 	/*
 	 * Store these values in the lxc_conf, and then try to set for actual
 	 * current logging.
diff --git a/src/lxc/log.c b/src/lxc/log.c
index 90a56e26a..4733fcdeb 100644
--- a/src/lxc/log.c
+++ b/src/lxc/log.c
@@ -489,6 +489,12 @@ static int build_dir(const char *name)
 	__do_free char *n = NULL;
 	char *e, *p;
 
+	if (is_empty_string(name))
+		return ret_errno(EINVAL);
+
+	if (!abspath(name))
+		return ret_errno(EINVAL);
+
 	/* Make copy of the string since we'll be modifying it. */
 	n = strdup(name);
 	if (!n)
@@ -604,7 +610,7 @@ static int __lxc_log_set_file(const char *fname, int create_dirs)
 	if (lxc_log_fd >= 0)
 		lxc_log_close();
 
-	if (!fname)
+	if (is_empty_string(fname))
 		return ret_errno(EINVAL);
 
 	if (strlen(fname) == 0) {
@@ -820,6 +826,9 @@ int lxc_log_set_file(int *fd, const char *fname)
 	if (*fd >= 0)
 		close_prot_errno_disarm(*fd);
 
+	if (is_empty_string(fname))
+		return ret_errno(EINVAL);
+
 	if (build_dir(fname))
 		return -errno;
 
diff --git a/src/tests/parse_config_file.c b/src/tests/parse_config_file.c
index 6d0e88805..0fa129500 100644
--- a/src/tests/parse_config_file.c
+++ b/src/tests/parse_config_file.c
@@ -899,6 +899,11 @@ int main(int argc, char *argv[])
 		return -1;
 	}
 
+	if (c->set_config_item(c, "lxc.log.file=", "./")) {
+		lxc_error("%s\n", "Managed to set to set invalid config item \"lxc.log.file\" to \"./\"");
+		return -1;
+	}
+
 	fret = EXIT_SUCCESS;
 
 non_test_error: