The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/3213
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
When parsing mount options e.g. from lxc.mount.entry the specified options are mapped to the flags constants. To do so, the strings are compared to the options contained in mount_opt. However, when comparing the strings, the length of the string is not checked. That entails that the option "rootcontext=selinux-context" is mapped to the mount option read-only (ro). This commit fixes
this issue by checking if a '=' is contained in the specified option and additionally comparing the length of the strings.
From 85c2de3902df6ccad2c9e0585fb76cd7916a3443 Mon Sep 17 00:00:00 2001
From: Maximilian Blenk <maximilian.bl...@bmw.de>
Date: Thu, 5 Dec 2019 16:44:41 +0100
Subject: [PATCH] config: Fix parsing of mount options
When parsing mount options e.g. from lxc.mount.entry the specified
options are mapped to the flags constants. To do so, the strings
are compared to the options contained in mount_opt. However,
when comparing the strings, the length of the string is not
checked. That entails that the option "rootcontext=selinux-context"
is mapped to the mount option read-only (ro). This commit fixes
this issue by checking if a '=' is contained in the specified option
and additionally comparing the length of the strings.
Signed-off-by: Maximilian Blenk <maximilian.bl...@bmw.de>
---
src/lxc/conf.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index b192c7550a..9410d4c9d8 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1853,16 +1853,21 @@ static void parse_mntopt(char *opt, unsigned long
*flags, char **data, size_t si
{
struct mount_opt *mo;
- /* If opt is found in mount_opt, set or clear flags.
- * Otherwise append it to data. */
-
- for (mo = &mount_opt[0]; mo->name != NULL; mo++) {
- if (strncmp(opt, mo->name, strlen(mo->name)) == 0) {
- if (mo->clear)
- *flags &= ~mo->flag;
- else
- *flags |= mo->flag;
- return;
+ /* If '=' is contained in opt, the option must go into data. */
+ if (!strchr(opt, '=')) {
+
+ /* If opt is found in mount_opt, set or clear flags.
+ * Otherwise append it to data. */
+ size_t opt_len = strlen(opt);
+ for (mo = &mount_opt[0]; mo->name != NULL; mo++) {
+ size_t mo_name_len = strlen(mo->name);
+ if (opt_len == mo_name_len && strncmp(opt, mo->name,
mo_name_len) == 0) {
+ if (mo->clear)
+ *flags &= ~mo->flag;
+ else
+ *flags |= mo->flag;
+ return;
+ }
}
}
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
