summaryrefslogtreecommitdiff
path: root/0003-bugfix-for-mount-point-remains-under-special-circums.patch
diff options
context:
space:
mode:
Diffstat (limited to '0003-bugfix-for-mount-point-remains-under-special-circums.patch')
-rw-r--r--0003-bugfix-for-mount-point-remains-under-special-circums.patch123
1 files changed, 123 insertions, 0 deletions
diff --git a/0003-bugfix-for-mount-point-remains-under-special-circums.patch b/0003-bugfix-for-mount-point-remains-under-special-circums.patch
new file mode 100644
index 0000000..4465d41
--- /dev/null
+++ b/0003-bugfix-for-mount-point-remains-under-special-circums.patch
@@ -0,0 +1,123 @@
+From cd018d3c1ebff2a328912d99fc43c9a7e4f60704 Mon Sep 17 00:00:00 2001
+From: zhongtao <zhongtao17@huawei.com>
+Date: Thu, 25 Jan 2024 11:24:59 +0800
+Subject: [PATCH 03/43] bugfix for mount point remains under special
+ circumstances
+
+Signed-off-by: zhongtao <zhongtao17@huawei.com>
+---
+ src/cmd/isulad/main.c | 14 +++++++-------
+ .../modules/container/leftover_cleanup/cleanup.c | 14 +++++++-------
+ src/utils/tar/util_archive.c | 14 +++++++-------
+ 3 files changed, 21 insertions(+), 21 deletions(-)
+
+diff --git a/src/cmd/isulad/main.c b/src/cmd/isulad/main.c
+index d9d8afa0..deca72be 100644
+--- a/src/cmd/isulad/main.c
++++ b/src/cmd/isulad/main.c
+@@ -1271,23 +1271,23 @@ static int do_ensure_isulad_tmpdir_security(const char *isulad_tmp_dir)
+ char tmp_dir[PATH_MAX] = { 0 };
+ char cleanpath[PATH_MAX] = { 0 };
+
+- nret = snprintf(tmp_dir, PATH_MAX, "%s/isulad_tmpdir", isulad_tmp_dir);
+- if (nret < 0 || (size_t)nret >= PATH_MAX) {
+- ERROR("Failed to snprintf");
++ if (realpath(isulad_tmp_dir, cleanpath) == NULL) {
++ ERROR("Failed to get real path for %s", tmp_dir);
+ return -1;
+ }
+
+- if (util_clean_path(tmp_dir, cleanpath, sizeof(cleanpath)) == NULL) {
+- ERROR("Failed to clean path for %s", tmp_dir);
++ nret = snprintf(tmp_dir, PATH_MAX, "%s/isulad_tmpdir", cleanpath);
++ if (nret < 0 || (size_t)nret >= PATH_MAX) {
++ ERROR("Failed to snprintf");
+ return -1;
+ }
+
+- if (isulad_tmpdir_security_check(cleanpath) == 0) {
++ if (isulad_tmpdir_security_check(tmp_dir) == 0) {
+ return 0;
+ }
+
+ INFO("iSulad tmpdir: %s does not meet security requirements, recreate it", isulad_tmp_dir);
+- return recreate_tmpdir(cleanpath);
++ return recreate_tmpdir(tmp_dir);
+ }
+
+ static int ensure_isulad_tmpdir_security()
+diff --git a/src/daemon/modules/container/leftover_cleanup/cleanup.c b/src/daemon/modules/container/leftover_cleanup/cleanup.c
+index b78a4d15..08151f42 100644
+--- a/src/daemon/modules/container/leftover_cleanup/cleanup.c
++++ b/src/daemon/modules/container/leftover_cleanup/cleanup.c
+@@ -175,22 +175,22 @@ static void cleanup_path(char *dir)
+ char tmp_dir[PATH_MAX] = { 0 };
+ char cleanpath[PATH_MAX] = { 0 };
+
+- nret = snprintf(tmp_dir, PATH_MAX, "%s/isulad_tmpdir", dir);
+- if (nret < 0 || (size_t)nret >= PATH_MAX) {
+- ERROR("Failed to snprintf");
++ if (realpath(dir, cleanpath) == NULL) {
++ ERROR("get real path for %s failed", tmp_dir);
+ return;
+ }
+
+- if (util_clean_path(tmp_dir, cleanpath, sizeof(cleanpath)) == NULL) {
+- ERROR("clean path for %s failed", tmp_dir);
++ nret = snprintf(tmp_dir, PATH_MAX, "%s/isulad_tmpdir", cleanpath);
++ if (nret < 0 || (size_t)nret >= PATH_MAX) {
++ ERROR("Failed to snprintf");
+ return;
+ }
+
+- if (!util_dir_exists(cleanpath)) {
++ if (!util_dir_exists(tmp_dir)) {
+ return;
+ }
+
+- nret = util_scan_subdirs(cleanpath, walk_isulad_tmpdir_cb, NULL);
++ nret = util_scan_subdirs(tmp_dir, walk_isulad_tmpdir_cb, NULL);
+ if (nret != 0) {
+ ERROR("failed to scan isulad tmp subdirs");
+ }
+diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
+index 0a7309c9..e4c302bc 100644
+--- a/src/utils/tar/util_archive.c
++++ b/src/utils/tar/util_archive.c
+@@ -218,18 +218,18 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
+ isulad_tmpdir_env = DEFAULT_ISULAD_TMPDIR;
+ }
+
+- nret = snprintf(isula_tmpdir, PATH_MAX, "%s/isulad_tmpdir", isulad_tmpdir_env);
+- if (nret < 0 || (size_t)nret >= PATH_MAX) {
+- ERROR("Failed to snprintf");
++ if (realpath(isulad_tmpdir_env, cleanpath) == NULL) {
++ ERROR("Failed to get real path for %s", isula_tmpdir);
+ return -1;
+ }
+
+- if (util_clean_path(isula_tmpdir, cleanpath, sizeof(cleanpath)) == NULL) {
+- ERROR("clean path for %s failed", isula_tmpdir);
++ nret = snprintf(isula_tmpdir, PATH_MAX, "%s/isulad_tmpdir", cleanpath);
++ if (nret < 0 || (size_t)nret >= PATH_MAX) {
++ ERROR("Failed to snprintf");
+ return -1;
+ }
+
+- nret = snprintf(tmp_dir, PATH_MAX, "%s/tar-chroot-XXXXXX", cleanpath);
++ nret = snprintf(tmp_dir, PATH_MAX, "%s/tar-chroot-XXXXXX", isula_tmpdir);
+ if (nret < 0 || (size_t)nret >= PATH_MAX) {
+ ERROR("Failed to snprintf string");
+ return -1;
+@@ -247,7 +247,7 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
+ }
+
+ // ensure parent dir is exist
+- if (util_mkdir_p(cleanpath, ISULAD_TEMP_DIRECTORY_MODE) != 0) {
++ if (util_mkdir_p(isula_tmpdir, ISULAD_TEMP_DIRECTORY_MODE) != 0) {
+ return -1;
+ }
+
+--
+2.34.1
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 17:27:37 +0000