Hi Serge - Thanks for confirming that the pid that pid_to_ns_wrapper()
is using is the pid of 'current'. With that being the case, I can't see
how a race condition would occur but a test would be nice if you can
find the time.
The 0003-free-d-at-program-end.patch patch isn't quite right since 'd'
is not freed when cgm_get_controllers() fails. cppcheck still complains
about the leak. I'm not concerned about it but thought I'd mention it.
However, I did spot two new things while (re-)reviewing the new lxcfs
package:
1) The sscanf() in proc_diskstats_read() doesn't place a limit on the
length of the string that is copied into the dev_name buffer. This could
result in a buffer overflow if the device name exceeds 72 characters
(I'm not sure if that's actually possible). The sscanf man page says,
"String input conversions store a terminating null byte ('\0') to mark
the end of the input; the maximum field width does not include this
terminator." That means that the format string should be "%u %u %71s".
2) The sprintf(fnam, ...) calls in pid_to_ns_wrapper(),
pid_from_ns_wrapper(), and get_pid1_time() should be changed to
snprintf(fname, sizeof(fnam), ...). There's no way to overflow those
buffers today but it'll prevent future issues if someone decreases the
size of the fnam buffers in the future.
I trust that you (or Stéphane) will fix the issues mentioned above
correctly so, in interest of time, I don't need to re-review your fixes
before lxcfs is promoted. Thanks! :)
** Changed in: lxcfs (Ubuntu)
Status: Triaged => In Progress
** Changed in: lxcfs (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => Serge Hallyn (serge-hallyn)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1413405
Title:
[MIR] lxcfs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1413405/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
