diff --git a/src/create.c b/src/create.c index a5699894df..28eaf9dae7 100644 --- a/src/create.c +++ b/src/create.c @@ -80,7 +80,7 @@ parse_opt (int key, char *arg, struct argp_state *state) break; case OPTION_PRESERVE_FDS: - crun_context.preserve_fds = strtoul (argp_mandatory_argument (arg, state), NULL, 10); + crun_context.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds"); break; case OPTION_NO_SUBREAPER: @@ -166,7 +166,7 @@ crun_command_create (struct crun_global_arguments *global_args, int argc, char * crun_context.bundle = bundle; if (getenv ("LISTEN_FDS")) { - crun_context.listen_fds = strtoll (getenv ("LISTEN_FDS"), NULL, 10); + crun_context.listen_fds = parse_int_or_fail (getenv ("LISTEN_FDS"), "LISTEN_FDS"); crun_context.preserve_fds += crun_context.listen_fds; } diff --git a/src/crun.c b/src/crun.c index e1388ce319..f356a95c44 100644 --- a/src/crun.c +++ b/src/crun.c @@ -22,6 +22,8 @@ #include #include #include +#include +#include #ifdef HAVE_DLOPEN # include @@ -373,6 +375,24 @@ argp_mandatory_argument (char *arg, struct argp_state *state) return state->argv[state->next++]; } +int +parse_int_or_fail (const char *str, const char *kind) +{ + char *endptr = NULL; + long long l; + + errno = 0; + l = strtoll (str, &endptr, 10); + if (errno != 0) + libcrun_fail_with_error (errno, "invalid value for `%s`", kind); + if (endptr != NULL && *endptr != '\0') + libcrun_fail_with_error (EINVAL, "invalid value for `%s`", kind); + if (l < INT_MIN || l > INT_MAX) + libcrun_fail_with_error (ERANGE, "invalid value for `%s`", kind); + + return (int) l; +} + static struct argp argp = { options, parse_opt, args_doc, doc, NULL, NULL, NULL }; int ensure_cloned_binary (void); diff --git a/src/crun.h b/src/crun.h index 9cbc708093..7efead21c4 100644 --- a/src/crun.h +++ b/src/crun.h @@ -37,6 +37,7 @@ struct crun_global_arguments }; char *argp_mandatory_argument (char *arg, struct argp_state *state); +int parse_int_or_fail (const char *str, const char *kind); int init_libcrun_context (libcrun_context_t *con, const char *id, struct crun_global_arguments *glob, libcrun_error_t *err); void crun_assert_n_args (int n, int min, int max); diff --git a/src/exec.c b/src/exec.c index 24da408d7a..36c6084cae 100644 --- a/src/exec.c +++ b/src/exec.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "crun.h" #include "libcrun/container.h" @@ -151,7 +152,7 @@ parse_opt (int key, char *arg, struct argp_state *state) break; case OPTION_PRESERVE_FDS: - exec_options.preserve_fds = strtoul (argp_mandatory_argument (arg, state), NULL, 10); + exec_options.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds"); break; case OPTION_CGROUP: @@ -203,27 +204,34 @@ make_oci_process_user (const char *userspec) { runtime_spec_schema_config_schema_process_user *u; char *endptr = NULL; + long long l; if (userspec == NULL) return NULL; u = xmalloc0 (sizeof (runtime_spec_schema_config_schema_process_user)); errno = 0; - u->uid = strtol (userspec, &endptr, 10); + l = strtoll (userspec, &endptr, 10); if (errno == ERANGE) libcrun_fail_with_error (0, "invalid UID specified"); if (*endptr == '\0') return u; if (*endptr != ':') libcrun_fail_with_error (0, "invalid USERSPEC specified"); + if (l < INT_MIN || l > INT_MAX) + libcrun_fail_with_error (0, "invalid UID specified"); + + u->uid = (int) l; errno = 0; - u->gid = strtol (endptr + 1, &endptr, 10); + l = strtoll (endptr + 1, &endptr, 10); if (errno == ERANGE) libcrun_fail_with_error (0, "invalid GID specified"); + if (l < INT_MIN || l > INT_MAX) + libcrun_fail_with_error (0, "invalid GID specified"); if (*endptr != '\0') libcrun_fail_with_error (0, "invalid USERSPEC specified"); - + u->gid = (int) l; return u; } diff --git a/src/libcrun/cgroup-setup.c b/src/libcrun/cgroup-setup.c index 913b421225..c84529558f 100644 --- a/src/libcrun/cgroup-setup.c +++ b/src/libcrun/cgroup-setup.c @@ -200,7 +200,7 @@ enter_cgroup_subsystem (pid_t pid, const char *subsystem, const char *path, bool cleanup_free char *cgroup_path = NULL; int ret; - ret = append_paths (&cgroup_path, err, CGROUP_ROOT, subsystem ? subsystem : "", path ? path : "", NULL); + ret = append_paths (&cgroup_path, err, CGROUP_ROOT, subsystem, path ? path : "", NULL); if (UNLIKELY (ret < 0)) return ret; diff --git a/src/libcrun/ebpf.c b/src/libcrun/ebpf.c index 7067c41d37..a39103201e 100644 --- a/src/libcrun/ebpf.c +++ b/src/libcrun/ebpf.c @@ -61,32 +61,32 @@ struct bpf_program #ifdef HAVE_EBPF # define BPF_ALU32_IMM(OP, DST, IMM) \ - ((struct bpf_insn){ .code = BPF_ALU | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM }) + ((struct bpf_insn) { .code = BPF_ALU | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM }) # define BPF_LDX_MEM(SIZE, DST, SRC, OFF) \ - ((struct bpf_insn){ \ + ((struct bpf_insn) { \ .code = BPF_LDX | BPF_SIZE (SIZE) | BPF_MEM, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 }) # define BPF_MOV64_REG(DST, SRC) \ - ((struct bpf_insn){ .code = BPF_ALU64 | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 }) + ((struct bpf_insn) { .code = BPF_ALU64 | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 }) # define BPF_JMP_A(OFF) \ - ((struct bpf_insn){ .code = BPF_JMP | BPF_JA, .dst_reg = 0, .src_reg = 0, .off = OFF, .imm = 0 }) + ((struct bpf_insn) { .code = BPF_JMP | BPF_JA, .dst_reg = 0, .src_reg = 0, .off = OFF, .imm = 0 }) # define BPF_JMP_IMM(OP, DST, IMM, OFF) \ - ((struct bpf_insn){ .code = BPF_JMP | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = OFF, .imm = IMM }) + ((struct bpf_insn) { .code = BPF_JMP | BPF_OP (OP) | BPF_K, .dst_reg = DST, .src_reg = 0, .off = OFF, .imm = IMM }) # define BPF_JMP_REG(OP, DST, SRC, OFF) \ - ((struct bpf_insn){ .code = BPF_JMP | BPF_OP (OP) | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 }) + ((struct bpf_insn) { .code = BPF_JMP | BPF_OP (OP) | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = OFF, .imm = 0 }) # define BPF_MOV64_IMM(DST, IMM) \ - ((struct bpf_insn){ .code = BPF_ALU64 | BPF_MOV | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM }) + ((struct bpf_insn) { .code = BPF_ALU64 | BPF_MOV | BPF_K, .dst_reg = DST, .src_reg = 0, .off = 0, .imm = IMM }) # define BPF_MOV32_REG(DST, SRC) \ - ((struct bpf_insn){ .code = BPF_ALU | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 }) + ((struct bpf_insn) { .code = BPF_ALU | BPF_MOV | BPF_X, .dst_reg = DST, .src_reg = SRC, .off = 0, .imm = 0 }) # define BPF_EXIT_INSN() \ - ((struct bpf_insn){ .code = BPF_JMP | BPF_EXIT, .dst_reg = 0, .src_reg = 0, .off = 0, .imm = 0 }) + ((struct bpf_insn) { .code = BPF_JMP | BPF_EXIT, .dst_reg = 0, .src_reg = 0, .off = 0, .imm = 0 }) #endif #ifdef HAVE_EBPF diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c index 2cba09b009..89485250da 100644 --- a/src/libcrun/linux.c +++ b/src/libcrun/linux.c @@ -2131,7 +2131,7 @@ do_mounts (libcrun_container_t *container, int rootfsfd, const char *rootfs, con const char *path = def->mounts[i]->source; /* If copy-symlink is provided, ignore the pre-opened file descriptor since its source was resolved. */ - if (mount_fds->fds[i] >= 0 && ! (extra_flags & OPTION_COPY_SYMLINK)) + if (mount_fds && mount_fds->fds[i] >= 0 && ! (extra_flags & OPTION_COPY_SYMLINK)) { get_proc_self_fd_path (proc_buf, mount_fds->fds[i]); path = proc_buf; diff --git a/src/libcrun/utils.c b/src/libcrun/utils.c index a4374739d4..8b483250d4 100644 --- a/src/libcrun/utils.c +++ b/src/libcrun/utils.c @@ -2182,9 +2182,9 @@ copy_recursive_fd_to_fd (int srcdirfd, int dfd, const char *srcname, const char if (UNLIKELY (ret < 0)) return crun_make_error (err, errno, "chown `%s/%s`", destname, de->d_name); - /* - * ALLPERMS is not defined by POSIX - */ + /* + * ALLPERMS is not defined by POSIX + */ #ifndef ALLPERMS # define ALLPERMS (S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO) #endif diff --git a/src/run.c b/src/run.c index 90d6bc71b9..4e79b86cea 100644 --- a/src/run.c +++ b/src/run.c @@ -93,7 +93,7 @@ parse_opt (int key, char *arg, struct argp_state *state) break; case OPTION_PRESERVE_FDS: - crun_context.preserve_fds = strtoll (argp_mandatory_argument (arg, state), NULL, 10); + crun_context.preserve_fds = parse_int_or_fail (argp_mandatory_argument (arg, state), "preserve-fds"); break; case OPTION_NO_SUBREAPER: @@ -177,7 +177,7 @@ crun_command_run (struct crun_global_arguments *global_args, int argc, char **ar crun_context.bundle = bundle; if (getenv ("LISTEN_FDS")) { - crun_context.listen_fds = strtoll (getenv ("LISTEN_FDS"), NULL, 10); + crun_context.listen_fds = parse_int_or_fail (getenv ("LISTEN_FDS"), "LISTEN_FDS"); crun_context.preserve_fds += crun_context.listen_fds; } diff --git a/tests/init.c b/tests/init.c index d32faf5091..e63aadeade 100644 --- a/tests/init.c +++ b/tests/init.c @@ -364,7 +364,7 @@ memhog (int megabytes) while (1) { /* change one page each 0.1 seconds */ - nanosleep ((const struct timespec[]){ { 0, 100000000L } }, NULL); + nanosleep ((const struct timespec[]) { { 0, 100000000L } }, NULL); buf[pos] = 'c'; pos += sysconf (_SC_PAGESIZE); if (pos > megabytes * 1024 * 1024) diff --git a/tests/tests_libcrun_fuzzer.c b/tests/tests_libcrun_fuzzer.c index 38b19d4dd5..9f73bf4936 100644 --- a/tests/tests_libcrun_fuzzer.c +++ b/tests/tests_libcrun_fuzzer.c @@ -497,7 +497,7 @@ main (int argc, char **argv) return LLVMFuzzerTestOneInput (content, len); } #ifdef FUZZER - extern void HF_ITER (uint8_t * *buf, size_t * len); + extern void HF_ITER (uint8_t **buf, size_t *len); for (;;) { size_t len;