From ab1a6cacaf10ef0e6a892cf64ad813bd1fd75de5 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Sat, 10 Feb 2018 12:16:41 +0100
Subject: [PATCH] conf: fix clearing cgroup settings

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/cgroups/cgfsng.c | 10 ++++++----
 src/lxc/conf.c           | 11 +++++++----
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index de98080c6..4c4dda61c 100644
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -2537,15 +2537,18 @@ static int cg_legacy_set_data(const char *filename, const char *value,
 			      struct cgfsng_handler_data *d)
 {
 	char *fullpath, *p;
+	size_t len;
 	/* "b|c <2^64-1>:<2^64-1> r|w|m" = 47 chars max */
 	char converted_value[50];
 	struct hierarchy *h;
 	int ret = 0;
 	char *controller = NULL;
 
-	controller = alloca(strlen(filename) + 1);
+	len = strlen(filename);
+	controller = alloca(len + 1);
 	strcpy(controller, filename);
-	if ((p = strchr(controller, '.')) != NULL)
+	p = strchr(controller, '.');
+	if (p)
 		*p = '\0';
 
 	if (strcmp("devices.allow", filename) == 0 && value[0] == '/') {
@@ -2553,7 +2556,6 @@ static int cg_legacy_set_data(const char *filename, const char *value,
 		if (ret < 0)
 			return ret;
 		value = converted_value;
-
 	}
 
 	h = get_hierarchy(controller);
@@ -2563,7 +2565,7 @@ static int cg_legacy_set_data(const char *filename, const char *value,
 		      "driver or not enabled on the cgroup hierarchy",
 		      controller);
 		errno = ENOENT;
-		return -1;
+		return -ENOENT;
 	}
 
 	fullpath = must_make_path(h->fullcgpath, filename, NULL);
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 7d2efa209..05b17a499 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3450,28 +3450,31 @@ int lxc_clear_config_keepcaps(struct lxc_conf *c)
 int lxc_clear_cgroups(struct lxc_conf *c, const char *key, int version)
 {
 	char *global_token, *namespaced_token;
+	size_t namespaced_token_len;
 	struct lxc_list *it, *next, *list;
-	const char *k = NULL;
+	const char *k = key;
 	bool all = false;
 
 	if (version == CGROUP2_SUPER_MAGIC) {
 		global_token = "lxc.cgroup2";
 		namespaced_token = "lxc.cgroup2.";
+		namespaced_token_len = sizeof("lxc.cgroup2.") - 1;;
 		list = &c->cgroup2;
 	} else if (version == CGROUP_SUPER_MAGIC) {
 		global_token = "lxc.cgroup";
 		namespaced_token = "lxc.cgroup.";
+		namespaced_token_len = sizeof("lxc.cgroup.") - 1;;
 		list = &c->cgroup;
 	} else {
-		return -1;
+		return -EINVAL;
 	}
 
 	if (strcmp(key, global_token) == 0)
 		all = true;
 	else if (strncmp(key, namespaced_token, sizeof(namespaced_token) - 1) == 0)
-		k = key + sizeof(namespaced_token) - 1;
+		k += namespaced_token_len;
 	else
-		return -1;
+		return -EINVAL;
 
 	lxc_list_for_each_safe(it, list, next) {
 		struct lxc_cgroup *cg = it->elem;
-- 
2.47.2