SHA256
1
0
forked from pool/docker
docker/fix_cgroup.parent_path_sanitisation.patch
Jordi Massaguer 91c98f7c10 Review patches:
- remove docker_remove_jornald....patch because we suse dyngccgo instead of dynbinary
- replace gcc-go-bulid-static-libgo.patch by gcc-go-patches which patches dyngccgo instea of dynbinary
- add fix-ppc64le.patch to fix ppc64le build
- fix_bnc_958255.patch: fix Docker creates strange apparmor profile
  (bnc#958255)
- use_fs_cgroups_by_default.patch: Use fs cgroups by default:
   419fd7449f
- fix_cgroup.parent_path_sanitisation.patch: fix cgroup.Parent path
  sanitisation:
   bf899fef45

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=51
2016-01-20 18:58:55 +00:00

68 lines
2.7 KiB
Diff

diff --git a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
index a0a93a4..da31d06 100644
--- a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
+++ b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
@@ -216,12 +216,39 @@ func (m *Manager) GetPids() ([]int, error) {
return cgroups.GetPids(dir)
}
+// pathClean makes a path safe for use with filepath.Join. This is done by not
+// only cleaning the path, but also (if the path is relative) adding a leading
+// '/' and cleaning it (then removing the leading '/'). This ensures that a
+// path resulting from prepending another path will always resolve to lexically
+// be a subdirectory of the prefixed path. This is all done lexically, so paths
+// that include symlinks won't be safe as a result of using pathClean.
+func pathClean(path string) string {
+ // Ensure that all paths are cleaned (especially problematic ones like
+ // "/../../../../../" which can cause lots of issues).
+ path = filepath.Clean(path)
+
+ // If the path isn't absolute, we need to do more processing to fix paths
+ // such as "../../../../<etc>/some/path". We also shouldn't convert absolute
+ // paths to relative ones.
+ if !filepath.IsAbs(path) {
+ path = filepath.Clean(string(os.PathSeparator) + path)
+ // This can't fail, as (by definition) all paths are relative to root.
+ path, _ = filepath.Rel(string(os.PathSeparator), path)
+ }
+
+ // Clean the path again for good measure.
+ return filepath.Clean(path)
+}
+
func getCgroupData(c *configs.Cgroup, pid int) (*data, error) {
root, err := getCgroupRoot()
if err != nil {
return nil, err
}
+ // Clean the parent slice path.
+ c.Parent = pathClean(c.Parent)
+
cgroup := c.Name
if c.Parent != "" {
cgroup = filepath.Join(c.Parent, cgroup)
diff --git a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go
index f3ec2c3..0b13115 100644
--- a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go
+++ b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/fs/cpuset.go
@@ -4,6 +4,7 @@ package fs
import (
"bytes"
+ "fmt"
"io/ioutil"
"os"
"path/filepath"
@@ -92,6 +93,10 @@ func (s *CpusetGroup) ensureParent(current, root string) error {
if filepath.Clean(parent) == root {
return nil
}
+ // Avoid infinite recursion.
+ if parent == current {
+ return fmt.Errorf("cpuset: cgroup parent path outside cgroup root")
+ }
if err := s.ensureParent(parent, root); err != nil {
return err
}