From: Felix Abecassis Date: Wed, 29 Nov 2017 04:27:53 +0000 (-0800) Subject: confile_utils: simplify lxc_config_net_hwaddr X-Git-Tag: lxc-3.0.0.beta1~146^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44047b2b200297c72187886b5f40d47dccc0b1b0;p=thirdparty%2Flxc.git confile_utils: simplify lxc_config_net_hwaddr In addition to the memory corruption fixed in ee3e84df78424d26fc6c90862fbe0fa92a686b0d, this function was also performing invalid memory accesses for the following inputs: - `lxc.net` - `lxc.net.` - `lxc.net.0.` - `lxc.network` - `lxc.network.0.` Signed-off-by: Felix Abecassis --- diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c index 50f42ef8c..c2901116c 100644 --- a/src/lxc/confile_utils.c +++ b/src/lxc/confile_utils.c @@ -545,63 +545,18 @@ int rand_complete_hwaddr(char *hwaddr) bool lxc_config_net_hwaddr(const char *line) { - char *copy, *p; + unsigned index; + char tmp[7]; if (strncmp(line, "lxc.net", 7) != 0) return false; - if (strncmp(line, "lxc.network.hwaddr", 18) == 0) - return true; - - /* We have to dup the line, if line is something like - * "lxc.net.[i].xxx = xxxxx ", we need to remove - * '[i]' and compare its key with 'lxc.net.hwaddr'*/ - copy = strdup(line); - if (!copy) { - SYSERROR("failed to allocate memory"); - return false; - } - if (*(copy + 8) >= '0' && *(copy + 8) <= '9') { - p = strchr(copy + 8, '.'); - if (!p) { - free(copy); - return false; - } - /* strlen("hwaddr") = 6 */ - if (strlen(p + 1) >= 6) - memmove(copy + 8, p + 1, 6); - copy[8 + 6] = '\0'; - } - if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) { - free(copy); + if (strncmp(line, "lxc.net.hwaddr", 14) == 0) return true; - } - free(copy); - - /* We have to dup the line second time, if line is something like - * "lxc.network.[i].xxx = xxxxx ", we need to remove - * '[i]' and compare its key with 'lxc.network.hwaddr'*/ - copy = strdup(line); - if (!copy) { - SYSERROR("failed to allocate memory"); - return false; - } - if (*(copy + 12) >= '0' && *(copy + 12) <= '9') { - p = strchr(copy + 12, '.'); - if (!p) { - free(copy); - return false; - } - /* strlen("hwaddr") = 6 */ - if (strlen(p + 1) >= 6) - memmove(copy + 12, p + 1, 6); - copy[12 + 6] = '\0'; - } - if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) { - free(copy); + if (strncmp(line, "lxc.network.hwaddr", 18) == 0) return true; - } + if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 || sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2) + return strncmp(tmp, "hwaddr", 6) == 0; - free(copy); return false; } diff --git a/src/tests/lxc-test-utils.c b/src/tests/lxc-test-utils.c index 4c3c17a78..ddc3dffbe 100644 --- a/src/tests/lxc-test-utils.c +++ b/src/tests/lxc-test-utils.c @@ -462,6 +462,29 @@ void test_parse_byte_size_string(void) exit(EXIT_FAILURE); } +void test_lxc_config_net_hwaddr(void) +{ + bool lxc_config_net_hwaddr(const char *line); + + if (!lxc_config_net_hwaddr("lxc.net.0.hwaddr = 00:16:3e:04:65:b8\n")) + exit(EXIT_FAILURE); + if (!lxc_config_net_hwaddr("lxc.network.hwaddr = 00:16:3e:04:65:b8\n")) + exit(EXIT_FAILURE); + if (!lxc_config_net_hwaddr("lxc.net.hwaddr = 00:16:3e:04:65:b8\n")) + exit(EXIT_FAILURE); + + if (lxc_config_net_hwaddr("lxc.net")) + exit(EXIT_FAILURE); + if (lxc_config_net_hwaddr("lxc.net.")) + exit(EXIT_FAILURE); + if (lxc_config_net_hwaddr("lxc.net.0.")) + exit(EXIT_FAILURE); + if (lxc_config_net_hwaddr("lxc.network")) + exit(EXIT_FAILURE); + if (lxc_config_net_hwaddr("lxc.network.0.")) + exit(EXIT_FAILURE); +} + int main(int argc, char *argv[]) { test_lxc_string_replace(); @@ -472,6 +495,7 @@ int main(int argc, char *argv[]) test_lxc_safe_int(); test_lxc_safe_long(); test_parse_byte_size_string(); + test_lxc_config_net_hwaddr(); exit(EXIT_SUCCESS); }