diff options
| author | Matthew Heon <matthew.heon@pm.me> | 2019-03-10 12:08:24 -0400 |
|---|---|---|
| committer | Matthew Heon <matthew.heon@pm.me> | 2019-03-10 12:14:54 -0400 |
| commit | 7f0128ac333b2d71c7edb11465b933dedc9accf7 (patch) | |
| tree | 2ab4141cb596bbcd04cde6fa9aad01859f464b89 | |
| parent | d95f97a63e03b4602ffeb80acb746fa6dfa6f7a1 (diff) | |
| download | podman-7f0128ac333b2d71c7edb11465b933dedc9accf7.tar.gz podman-7f0128ac333b2d71c7edb11465b933dedc9accf7.tar.bz2 podman-7f0128ac333b2d71c7edb11465b933dedc9accf7.zip | |
Fix a potential segfault during infra container create
I was seeing some segfaults where image config was being passed
as nil, causing a nil dereference segfault. Fix the apparent
cause and add some safety fencing to try and ensure it doesn't
happen again.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| -rw-r--r-- | libpod/runtime_pod_infra_linux.go | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go index 81579db4b..71328905b 100644 --- a/libpod/runtime_pod_infra_linux.go +++ b/libpod/runtime_pod_infra_linux.go @@ -31,17 +31,24 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, imgID isRootless := rootless.IsRootless() entryCmd := []string{r.config.InfraCommand} - // default to entrypoint in image if there is one - if len(config.Entrypoint) > 0 { - entryCmd = config.Entrypoint + if config == nil { + } - if len(config.Env) > 0 { - for _, nameValPair := range config.Env { - nameValSlice := strings.Split(nameValPair, "=") - if len(nameValSlice) < 2 { - return nil, errors.Errorf("Invalid environment variable structure in pause image") + // I've seen circumstances where config is being passed as nil. + // Let's err on the side of safety and make sure it's safe to use. + if config != nil { + // default to entrypoint in image if there is one + if len(config.Entrypoint) > 0 { + entryCmd = config.Entrypoint + } + if len(config.Env) > 0 { + for _, nameValPair := range config.Env { + nameValSlice := strings.Split(nameValPair, "=") + if len(nameValSlice) < 2 { + return nil, errors.Errorf("Invalid environment variable structure in pause image") + } + g.AddProcessEnv(nameValSlice[0], nameValSlice[1]) } - g.AddProcessEnv(nameValSlice[0], nameValSlice[1]) } } @@ -97,5 +104,5 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, imageName := newImage.Names()[0] imageID := data.ID - return r.makeInfraContainer(ctx, p, imageName, imageID, newImage.Config) + return r.makeInfraContainer(ctx, p, imageName, imageID, data.Config) } |