diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-02-03 17:36:36 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-03 17:36:36 -0500 |
| commit | 82081e8112ab14d08815ac77b76a78d465e4c7b3 (patch) | |
| tree | 2aaf7614f285e2f5e3794234d0aa67bb27781c1c /pkg | |
| parent | c2a298ea933b7860c8c1f8fda8946a19d214152c (diff) | |
| parent | f11aabd3e04aa68ddb35c3d1f90d50afb4d185c2 (diff) | |
| download | podman-82081e8112ab14d08815ac77b76a78d465e4c7b3.tar.gz podman-82081e8112ab14d08815ac77b76a78d465e4c7b3.tar.bz2 podman-82081e8112ab14d08815ac77b76a78d465e4c7b3.zip | |
Merge pull request #9225 from mheon/fix_CVE-2021-20199_30
Fix CVE-2021-20199 for Podman v3.0
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/rootlessport/rootlessport_linux.go | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/pkg/rootlessport/rootlessport_linux.go b/pkg/rootlessport/rootlessport_linux.go index c686d80fc..80e1309a5 100644 --- a/pkg/rootlessport/rootlessport_linux.go +++ b/pkg/rootlessport/rootlessport_linux.go @@ -48,6 +48,7 @@ type Config struct { ExitFD int ReadyFD int TmpDir string + ChildIP string } func init() { @@ -227,7 +228,7 @@ outer: // let parent expose ports logrus.Infof("exposing ports %v", cfg.Mappings) - if err := exposePorts(driver, cfg.Mappings); err != nil { + if err := exposePorts(driver, cfg.Mappings, cfg.ChildIP); err != nil { return err } @@ -248,7 +249,7 @@ outer: return nil } -func exposePorts(pm rkport.Manager, portMappings []ocicni.PortMapping) error { +func exposePorts(pm rkport.Manager, portMappings []ocicni.PortMapping, childIP string) error { ctx := context.TODO() for _, i := range portMappings { hostIP := i.HostIP @@ -260,6 +261,7 @@ func exposePorts(pm rkport.Manager, portMappings []ocicni.PortMapping) error { ParentIP: hostIP, ParentPort: int(i.HostPort), ChildPort: int(i.ContainerPort), + ChildIP: childIP, } if err := rkportutil.ValidatePortSpec(spec, nil); err != nil { return err |