diff options
| author | CoprDistGit <infra@openeuler.org> | 2023-10-25 03:19:39 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2023-10-25 03:19:39 +0000 |
| commit | 723a12433aa7309e1eb0618be08d9b9fea389b81 (patch) | |
| tree | 6e73a07585bfafeae4404d2247436ed13d337457 /0006-2168-fix-code-bug.patch | |
| parent | e3a65d47f4dae59923d032065e9c335fcdd7a0a8 (diff) | |
automatic import of iSuladopeneuler22.03_LTS_SP2
Diffstat (limited to '0006-2168-fix-code-bug.patch')
| -rw-r--r-- | 0006-2168-fix-code-bug.patch | 1054 |
1 files changed, 1054 insertions, 0 deletions
diff --git a/0006-2168-fix-code-bug.patch b/0006-2168-fix-code-bug.patch new file mode 100644 index 0000000..a54eaf2 --- /dev/null +++ b/0006-2168-fix-code-bug.patch @@ -0,0 +1,1054 @@ +From f6c1ec5c8603124511c7a726a487757609a1d7a5 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu <zhangxiaoyu58@huawei.com> +Date: Tue, 5 Sep 2023 02:15:57 +0000 +Subject: [PATCH 06/33] !2168 fix code bug * fix code bug + +--- + src/daemon/common/events_format.c | 6 +- + src/daemon/common/selinux_label.c | 22 +- + src/daemon/common/selinux_label.h | 8 +- + src/daemon/config/isulad_config.c | 276 ++++++++++-------- + src/daemon/config/isulad_config.h | 62 ++-- + src/daemon/executor/container_cb/execution.c | 4 +- + .../executor/container_cb/execution_create.c | 2 +- + .../executor/container_cb/execution_network.c | 9 + + .../executor/container_cb/execution_stream.h | 6 +- + src/daemon/executor/container_cb/list.c | 4 +- + src/daemon/executor/image_cb/image_cb.c | 18 +- + 11 files changed, 233 insertions(+), 184 deletions(-) + +diff --git a/src/daemon/common/events_format.c b/src/daemon/common/events_format.c +index e5ceab92..514b060e 100644 +--- a/src/daemon/common/events_format.c ++++ b/src/daemon/common/events_format.c +@@ -83,7 +83,11 @@ struct isulad_events_format *dup_event(const struct isulad_events_format *event) + return NULL; + } + +- event_copy(event, out); ++ if (event_copy(event, out) != 0) { ++ ERROR("Failed to copy event"); ++ isulad_events_format_free(out); ++ return NULL; ++ } + + return out; + } +diff --git a/src/daemon/common/selinux_label.c b/src/daemon/common/selinux_label.c +index 585a5e35..e6527bd0 100644 +--- a/src/daemon/common/selinux_label.c ++++ b/src/daemon/common/selinux_label.c +@@ -247,7 +247,7 @@ static int get_current_label(char **content) + return read_con(path, content); + } + +-bool selinux_get_enable() ++bool selinux_get_enable(void) + { + bool enabled_set = false; + bool enabled = false; +@@ -295,7 +295,7 @@ bool selinux_get_enable() + } + + // just disable selinux support for iSulad +-void selinux_set_disabled() ++void selinux_set_disabled(void) + { + (void)set_state_enable(false); + } +@@ -376,9 +376,10 @@ int selinux_state_init(void) + return 0; + } + +-void selinux_state_free() ++void selinux_state_free(void) + { + do_selinux_state_free(g_selinux_state); ++ g_selinux_state = NULL; + } + + /* MCS already exists */ +@@ -986,6 +987,11 @@ int relabel(const char *path, const char *file_label, bool shared) + return 0; + } + ++ if (path == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + tmp_file_label = util_strdup_s(file_label); + if (is_exclude_relabel_path(path)) { + ERROR("SELinux relabeling of %s is not allowed", path); +@@ -1059,6 +1065,11 @@ int dup_security_opt(const char *src, char ***dst, size_t *len) + return 0; + } + ++ if (dst == NULL || len == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + context_t con = context_new(src); + if (con == NULL) { + ERROR("context new failed"); +@@ -1107,6 +1118,11 @@ out: + + int get_disable_security_opt(char ***labels, size_t *labels_len) + { ++ if (labels == NULL || labels_len == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + if (util_array_append(labels, "disable") != 0) { + ERROR("Failed to append label"); + return -1; +diff --git a/src/daemon/common/selinux_label.h b/src/daemon/common/selinux_label.h +index 625e94c3..4a3c03d4 100644 +--- a/src/daemon/common/selinux_label.h ++++ b/src/daemon/common/selinux_label.h +@@ -24,14 +24,14 @@ extern "C" { + #endif + + int selinux_state_init(void); +-void selinux_set_disabled(); +-bool selinux_get_enable(); +-int init_label(const char **label_opts, size_t label_opts_len, char **process_label, char **mount_label); ++void selinux_set_disabled(void); ++bool selinux_get_enable(void); ++int init_label(const char **label_opts, size_t label_opts_len, char **dst_process_label, char **dst_mount_label); + int relabel(const char *path, const char *file_label, bool shared); + int get_disable_security_opt(char ***labels, size_t *labels_len); + int dup_security_opt(const char *src, char ***dst, size_t *len); + char *selinux_format_mountlabel(const char *src, const char *mount_label); +-void selinux_state_free(); ++void selinux_state_free(void); + #ifdef __cplusplus + } + #endif +diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c +index 269ab310..f600f0cf 100644 +--- a/src/daemon/config/isulad_config.c ++++ b/src/daemon/config/isulad_config.c +@@ -125,7 +125,7 @@ out: + } + + /* isulad server conf wrlock */ +-int isulad_server_conf_wrlock() ++int isulad_server_conf_wrlock(void) + { + int ret = 0; + +@@ -138,7 +138,7 @@ int isulad_server_conf_wrlock() + } + + /* isulad server conf rdlock */ +-int isulad_server_conf_rdlock() ++int isulad_server_conf_rdlock(void) + { + int ret = 0; + +@@ -151,7 +151,7 @@ int isulad_server_conf_rdlock() + } + + /* isulad server conf unlock */ +-int isulad_server_conf_unlock() ++int isulad_server_conf_unlock(void) + { + int ret = 0; + +@@ -163,13 +163,13 @@ int isulad_server_conf_unlock() + return ret; + } + +-struct service_arguments *conf_get_server_conf() ++struct service_arguments *conf_get_server_conf(void) + { + return g_isulad_conf.server_conf; + } + + /* conf get isulad pidfile */ +-char *conf_get_isulad_pidfile() ++char *conf_get_isulad_pidfile(void) + { + char *filename = NULL; + struct service_arguments *conf = NULL; +@@ -191,7 +191,7 @@ out: + } + + /* conf get engine rootpath */ +-char *conf_get_engine_rootpath() ++char *conf_get_engine_rootpath(void) + { + char *epath = NULL; + char *rootpath = NULL; +@@ -238,7 +238,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime) + } + + conf = conf_get_server_conf(); +- if (conf == NULL) { ++ if (conf == NULL || conf->json_confs == NULL) { + (void)isulad_server_conf_unlock(); + return -1; + } +@@ -254,7 +254,7 @@ int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime) + } + + /* conf get graph checked flag file path */ +-char *conf_get_graph_check_flag_file() ++char *conf_get_graph_check_flag_file(void) + { + char *epath = NULL; + char *rootpath = NULL; +@@ -307,7 +307,7 @@ char *conf_get_routine_rootdir(const char *runtime) + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->graph == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) { + ERROR("Server conf is NULL or rootpath is NULL"); + goto out; + } +@@ -357,7 +357,7 @@ char *conf_get_routine_statedir(const char *runtime) + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->state == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) { + goto out; + } + +@@ -460,7 +460,7 @@ out: + #endif + + /* conf get isulad rootdir */ +-char *conf_get_isulad_rootdir() ++char *conf_get_isulad_rootdir(void) + { + char *path = NULL; + struct service_arguments *conf = NULL; +@@ -470,7 +470,7 @@ char *conf_get_isulad_rootdir() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->graph == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->graph == NULL) { + goto out; + } + +@@ -482,7 +482,7 @@ out: + } + + /* conf get registry */ +-char **conf_get_registry_list() ++char **conf_get_registry_list(void) + { + int nret = 0; + size_t i; +@@ -495,7 +495,7 @@ char **conf_get_registry_list() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->registry_mirrors_len == 0) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->registry_mirrors_len == 0) { + goto out; + } + +@@ -518,7 +518,7 @@ out: + } + + /* conf get insecure registry */ +-char **conf_get_insecure_registry_list() ++char **conf_get_insecure_registry_list(void) + { + int nret = 0; + size_t i; +@@ -531,7 +531,7 @@ char **conf_get_insecure_registry_list() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->insecure_registries_len == 0) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->insecure_registries_len == 0) { + goto out; + } + +@@ -554,7 +554,7 @@ out: + } + + /* conf get isulad statedir */ +-char *conf_get_isulad_statedir() ++char *conf_get_isulad_statedir(void) + { + char *path = NULL; + struct service_arguments *conf = NULL; +@@ -564,7 +564,7 @@ char *conf_get_isulad_statedir() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->state == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->state == NULL) { + goto out; + } + +@@ -576,7 +576,7 @@ out: + } + + /* isulad monitor fifo name */ +-char *conf_get_isulad_monitor_fifo_path() ++char *conf_get_isulad_monitor_fifo_path(void) + { + int ret; + char fifo_file_path[PATH_MAX] = { 0 }; +@@ -631,7 +631,7 @@ static char *get_parent_mount_dir(char *graph) + } + + /* conf get isulad mount rootfs */ +-char *conf_get_isulad_mount_rootfs() ++char *conf_get_isulad_mount_rootfs(void) + { + char *path = NULL; + struct service_arguments *conf = NULL; +@@ -653,7 +653,7 @@ out: + } + + /* conf get isulad umask for containers */ +-char *conf_get_isulad_native_umask() ++char *conf_get_isulad_native_umask(void) + { + char *umask = NULL; + struct service_arguments *conf = NULL; +@@ -663,7 +663,7 @@ char *conf_get_isulad_native_umask() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->native_umask == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->native_umask == NULL) { + goto out; + } + +@@ -675,7 +675,7 @@ out: + } + + /* conf get isulad cgroup parent for containers */ +-char *conf_get_isulad_cgroup_parent() ++char *conf_get_isulad_cgroup_parent(void) + { + char *cgroup_parent = NULL; + struct service_arguments *conf = NULL; +@@ -685,7 +685,7 @@ char *conf_get_isulad_cgroup_parent() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->cgroup_parent == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->cgroup_parent == NULL) { + goto out; + } + +@@ -697,7 +697,7 @@ out: + } + + /* conf get isulad loglevel */ +-char *conf_get_isulad_loglevel() ++char *conf_get_isulad_loglevel(void) + { + char *loglevel = NULL; + struct service_arguments *conf = NULL; +@@ -707,7 +707,7 @@ char *conf_get_isulad_loglevel() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->log_level == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_level == NULL) { + goto out; + } + +@@ -725,7 +725,7 @@ char *get_log_file_helper(const struct service_arguments *conf, const char *suff + size_t len = 0; + int nret = 0; + +- if (suffix == NULL) { ++ if (conf == NULL || suffix == NULL) { + return NULL; + } + +@@ -757,7 +757,7 @@ out: + } + + /* conf get isulad log gather fifo path */ +-char *conf_get_isulad_log_gather_fifo_path() ++char *conf_get_isulad_log_gather_fifo_path(void) + { + #define LOG_GATHER_FIFO_NAME "/isulad_log_gather_fifo" + char *logfile = NULL; +@@ -796,7 +796,7 @@ out: + } + + /* conf get isulad log file */ +-char *conf_get_isulad_log_file() ++char *conf_get_isulad_log_file(void) + { + char *logfile = NULL; + struct service_arguments *conf = NULL; +@@ -818,7 +818,7 @@ out: + } + + /* conf get engine log file */ +-char *conf_get_engine_log_file() ++char *conf_get_engine_log_file(void) + { + char *logfile = NULL; + char *full_path = NULL; +@@ -885,7 +885,7 @@ int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_ + } + + /* conf get isulad logdriver */ +-char *conf_get_isulad_logdriver() ++char *conf_get_isulad_logdriver(void) + { + char *logdriver = NULL; + struct service_arguments *conf = NULL; +@@ -895,7 +895,7 @@ char *conf_get_isulad_logdriver() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->log_driver == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->log_driver == NULL) { + goto out; + } + +@@ -915,12 +915,17 @@ int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts) + size_t i; + int ret = 0; + ++ if (opts == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + if (isulad_server_conf_rdlock() != 0) { + return -1; + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->container_log == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->container_log == NULL) { + goto out; + } + work = conf->json_confs->container_log; +@@ -962,7 +967,7 @@ out: + } + + /* conf get image layer check flag */ +-bool conf_get_image_layer_check_flag() ++bool conf_get_image_layer_check_flag(void) + { + bool check_flag = false; + struct service_arguments *conf = NULL; +@@ -972,7 +977,7 @@ bool conf_get_image_layer_check_flag() + } + + conf = conf_get_server_conf(); +- if (conf == NULL) { ++ if (conf == NULL || conf->json_confs == NULL) { + goto out; + } + +@@ -984,7 +989,7 @@ out: + } + + /* conf get flag of use decrypted key to pull image */ +-bool conf_get_use_decrypted_key_flag() ++bool conf_get_use_decrypted_key_flag(void) + { + bool check_flag = true; + struct service_arguments *conf = NULL; +@@ -994,7 +999,7 @@ bool conf_get_use_decrypted_key_flag() + } + + conf = conf_get_server_conf(); +- if (conf == NULL || conf->json_confs->use_decrypted_key == NULL) { ++ if (conf == NULL || conf->json_confs == NULL || conf->json_confs->use_decrypted_key == NULL) { + goto out; + } + +@@ -1005,7 +1010,7 @@ out: + return check_flag; + } + +-bool conf_get_skip_insecure_verify_flag() ++bool conf_get_skip_insecure_verify_flag(void) + { + bool check_flag = false; + struct service_arguments *conf = NULL; +@@ -1015,7 +1020,7 @@ bool conf_get_skip_insecure_verify_flag() + } + + conf = conf_get_server_conf(); +- if (conf == NULL) { ++ if (conf == NULL || conf->json_confs == NULL) { + goto out; + } + +@@ -1026,69 +1031,86 @@ out: + return check_flag; + } + +-#define OCI_STR_ARRAY_DUP(src, dest, srclen, destlen, ret) \ +- do { \ +- if ((src) != NULL) { \ +- (dest) = util_str_array_dup((const char **)(src), (srclen)); \ +- if ((dest) == NULL) { \ +- (ret) = -1; \ +- goto out; \ +- } \ +- (destlen) = (srclen); \ +- } \ +- } while (0) +- +-#define HOOKS_ELEM_DUP_DEF(item) \ +- defs_hook *hooks_##item##_elem_dup(const defs_hook *src) \ +- { \ +- int ret = 0; \ +- defs_hook *dest = NULL; \ +- if (src == NULL) \ +- return NULL; \ +- dest = util_common_calloc_s(sizeof(defs_hook)); \ +- if (dest == NULL) \ +- return NULL; \ +- dest->path = util_strdup_s(src->path); \ +- OCI_STR_ARRAY_DUP(src->args, dest->args, src->args_len, dest->args_len, ret); \ +- OCI_STR_ARRAY_DUP(src->env, dest->env, src->env_len, dest->env_len, ret); \ +- dest->timeout = src->timeout; \ +- out: \ +- if (ret != 0 && dest != NULL) { \ +- free_defs_hook(dest); \ +- dest = NULL; \ +- } \ +- return dest; \ +- } +- +-/* HOOKS ELEM DUP DEF */ +-HOOKS_ELEM_DUP_DEF(prestart) +-/* HOOKS ELEM DUP DEF */ +-HOOKS_ELEM_DUP_DEF(poststart) +-/* HOOKS ELEM DUP DEF */ +-HOOKS_ELEM_DUP_DEF(poststop) +- +-#define HOOKS_ITEM_DUP_DEF(item) \ +- int hooks_##item##_dup(oci_runtime_spec_hooks *dest, const oci_runtime_spec_hooks *src) \ +- { \ +- int i = 0; \ +- dest->item = util_smart_calloc_s(sizeof(defs_hook *), (src->item##_len + 1)); \ +- if (dest->item == NULL) \ +- return -1; \ +- dest->item##_len = src->item##_len; \ +- for (; (size_t)i < src->item##_len; ++i) { \ +- dest->item[i] = hooks_##item##_elem_dup(src->item[i]); \ +- if (dest->item[i] == NULL) \ +- return -1; \ +- } \ +- return 0; \ +- } +- +-/* HOOKS ITEM DUP DEF */ +-HOOKS_ITEM_DUP_DEF(prestart) +-/* HOOKS ITEM DUP DEF */ +-HOOKS_ITEM_DUP_DEF(poststart) +-/* HOOKS ITEM DUP DEF */ +-HOOKS_ITEM_DUP_DEF(poststop) ++static defs_hook *hooks_elem_dup(const defs_hook *src) ++{ ++ defs_hook *dest = NULL; ++ ++ if (src == NULL) { ++ return NULL; ++ } ++ ++ dest = (defs_hook *)util_common_calloc_s(sizeof(defs_hook)); ++ if (dest == NULL) { ++ ERROR("Out of memory"); ++ return NULL; ++ } ++ ++ dest->path = util_strdup_s(src->path); ++ dest->timeout = src->timeout; ++ ++ if (src->args_len != 0) { ++ dest->args = util_str_array_dup((const char **)(src->args), src->args_len); ++ if (dest->args == NULL) { ++ ERROR("Failed to duplicate string array"); ++ goto err_out; ++ } ++ dest->args_len = src->args_len; ++ } ++ ++ if (src->env_len != 0) { ++ dest->env = util_str_array_dup((const char **)(src->env), src->env_len); ++ if (dest->env == NULL) { ++ ERROR("Failed to duplicate string array"); ++ goto err_out; ++ } ++ dest->env_len = src->env_len; ++ } ++ ++ return dest; ++ ++err_out: ++ free_defs_hook(dest); ++ return NULL; ++} ++ ++static int hooks_array_dup(const defs_hook **src, const size_t src_len, defs_hook ***dst, size_t *dst_len) ++{ ++ size_t i; ++ size_t tmp_len = 0; ++ defs_hook **tmp_dst = NULL; ++ ++ if (src_len > SIZE_MAX - 1) { ++ ERROR("Invalid hooks array length"); ++ return -1; ++ } ++ ++ tmp_dst = (defs_hook **)util_smart_calloc_s(sizeof(defs_hook *), src_len + 1); ++ if (tmp_dst == NULL) { ++ ERROR("Out of memory"); ++ return -1; ++ } ++ ++ for(i = 0; i < src_len; i++) { ++ tmp_dst[i] = hooks_elem_dup(src[i]); ++ if (tmp_dst[i] == NULL) { ++ ERROR("Failed to duplicate hooks element"); ++ goto err_out; ++ } ++ tmp_len++; ++ } ++ ++ *dst = tmp_dst; ++ *dst_len = tmp_len; ++ return 0; ++ ++err_out: ++ for(i = 0; i < tmp_len; i++) { ++ free_defs_hook(tmp_dst[i]); ++ } ++ free(tmp_dst); ++ ++ return -1; ++} + + /* hooks_dup */ + oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src) +@@ -1104,17 +1126,17 @@ oci_runtime_spec_hooks *hooks_dup(const oci_runtime_spec_hooks *src) + return NULL; + } + +- ret = hooks_prestart_dup(dest, src); ++ ret = hooks_array_dup((const defs_hook **)src->prestart, src->prestart_len, &dest->prestart, &dest->prestart_len); + if (ret != 0) { + goto out; + } + +- ret = hooks_poststart_dup(dest, src); ++ ret = hooks_array_dup((const defs_hook **)src->poststart, src->poststart_len, &dest->poststart, &dest->poststart_len); + if (ret != 0) { + goto out; + } + +- ret = hooks_poststop_dup(dest, src); ++ ret = hooks_array_dup((const defs_hook **)src->poststop, src->poststop_len, &dest->poststop, &dest->poststop_len); + + out: + if (ret != 0) { +@@ -1130,6 +1152,11 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks) + int ret = 0; + struct service_arguments *conf = NULL; + ++ if (phooks == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + if (isulad_server_conf_rdlock() != 0) { + return -1; + } +@@ -1184,7 +1211,7 @@ out: + } + + /* conf get start timeout */ +-unsigned int conf_get_start_timeout() ++unsigned int conf_get_start_timeout(void) + { + struct service_arguments *conf = NULL; + unsigned int ret = 0; +@@ -1204,7 +1231,7 @@ out: + return ret; + } + +-char *conf_get_default_runtime() ++char *conf_get_default_runtime(void) + { + struct service_arguments *conf = NULL; + char *result = NULL; +@@ -1226,7 +1253,7 @@ out: + return result; + } + +-char *conf_get_enable_plugins() ++char *conf_get_enable_plugins(void) + { + struct service_arguments *conf = NULL; + char *plugins = NULL; +@@ -1249,7 +1276,7 @@ out: + } + + #ifdef ENABLE_USERNS_REMAP +-char *conf_get_isulad_userns_remap() ++char *conf_get_isulad_userns_remap(void) + { + struct service_arguments *conf = NULL; + char *userns_remap = NULL; +@@ -1335,7 +1362,7 @@ int conf_get_cni_bin_dir(char ***dst) + } + + /* conf get websocket server listening port */ +-int32_t conf_get_websocket_server_listening_port() ++int32_t conf_get_websocket_server_listening_port(void) + { + int32_t port = 0; + struct service_arguments *conf = NULL; +@@ -1345,7 +1372,7 @@ int32_t conf_get_websocket_server_listening_port() + } + + conf = conf_get_server_conf(); +- if (conf == NULL) { ++ if (conf == NULL || conf->json_confs == NULL) { + goto out; + } + +@@ -1401,6 +1428,10 @@ int set_unix_socket_group(const char *socket, const char *group) + return -1; + } + ++ if (!util_has_prefix(socket, UNIX_SOCKET_PREFIX)) { ++ ERROR("Invalid unix socket: %s", socket); ++ return -1; ++ } + path = socket + strlen(UNIX_SOCKET_PREFIX); + + if (strlen(path) > PATH_MAX || realpath(path, rpath) == NULL) { +@@ -1430,15 +1461,6 @@ out: + return ret; + } + +-#define OVERRIDE_STRING_VALUE(dst, src) \ +- do { \ +- if ((src) != NULL && strlen((src)) != 0) { \ +- free((dst)); \ +- (dst) = (src); \ +- (src) = NULL; \ +- } \ +- } while (0) +- + static int string_array_append(char **suffix, size_t suffix_len, size_t *curr_len, char ***result) + { + if (suffix_len > 0) { +@@ -1463,6 +1485,11 @@ int parse_log_opts(struct service_arguments *args, const char *key, const char * + { + int ret = -1; + ++ if (args == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + if (key == NULL || value == NULL) { + return 0; + } +@@ -1682,6 +1709,11 @@ int merge_json_confs_into_global(struct service_arguments *args) + parser_error err = NULL; + int ret = 0; + ++ if (args == NULL) { ++ ERROR("Empty arguments"); ++ return -1; ++ } ++ + tmp_json_confs = isulad_daemon_configs_parse_file(ISULAD_DAEMON_JSON_CONF_FILE, NULL, &err); + if (tmp_json_confs == NULL) { + COMMAND_ERROR("Load isulad json config failed: %s", err != NULL ? err : ""); +@@ -1828,7 +1860,7 @@ static bool valid_isulad_daemon_constants(isulad_daemon_constants *config) + return true; + } + +-int init_isulad_daemon_constants() ++int init_isulad_daemon_constants(void) + { + parser_error err = NULL; + int ret = 0; +@@ -1855,7 +1887,7 @@ out: + return ret; + } + +-isulad_daemon_constants *get_isulad_daemon_constants() ++isulad_daemon_constants *get_isulad_daemon_constants(void) + { + return g_isulad_daemon_constants; + } +diff --git a/src/daemon/config/isulad_config.h b/src/daemon/config/isulad_config.h +index 92edd6e0..4fe1acdc 100644 +--- a/src/daemon/config/isulad_config.h ++++ b/src/daemon/config/isulad_config.h +@@ -42,43 +42,43 @@ char *conf_get_sandbox_rootpath(void); + char *conf_get_sandbox_statepath(void); + #endif + +-char *conf_get_isulad_pidfile(); +-char *conf_get_engine_rootpath(); ++char *conf_get_isulad_pidfile(void); ++char *conf_get_engine_rootpath(void); + char *conf_get_routine_rootdir(const char *runtime); + char *conf_get_routine_statedir(const char *runtime); +-char *conf_get_isulad_rootdir(); +-char *conf_get_isulad_statedir(); +-char *conf_get_isulad_mount_rootfs(); +-char *conf_get_isulad_loglevel(); +-char *conf_get_isulad_logdriver(); ++char *conf_get_isulad_rootdir(void); ++char *conf_get_isulad_statedir(void); ++char *conf_get_isulad_mount_rootfs(void); ++char *conf_get_isulad_loglevel(void); ++char *conf_get_isulad_logdriver(void); + int conf_get_daemon_log_config(char **loglevel, char **logdriver, char **engine_log_path); +-char *conf_get_isulad_log_gather_fifo_path(); ++char *conf_get_isulad_log_gather_fifo_path(void); + + int conf_get_cgroup_cpu_rt(int64_t *cpu_rt_period, int64_t *cpu_rt_runtime); + + int conf_get_container_log_opts(isulad_daemon_configs_container_log **opts); + +-char *conf_get_isulad_log_file(); +-char *conf_get_engine_log_file(); +-char *conf_get_enable_plugins(); ++char *conf_get_isulad_log_file(void); ++char *conf_get_engine_log_file(void); ++char *conf_get_enable_plugins(void); + #ifdef ENABLE_USERNS_REMAP +-char *conf_get_isulad_userns_remap(); ++char *conf_get_isulad_userns_remap(void); + #endif +-char *conf_get_cni_conf_dir(); ++char *conf_get_cni_conf_dir(void); + int conf_get_cni_bin_dir(char ***dst); +-int32_t conf_get_websocket_server_listening_port(); ++int32_t conf_get_websocket_server_listening_port(void); + + int save_args_to_conf(struct service_arguments *args); + + int set_unix_socket_group(const char *socket, const char *group); + +-int isulad_server_conf_wrlock(); ++int isulad_server_conf_wrlock(void); + +-int isulad_server_conf_rdlock(); ++int isulad_server_conf_rdlock(void); + +-int isulad_server_conf_unlock(); ++int isulad_server_conf_unlock(void); + +-struct service_arguments *conf_get_server_conf(); ++struct service_arguments *conf_get_server_conf(void); + + int get_system_cpu_usage(uint64_t *val); + +@@ -86,31 +86,31 @@ int conf_get_isulad_hooks(oci_runtime_spec_hooks **phooks); + + int conf_get_isulad_default_ulimit(host_config_ulimits_element ***ulimit); + +-unsigned int conf_get_start_timeout(); ++unsigned int conf_get_start_timeout(void); + +-char **conf_get_insecure_registry_list(); ++char **conf_get_insecure_registry_list(void); + +-char **conf_get_registry_list(); +-char *conf_get_isulad_native_umask(); ++char **conf_get_registry_list(void); ++char *conf_get_isulad_native_umask(void); + +-char *conf_get_isulad_cgroup_parent(); ++char *conf_get_isulad_cgroup_parent(void); + +-char *conf_get_default_runtime(); ++char *conf_get_default_runtime(void); + +-char *conf_get_graph_check_flag_file(); ++char *conf_get_graph_check_flag_file(void); + +-bool conf_get_image_layer_check_flag(); ++bool conf_get_image_layer_check_flag(void); + + int merge_json_confs_into_global(struct service_arguments *args); + +-bool conf_get_use_decrypted_key_flag(); +-bool conf_get_skip_insecure_verify_flag(); ++bool conf_get_use_decrypted_key_flag(void); ++bool conf_get_skip_insecure_verify_flag(void); + int parse_log_opts(struct service_arguments *args, const char *key, const char *value); + +-char *conf_get_isulad_monitor_fifo_path(); ++char *conf_get_isulad_monitor_fifo_path(void); + +-int init_isulad_daemon_constants(); +-isulad_daemon_constants *get_isulad_daemon_constants(); ++int init_isulad_daemon_constants(void); ++isulad_daemon_constants *get_isulad_daemon_constants(void); + + #ifdef __cplusplus + } +diff --git a/src/daemon/executor/container_cb/execution.c b/src/daemon/executor/container_cb/execution.c +index ca4061b4..dbfec59e 100644 +--- a/src/daemon/executor/container_cb/execution.c ++++ b/src/daemon/executor/container_cb/execution.c +@@ -912,8 +912,8 @@ static int container_kill_cb(const container_kill_request *request, container_ki + } + + if (!util_valid_signal((int)signal)) { +- isulad_set_error_message("Not supported signal %d", signal); +- ERROR("Not supported signal %d", signal); ++ isulad_set_error_message("Not supported signal %u", signal); ++ ERROR("Not supported signal %u", signal); + cc = ISULAD_ERR_EXEC; + goto pack_response; + } +diff --git a/src/daemon/executor/container_cb/execution_create.c b/src/daemon/executor/container_cb/execution_create.c +index c65aa281..9c097121 100644 +--- a/src/daemon/executor/container_cb/execution_create.c ++++ b/src/daemon/executor/container_cb/execution_create.c +@@ -706,7 +706,7 @@ out: + free(runtime_root); + free(runtime_stat); + if (ret != 0) { +- /* fail, do not use the input v2 spec, host spec and network settings, the memeory will be free by caller*/ ++ /* fail, do not use the input v2 spec, host spec and network settings, the memeory will be free by caller */ + if (cont != NULL) { + cont->common_config = NULL; + cont->hostconfig = NULL; +diff --git a/src/daemon/executor/container_cb/execution_network.c b/src/daemon/executor/container_cb/execution_network.c +index 1ff360f2..ce924332 100644 +--- a/src/daemon/executor/container_cb/execution_network.c ++++ b/src/daemon/executor/container_cb/execution_network.c +@@ -81,11 +81,20 @@ out: + + static int fopen_network(FILE **fp, char **file_path, const char *rootfs, const char *filename) + { ++ int64_t size = 0; ++ + if (util_realpath_in_scope(rootfs, filename, file_path) < 0) { + SYSERROR("Failed to get real path '%s' under rootfs '%s'", filename, rootfs); + isulad_set_error_message("Failed to get real path '%s' under rootfs '%s'", filename, rootfs); + return -1; + } ++ ++ size = util_file_size(*file_path); ++ if (size > REGULAR_FILE_SIZE) { ++ ERROR("Target file '%s', size exceed limit: %lld", *file_path, REGULAR_FILE_SIZE); ++ return -1; ++ } ++ + *fp = util_fopen(*file_path, "a+"); + if (*fp == NULL) { + SYSERROR("Failed to open %s", *file_path); +diff --git a/src/daemon/executor/container_cb/execution_stream.h b/src/daemon/executor/container_cb/execution_stream.h +index 227cc2c3..c0dba7d0 100644 +--- a/src/daemon/executor/container_cb/execution_stream.h ++++ b/src/daemon/executor/container_cb/execution_stream.h +@@ -1,6 +1,3 @@ +-#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H +-#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H +- + /****************************************************************************** + * Copyright (c) Huawei Technologies Co., Ltd. 2017-2019. All rights reserved. + * iSulad licensed under the Mulan PSL v2. +@@ -16,6 +13,9 @@ + * Description: provide container list callback function definition + *********************************************************************************/ + ++#ifndef DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H ++#define DAEMON_EXECUTOR_CONTAINER_CB_EXECUTION_STREAM_H ++ + #include "callback.h" + + #ifdef __cplusplus +diff --git a/src/daemon/executor/container_cb/list.c b/src/daemon/executor/container_cb/list.c +index 539a1314..243eb4d2 100644 +--- a/src/daemon/executor/container_cb/list.c ++++ b/src/daemon/executor/container_cb/list.c +@@ -164,14 +164,14 @@ static int append_ids(const map_t *matches, char ***filtered_ids) + return 0; + } + +-static int insert_matched_id(char **ids, map_t *matches, void *value, size_t ids_len) ++static int insert_matched_id(char **ids, map_t *matches, bool *value, size_t ids_len) + { + size_t i; + + for (i = 0; i < ids_len; i++) { + container_t *cont = containers_store_get_by_prefix(ids[i]); + if (cont != NULL) { +- bool inserted = map_insert(matches, cont->common_config->id, value); ++ bool inserted = map_insert(matches, (void *)cont->common_config->id, (void *)value); + container_unref(cont); + if (!inserted) { + ERROR("Insert map failed: %s", ids[i]); +diff --git a/src/daemon/executor/image_cb/image_cb.c b/src/daemon/executor/image_cb/image_cb.c +index 124feb21..61fa29db 100644 +--- a/src/daemon/executor/image_cb/image_cb.c ++++ b/src/daemon/executor/image_cb/image_cb.c +@@ -597,7 +597,7 @@ static int trans_one_image(image_list_images_response *response, size_t image_in + goto out; + } + +- if (!unix_nanos_to_timestamp(created_nanos, ×tamp) != 0) { ++ if (!unix_nanos_to_timestamp(created_nanos, ×tamp)) { + ERROR("Failed to translate nanos to timestamp"); + ret = -1; + goto out; +@@ -673,19 +673,6 @@ out: + return ret; + } + +-static im_list_request *image_list_context_new(const image_list_images_request *request) +-{ +- im_list_request *ctx = NULL; +- +- ctx = util_common_calloc_s(sizeof(im_list_request)); +- if (ctx == NULL) { +- ERROR("Out of memory"); +- return NULL; +- } +- +- return ctx; +-} +- + #ifdef ENABLE_OCI_IMAGE + struct image_list_context { + struct filters_args *image_filters; +@@ -731,11 +718,12 @@ static im_list_request *fold_filter(const image_list_images_request *request) + { + im_list_request *ctx = NULL; + +- ctx = image_list_context_new(request); ++ ctx = (im_list_request *)util_common_calloc_s(sizeof(im_list_request)); + if (ctx == NULL) { + ERROR("Out of memory"); + goto error_out; + } ++ + #ifdef ENABLE_OCI_IMAGE + size_t i; + if (request->filters == NULL) { +-- +2.40.1 + |