The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/3442
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) ===
From 4e61b19d62ea7e9d4d2c11b863701b75e24c6ad9 Mon Sep 17 00:00:00 2001 From: Thomas Parrott <thomas.parr...@canonical.com> Date: Tue, 9 Jun 2020 12:01:41 +0100 Subject: [PATCH 1/3] confile: Fix coverity issue, missing return in get_config_net_veth_vlan_tagged_id Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com> --- src/lxc/confile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 3ee2e8847a..68403e65e0 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -5906,7 +5906,7 @@ static int get_config_net_veth_vlan_tagged_id(const char *key, char *retv, int i struct lxc_netdev *netdev = data; if (!netdev) - ret_errno(EINVAL); + return ret_errno(EINVAL); if (netdev->type != LXC_NET_VETH) return 0; From 785e15403e7a004a285686342e6d4b973e278803 Mon Sep 17 00:00:00 2001 From: Thomas Parrott <thomas.parr...@canonical.com> Date: Tue, 9 Jun 2020 12:03:06 +0100 Subject: [PATCH 2/3] network: Fix coverity issue, leaking data in lxc_ovs_setup_bridge_vlan_exec Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com> --- src/lxc/network.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/src/lxc/network.c b/src/lxc/network.c index 2ff053ecae..9691ec94a0 100644 --- a/src/lxc/network.c +++ b/src/lxc/network.c @@ -433,11 +433,14 @@ struct ovs_veth_vlan_args { static int lxc_ovs_setup_bridge_vlan_exec(void *data) { struct ovs_veth_vlan_args *args = data; - const char *vlan_mode = "", *tag = "", *trunks = ""; + __do_free char *vlan_mode = NULL, *tag = NULL, *trunks = NULL; + + if (!args->vlan_mode) + return ret_errno(EINVAL); vlan_mode = must_concat(NULL, "vlan_mode=", args->vlan_mode, (char *)NULL); - if (args->vlan_id >= 0) { + if (args->vlan_id > BRIDGE_VLAN_NONE) { char buf[5]; int rc; @@ -449,15 +452,15 @@ static int lxc_ovs_setup_bridge_vlan_exec(void *data) } - if (strcmp(args->trunks, "") != 0) + if (args->trunks) trunks = must_concat(NULL, "trunks=", args->trunks, (char *)NULL); /* Detect the combination of vlan_id and trunks specified and convert to ovs-vsctl command. */ - if (strcmp(tag, "") != 0 && strcmp(trunks, "") != 0) + if (tag && trunks) execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, tag, trunks, (char *)NULL); - else if (strcmp(tag, "") != 0) + else if (tag) execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, tag, (char *)NULL); - else if (strcmp(trunks, "") != 0) + else if (trunks) execlp("ovs-vsctl", "ovs-vsctl", "set", "port", args->nic, vlan_mode, trunks, (char *)NULL); else return -EINVAL; From 1ee07848e7cbfb9b0673167e8f40f20082e398b1 Mon Sep 17 00:00:00 2001 From: Thomas Parrott <thomas.parr...@canonical.com> Date: Tue, 9 Jun 2020 12:03:40 +0100 Subject: [PATCH 3/3] network: Fix coverity issue, dont initialise string pointers in setup_veth_ovs_bridge_vlan This is needed by lxc_ovs_setup_bridge_vlan_exec. Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com> --- src/lxc/network.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/lxc/network.c b/src/lxc/network.c index 9691ec94a0..84bfb6b390 100644 --- a/src/lxc/network.c +++ b/src/lxc/network.c @@ -473,9 +473,9 @@ static int setup_veth_ovs_bridge_vlan(char *veth1, struct lxc_netdev *netdev) int taggedLength = lxc_list_len(&netdev->priv.veth_attr.vlan_tagged_ids); struct ovs_veth_vlan_args args; args.nic = veth1; - args.vlan_mode = ""; - args.vlan_id = -1; - args.trunks = ""; + args.vlan_mode = NULL; + args.vlan_id = BRIDGE_VLAN_NONE; + args.trunks = NULL; /* Skip setup if no VLAN options are specified. */ if (!netdev->priv.veth_attr.vlan_id_set && taggedLength <= 0) @@ -515,11 +515,14 @@ static int setup_veth_ovs_bridge_vlan(char *veth1, struct lxc_netdev *netdev) if (rc < 0 || (size_t)rc >= sizeof(buf)) return log_error_errno(-1, EINVAL, "Failed to parse tagged vlan \"%u\" for interface \"%s\"", vlan_id, veth1); - args.trunks = must_concat(NULL, args.trunks, buf, ",", (char *)NULL); + if (args.trunks) + args.trunks = must_concat(NULL, args.trunks, buf, ",", (char *)NULL); + else + args.trunks = must_concat(NULL, buf, ",", (char *)NULL); } } - if (strcmp(args.vlan_mode, "") != 0) { + if (args.vlan_mode) { int ret; char cmd_output[PATH_MAX];
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel