Merge pull request #1605 from giuseppe/fix-static-analysis-reports

Fix static analysis reports
containers · Nov 15, 2024 · 8399801 · 8399801
2 parents 01830cb + 85d4db3
commit 8399801
Show file tree

Hide file tree

Showing 11 changed files with 53 additions and 24 deletions.
diff --git a/src/create.c b/src/create.c
@@ -80,7 +80,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
       break;
 
     case OPTION_PRESERVE_FDS:
-      crun_context.preserve_fds = strtoul (argp_mandatory_argument (arg, state), NULL, 10);
+      crun_context.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds");
       break;
 
     case OPTION_NO_SUBREAPER:
@@ -166,7 +166,7 @@ crun_command_create (struct crun_global_arguments *global_args, int argc, char *
   crun_context.bundle = bundle;
   if (getenv ("LISTEN_FDS"))
     {
-      crun_context.listen_fds = strtoll (getenv ("LISTEN_FDS"), NULL, 10);
+      crun_context.listen_fds = parse_int_or_fail (getenv ("LISTEN_FDS"), "LISTEN_FDS");
       crun_context.preserve_fds += crun_context.listen_fds;
     }
 

diff --git a/src/crun.c b/src/crun.c
@@ -22,6 +22,8 @@
 #include <argp.h>
 #include <string.h>
 #include <libgen.h>
+#include <errno.h>
+#include <limits.h>
 
 #ifdef HAVE_DLOPEN
 #  include <dlfcn.h>
@@ -373,6 +375,24 @@ argp_mandatory_argument (char *arg, struct argp_state *state)
   return state->argv[state->next++];
 }
 
+int
+parse_int_or_fail (const char *str, const char *kind)
+{
+  char *endptr = NULL;
+  long long l;
+
+  errno = 0;
+  l = strtoll (str, &endptr, 10);
+  if (errno != 0)
+    libcrun_fail_with_error (errno, "invalid value for `%s`", kind);
+  if (endptr != NULL && *endptr != '\0')
+    libcrun_fail_with_error (EINVAL, "invalid value for `%s`", kind);
+  if (l < INT_MIN || l > INT_MAX)
+    libcrun_fail_with_error (ERANGE, "invalid value for `%s`", kind);
+
+  return (int) l;
+}
+
 static struct argp argp = { options, parse_opt, args_doc, doc, NULL, NULL, NULL };
 
 int ensure_cloned_binary (void);

diff --git a/src/crun.h b/src/crun.h
@@ -37,6 +37,7 @@ struct crun_global_arguments
 };
 
 char *argp_mandatory_argument (char *arg, struct argp_state *state);
+int parse_int_or_fail (const char *str, const char *kind);
 int init_libcrun_context (libcrun_context_t *con, const char *id, struct crun_global_arguments *glob,
                           libcrun_error_t *err);
 void crun_assert_n_args (int n, int min, int max);

diff --git a/src/exec.c b/src/exec.c
@@ -23,6 +23,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
+#include <limits.h>
 
 #include "crun.h"
 #include "libcrun/container.h"
@@ -151,7 +152,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
       break;
 
     case OPTION_PRESERVE_FDS:
-      exec_options.preserve_fds = strtoul (argp_mandatory_argument (arg, state), NULL, 10);
+      exec_options.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds");
       break;
 
     case OPTION_CGROUP:
@@ -203,27 +204,34 @@ make_oci_process_user (const char *userspec)
 {
   runtime_spec_schema_config_schema_process_user *u;
   char *endptr = NULL;
+  long long l;
 
   if (userspec == NULL)
     return NULL;
 
   u = xmalloc0 (sizeof (runtime_spec_schema_config_schema_process_user));
   errno = 0;
-  u->uid = strtol (userspec, &endptr, 10);
+  l = strtoll (userspec, &endptr, 10);
   if (errno == ERANGE)
     libcrun_fail_with_error (0, "invalid UID specified");
   if (*endptr == '\0')
     return u;
   if (*endptr != ':')
     libcrun_fail_with_error (0, "invalid USERSPEC specified");
+  if (l < INT_MIN || l > INT_MAX)
+    libcrun_fail_with_error (0, "invalid UID specified");
+
+  u->uid = (int) l;
 
   errno = 0;
-  u->gid = strtol (endptr + 1, &endptr, 10);
+  l = strtoll (endptr + 1, &endptr, 10);
   if (errno == ERANGE)
     libcrun_fail_with_error (0, "invalid GID specified");
+  if (l < INT_MIN || l > INT_MAX)
+    libcrun_fail_with_error (0, "invalid GID specified");
   if (*endptr != '\0')
     libcrun_fail_with_error (0, "invalid USERSPEC specified");
-
+  u->gid = (int) l;
   return u;
 }
 

diff --git a/src/libcrun/cgroup-setup.c b/src/libcrun/cgroup-setup.c
@@ -200,7 +200,7 @@ enter_cgroup_subsystem (pid_t pid, const char *subsystem, const char *path, bool
   cleanup_free char *cgroup_path = NULL;
   int ret;
 
-  ret = append_paths (&cgroup_path, err, CGROUP_ROOT, subsystem ? subsystem : "", path ? path : "", NULL);
+  ret = append_paths (&cgroup_path, err, CGROUP_ROOT, subsystem, path ? path : "", NULL);
   if (UNLIKELY (ret < 0))
     return ret;
 

diff --git a/src/libcrun/ebpf.c b/src/libcrun/ebpf.c
@@ -61,32 +61,32 @@ struct bpf_program
 #ifdef HAVE_EBPF
 
 #  define BPF_ALU32_IMM(OP, DST, IMM) \
-    ((struct bpf_insn){ .code = BPF_ALU | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM })
+    ((struct bpf_insn) { .code = BPF_ALU | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM })
 
 #  define BPF_LDX_MEM(SIZE, DST, SRC, OFF) \
-    ((struct bpf_insn){                    \
+    ((struct bpf_insn) {                   \
         .code = BPF_LDX | BPF_SIZE (SIZE) | BPF_MEM, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 })
 
 #  define BPF_MOV64_REG(DST, SRC) \
-    ((struct bpf_insn){ .code = BPF_ALU64 | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 })
+    ((struct bpf_insn) { .code = BPF_ALU64 | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 })
 
 #  define BPF_JMP_A(OFF) \
-    ((struct bpf_insn){ .code = BPF_JMP | BPF_JA, .dst_reg = 0, .src_reg = 0, .off = OFF, .imm = 0 })
+    ((struct bpf_insn) { .code = BPF_JMP | BPF_JA, .dst_reg = 0, .src_reg = 0, .off = OFF, .imm = 0 })
 
 #  define BPF_JMP_IMM(OP, DST, IMM, OFF) \
-    ((struct bpf_insn){ .code = BPF_JMP | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = OFF, .imm = IMM })
+    ((struct bpf_insn) { .code = BPF_JMP | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = OFF, .imm = IMM })
 
 #  define BPF_JMP_REG(OP, DST, SRC, OFF) \
-    ((struct bpf_insn){ .code = BPF_JMP | BPF_OP (OP) | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 })
+    ((struct bpf_insn) { .code = BPF_JMP | BPF_OP (OP) | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 })
 
 #  define BPF_MOV64_IMM(DST, IMM) \
-    ((struct bpf_insn){ .code = BPF_ALU64 | BPF_MOV | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM })
+    ((struct bpf_insn) { .code = BPF_ALU64 | BPF_MOV | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM })
 
 #  define BPF_MOV32_REG(DST, SRC) \
-    ((struct bpf_insn){ .code = BPF_ALU | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 })
+    ((struct bpf_insn) { .code = BPF_ALU | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 })
 
 #  define BPF_EXIT_INSN() \
-    ((struct bpf_insn){ .code = BPF_JMP | BPF_EXIT, .dst_reg = 0, .src_reg = 0, .off = 0, .imm = 0 })
+    ((struct bpf_insn) { .code = BPF_JMP | BPF_EXIT, .dst_reg = 0, .src_reg = 0, .off = 0, .imm = 0 })
 #endif
 
 #ifdef HAVE_EBPF

diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c
@@ -2131,7 +2131,7 @@ do_mounts (libcrun_container_t *container, int rootfsfd, const char *rootfs, con
           const char *path = def->mounts[i]->source;
 
           /* If copy-symlink is provided, ignore the pre-opened file descriptor since its source was resolved.  */
-          if (mount_fds->fds[i] >= 0 && ! (extra_flags & OPTION_COPY_SYMLINK))
+          if (mount_fds && mount_fds->fds[i] >= 0 && ! (extra_flags & OPTION_COPY_SYMLINK))
             {
               get_proc_self_fd_path (proc_buf, mount_fds->fds[i]);
               path = proc_buf;

diff --git a/src/libcrun/utils.c b/src/libcrun/utils.c
@@ -2182,9 +2182,9 @@ copy_recursive_fd_to_fd (int srcdirfd, int dfd, const char *srcname, const char
       if (UNLIKELY (ret < 0))
         return crun_make_error (err, errno, "chown `%s/%s`", destname, de->d_name);
 
-        /*
-         * ALLPERMS is not defined by POSIX
-         */
+      /*
+       * ALLPERMS is not defined by POSIX
+       */
 #ifndef ALLPERMS
 #  define ALLPERMS (S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO)
 #endif

diff --git a/src/run.c b/src/run.c
@@ -93,7 +93,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
       break;
 
     case OPTION_PRESERVE_FDS:
-      crun_context.preserve_fds = strtoll (argp_mandatory_argument (arg, state), NULL, 10);
+      crun_context.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds");
       break;
 
     case OPTION_NO_SUBREAPER:
@@ -177,7 +177,7 @@ crun_command_run (struct crun_global_arguments *global_args, int argc, char **ar
   crun_context.bundle = bundle;
   if (getenv ("LISTEN_FDS"))
     {
-      crun_context.listen_fds = strtoll (getenv ("LISTEN_FDS"), NULL, 10);
+      crun_context.listen_fds = parse_int_or_fail (getenv ("LISTEN_FDS"), "LISTEN_FDS");
       crun_context.preserve_fds += crun_context.listen_fds;
     }
 

diff --git a/tests/init.c b/tests/init.c
@@ -364,7 +364,7 @@ memhog (int megabytes)
   while (1)
     {
       /* change one page each 0.1 seconds */
-      nanosleep ((const struct timespec[]){ { 0, 100000000L } }, NULL);
+      nanosleep ((const struct timespec[]) { { 0, 100000000L } }, NULL);
       buf[pos] = 'c';
       pos += sysconf (_SC_PAGESIZE);
       if (pos > megabytes * 1024 * 1024)

diff --git a/tests/tests_libcrun_fuzzer.c b/tests/tests_libcrun_fuzzer.c
@@ -497,7 +497,7 @@ main (int argc, char **argv)
       return LLVMFuzzerTestOneInput (content, len);
     }
 #ifdef FUZZER
-  extern void HF_ITER (uint8_t * *buf, size_t * len);
+  extern void HF_ITER (uint8_t **buf, size_t *len);
   for (;;)
     {
       size_t len;