From: Stéphane Graber Date: Thu, 13 Feb 2014 16:17:48 +0000 (-0500) Subject: coverity: Do chdir following chroot X-Git-Tag: lxc-1.0.0.rc1~12 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6b9324bd45374e32465f9fff6e24b1af837c445b;p=thirdparty%2Flxc.git coverity: Do chdir following chroot We used to do chdir(path), chroot(path). That's correct but not properly handled coverity, so do chroot(path), chdir("/") instead as that's the recommended way. Signed-off-by: Stéphane Graber Acked-by: Serge E. Hallyn --- diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 8eccd367d..6fa3db9f0 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -1516,14 +1516,14 @@ static int chroot_into_slave(struct lxc_conf *conf) SYSERROR("Failed to make tmp-/ at %s rslave", path); return -1; } - if (chdir(path)) { - SYSERROR("Failed to chdir into tmp-/"); - return -1; - } if (chroot(path)) { SYSERROR("Failed to chroot into tmp-/"); return -1; } + if (chdir("/")) { + SYSERROR("Failed to chdir into tmp-/"); + return -1; + } INFO("Chrooted into tmp-/ at %s", path); return 0; } diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c index a25c1961d..44e796c29 100644 --- a/src/lxc/lxccontainer.c +++ b/src/lxc/lxccontainer.c @@ -3142,9 +3142,9 @@ static bool do_add_remove_node(pid_t init_pid, const char *path, bool add, if (ret < 0 || ret >= MAXPATHLEN) return false; - if (chdir(chrootpath) < 0) + if (chroot(chrootpath) < 0) exit(1); - if (chroot(".") < 0) + if (chdir("/") < 0) exit(1); /* remove path if it exists */ if(faccessat(AT_FDCWD, path, F_OK, AT_SYMLINK_NOFOLLOW) == 0) {