apparmor: turn bytes into null-terminated strings before calling strcspn

```
==70349==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000009fb at pc 0x000000433b70 bp 0x7ffcde087810 sp 0x7ffcde086fd0
READ of size 12 at 0x6020000009fb thread T0
    #0 0x433b6f in strcspn (/usr/bin/lxc-execute+0x433b6f)
    #1 0x7f720413a5cb in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:449:8
    #2 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #3 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #4 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #5 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #6 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #7 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #8 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
    #9 0x7f72034ac0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #10 0x41d93d in _start (/usr/bin/lxc-execute+0x41d93d)
+ echo ---

0x6020000009fb is located 0 bytes to the right of 11-byte region [0x6020000009f0,0x6020000009fb)
allocated by thread T0 here:
    #0 0x496399 in realloc (/usr/bin/lxc-execute+0x496399)
    #1 0x7f7203fcf85c in fd_to_buf /home/runner/work/lxc/lxc/src/lxc/file_utils.c:463:10
    #2 0x7f720413a52b in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:442:8
    #3 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #4 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #5 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #6 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #7 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #8 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #9 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Merge pull request #3790 from brauner/2021-04-15.fixes

lxc_clone & configure fix

commands: don't needlessly allocate

Fixes: #3796
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3797 from evverx/pass-on-asan

tests: pass on ASAN/UBSAN options to several tests

process_utils: free stack after return

Fixes: #3789
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

configure: fix sanitizer compilation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

error_utils: add missing macro.h include

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3794 from evverx/gh3791

tests: stop cutting off right square brackets in share_ns

Merge pull request #3793 from evverx/busybox-test

tests: switch to the "busybox" template in lxc-test-checkpoint-restore

Merge pull request #3785 from brauner/2021-04-14.fixes

lxccontainer: fix container creation error paths

Merge pull request #3784 from evverx/attach-memleak

tests: fix a memory leak in attach

lxccontainer: fix container creation error paths

Fixes: #3782
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3783 from evverx/cgpath-memleak2

tests: fix a memory leak in cgpath

Merge pull request #3781 from evverx/lxcpath-memleak

tests: fix a memory leak in lxcpath

Merge pull request #3780 from evverx/cgpath-mem-leak

tests: fix a memory leak in cgpath

Merge pull request #3779 from brauner/2021-04-12/attach_fixes

attach: fixes

Revert "rexec: mark all fds as close-on-exec if possible"

This reverts commit 531d36ad009325b74a105d9d6956e320f37b2937.

Callers might want to explicilty inhert file descriptors so we can't
close them behind their back when we exec.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: don't return early when calculating namespaces via pidfd

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3778 from brauner/2021-04-12/fixes

conf: idmaptool fixes

conf: don't report success when idmaptools lack all privilege

Fixes: #3777
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: simplify idmaptool_on_path_and_privileged()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: pass on ASAN/UBSAN options to several tests

to make it easier to run them under ASan/UBSan.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: stop cutting off right square brackets in share_ns

Closes https://github.com/lxc/lxc/issues/3791

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: switch to the "busybox" template in lxc-test-checkpoint-restore

criu can't seem to dump systemd-logind used in Ubuntu due to what appears to be
https://github.com/checkpoint-restore/criu/issues/1430.
Let's switch to busybox where all the processes hopefully can be dumped.

Closes https://github.com/lxc/lxc/issues/3792

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in attach

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in cgpath

```
==131188==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 568 byte(s) in 1 object(s) allocated from:
    #0 0x7f8918943bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
    #1 0x7f89181ee5a3 in lxc_container_new /home/vagrant/lxc/src/lxc/lxccontainer.c:5264
    #2 0x55ffc5022869 in test_container /home/vagrant/lxc/src/tests/cgpath.c:176
    #3 0x55ffc5023023 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #4 0x7f891709e0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in lxcpath

```
$ sudo ./src/tests/lxc-test-lxcpath

=================================================================
==95911==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 39 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680c30 in main /home/vagrant/lxc/src/tests/lxcpath.c:49
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x56296168115e in main /home/vagrant/lxc/src/tests/lxcpath.c:77
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680f0a in main /home/vagrant/lxc/src/tests/lxcpath.c:63
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

SUMMARY: AddressSanitizer: 81 byte(s) leaked in 3 allocation(s).
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in cgpath

```
$ sudo ./src/tests/lxc-test-cgpath
Container creation tests...Passed
Container creation with LXCPATH tests...Passed

=================================================================
==57206==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e37 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e61 in main /home/vagrant/lxc/src/tests/cgpath.c:237
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Merge pull request #3775 from brauner/2021-04-07/fixes

confile: make lxc_get_config() and lxc_get_config_net() always return…

confile: make lxc_get_config() and lxc_get_config_net() always return non-NULL

Introduce the concept of an unsupported config item.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3774 from stgraber/master

github: Try to fix action naming

github: Try to fix action naming

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Merge pull request #3773 from brauner/2021-04-06/fixes_2

confile & log: fixes

confile: enforce maximum subkey length

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: add error_ret()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: ensure ret_errno() always returns negative

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3763 from evverx/fuzz-lxc-define-load

oss-fuzz: fuzz lxc_config_define_add and lxc_config_define_load

Merge pull request #3772 from merlin1991/master

templates/*.in: fixed PATH handling with spaces

templates/*.in: fixed PATH handling with spaces

if $PATH already contains a path with a space the append of the
default directories in all template scripts fails with an error
like the following:

/usr/share/lxc/templates/lxc-download: 69: export: (x86)/NVIDIA: bad
variable name

Signed-off-by: Christian Ratzenhofer <christian.ratzenhofer@cdnm.at>

Merge pull request #3771 from brauner/2021-04-06/fixes

conf: fix setups where /dev is outside of LXC's control

log: ensure we always return negative errno

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix setups where /dev is outside of LXC's control

Fixes: #3770
Suggested-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3766 from brauner/2021-04-02/fixes_2

lsm: fixes

confile: complain when LXC is built without AppArmor support

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: complain when LXC is built without selinux support

Link: https://github.com/lxc/lxc/issues/3765
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3764 from brauner/2021-04-02/fixes

confile: fix lxc.namespace.share.[identifier]

confile: fix lxc.namespace.share.[identifier]

Link: https://github.com/lxc/lxc/pull/3763/files#r606089660
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3762 from brauner/2021-03-31/fixes

fixes: Makefile, lxc-user-nic, simplify get_network_config_ops()

confile: simplify get_network_config_ops()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: use restrict for lxc_safe_int64_residual()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: ensure that errno is set on return

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: move to lxc-copy() sources

It's the only place where it is still used.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup get_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup append_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3760 from evverx/reject-giant-configs

oss-fuzz: reject giant configs early

cifuzz: fuzz longer

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: fix a memory leak lxc_config_define_add

```
2021-04-02T05:45:54.9410345Z ==13==ERROR: LeakSanitizer: detected memory leaks
2021-04-02T05:45:54.9410737Z
2021-04-02T05:45:54.9411488Z Direct leak of 16 byte(s) in 1 object(s) allocated from:
2021-04-02T05:45:54.9412556Z     #0 0x54d752 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
2021-04-02T05:45:54.9413360Z     #1 0x583795 in parse_new_conf_line /src/lxc/src/lxc/confile.c:3048:8
2021-04-02T05:45:54.9414057Z     #2 0x582f1a in lxc_config_define_add /src/lxc/src/lxc/confile.c:3090:15
2021-04-02T05:45:54.9415352Z     #3 0x5810fa in LLVMFuzzerTestOneInput /src/lxc/src/tests/fuzz-lxc-define-load.c:30:6
2021-04-02T05:45:54.9419212Z     #4 0x483b93 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
2021-04-02T05:45:54.9421819Z     #5 0x48309a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:505:3
2021-04-02T05:45:54.9424205Z     #6 0x485474 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:814:7
2021-04-02T05:45:54.9426658Z     #7 0x485689 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:845:3
2021-04-02T05:45:54.9428616Z     #8 0x473717 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:906:6
2021-04-02T05:45:54.9429989Z     #9 0x49f572 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
2021-04-02T05:45:54.9433312Z     #10 0x7fa96041b83f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
2021-04-02T05:45:54.9433795Z
2021-04-02T05:45:54.9434661Z DEDUP_TOKEN: calloc--parse_new_conf_line--lxc_config_define_add
2021-04-02T05:45:54.9435483Z SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
2021-04-02T05:45:54.9435958Z
2021-04-02T05:45:54.9436404Z INFO: a leak has been found in the initial corpus.
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz: fuzz lxc_config_define_add and lxc_config_define_load

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Merge pull request #3759 from evverx/san-compatible

build-system: make it compatible with ASan/UBsan/Msan

Merge pull request #3758 from brauner/2021-03-31/fixes

confile: cap to last bit in set_config_net_ipv4_address()

confile: cap to last bit in set_config_net_ipv4_address()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32708
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3755 from evverx/lxc-net

oss-fuzz.sh: put the "lxc.net" keys to the seed corpus as well

Merge pull request #3756 from brauner/2021-03-30/fixes_3

string_utils: switch to path_simplify()

string_utils: switch to path_simplify()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32689
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3754 from brauner/2021-03-30/fixes_2

confile: don't jump into the global table twice

confile: don't jump into the global table twice

instead move networking keys into a subtable. This avoids even just the
remote danger of recursion and also speeds up config parsing.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

oss-fuzz: reject giant configs early

It should help the fuzzer to avoid running into timeouts
like https://oss-fuzz.com/testcase-detail/5132999948632064.
Hopefully, once this is merged OSS-Fuzz will report only
infinite loops as timeouts.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

build-system: make it compatible with ASan/UBsan/MSan

Closes: https://github.com/lxc/lxc/issues/3727
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: enable PAM

to make sure pam_cgfs is buildable with ASan/UBsan too

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: also build with ASan/UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz.sh: get rid of the sed "no-undefined" kludge

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: stop passing --enable-ubsan

It's just a follow-up to 5f404236273bb211 (where --enable-ubsan
was removed).

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Merge pull request #3750 from brauner/2021-03-29/fixes_2

autotools: remove --enable-{asan,ubsan} in favor of --enable-sanitizers

Merge pull request #3751 from tomponline/tp-nic-ordering

doc: Documented that net type field must come before other options on the net device

doc: Documented that net type field must come before other options on the net device

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>

README: remove Travis and add Github actions badge

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: remove --enable-{asan,ubsan} in favor of --enable-sanitizers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3749 from brauner/2021-03-29/fixes

compiler: fix thread_local detection

Merge pull request #3746 from evverx/CIFuzz-unblock-msan

CIFuzz: turn on MSan

compiler: fix thread_local detection

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3748 from brauner/2021-03-29/fixes

fixes & config key validation

oss-fuzz.sh: put the "lxc.net" keys in the seed corpus as well

It's just a follow-up to 0abcc213e2291d71 (where the "lxc.net" keys
were moved from config_jump_table to config_jump_table_net)

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

lxccontainer: ensure second parameter to bsearch is never NULL

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix thread_local support detection

Our detection for TLS wasn't working. Fix it.

Fixes: https://github.com/lxc/lxd/issues/8327
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: add another test for garbage config key

where a valid key has trailing garbage at the end before the "=".

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: fix two false negatives in parse_config_file()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_down()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_up()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_mtu()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_hwaddr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: clear netdev on network type change

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32584
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: vet keys more aggressively

Enforce an exact match for all keys where we now the subkeys must match
exactly.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv4_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32586
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv6_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32610
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3745 from evverx/ubsan-msan-support

oss-fuzz/cifuzz: a couple of follow-up commits

Merge pull request #3744 from evverx/oss-fuzz-32596

confile_utils: fix a signed integer overflow

Merge pull request #3743 from brauner/2021-03-27/fixes_3

oss-fuzz: fixes

string_utils: work around an MSan false positive

MSan doesn't instrument stpncpy (https://github.com/google/sanitizers/issues/926),
which causes the fuzzer to fail with:
```
$ cat ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
lxc.console.size=123

$ ./out/fuzz-lxc-config-read ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
INFO: Seed: 3561494591
INFO: Loaded 1 modules   (18795 inline 8-bit counters): 18795 [0x866b98, 0x86b503),
INFO: Loaded 1 PC tables (18795 PCs): 18795 [0x86b508,0x8b4bb8),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
==850885==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x6b3e7f in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:912:6
    #1 0x550991 in set_config_console_size /home/vagrant/lxc/src/lxc/confile.c:2483:8
    #2 0x5346e2 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
    #3 0x64b3cd in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #4 0x53340c in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3039:9
    #5 0x4e7ec2 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #6 0x44ad2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x44ad2c)
    #7 0x42ca4d in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42ca4d)
    #8 0x433af0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x433af0)
    #9 0x423ff6 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423ff6)
    #10 0x7f79bdc89081 in __libc_start_main (/lib64/libc.so.6+0x27081)
    #11 0x42402d in _start (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42402d)

  Uninitialized value was created by an allocation of 'dup' in the stack frame of function 'parse_byte_size_string'
    #0 0x6b3330 in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:901

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/vagrant/lxc/src/lxc/string_utils.c:912:6 in parse_byte_size_string
Exiting
```

Closes https://oss-fuzz.com/testcase-detail/5829890470445056

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

cifuzz: turn on MSan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

string_utils: handle overflow correct in parse_byte_size_string()

This takes the overflow handling code from the kernel.

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32549
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>