From cfca853565eeb22b0d52d2ebf0b334ae5c8fb779 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Fri, 29 Apr 2022 16:14:23 +0200
Subject: libpod: unset networks before storing container conf

Since networks must always be read from the db bucket directly we should
unset them in config to avoid caller from accidentally using them.

I already tried this but it didn't work because the networks were unset
after the config was marshalled.

[NO NEW TESTS NEEDED]

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 libpod/boltdb_state_internal.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go
index e43226490..d6f035af9 100644
--- a/libpod/boltdb_state_internal.go
+++ b/libpod/boltdb_state_internal.go
@@ -542,8 +542,12 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
 			ctr.ID(), s.namespace, ctr.config.Namespace)
 	}
 
+	// Set the original networks to nil. We can save some space by not storing it in the config
+	// since we store it in a different mutable bucket anyway.
+	configNetworks := ctr.config.Networks
+	ctr.config.Networks = nil
+
 	// JSON container structs to insert into DB
-	// TODO use a higher-performance struct encoding than JSON
 	configJSON, err := json.Marshal(ctr.config)
 	if err != nil {
 		return errors.Wrapf(err, "error marshalling container %s config to JSON", ctr.ID())
@@ -564,8 +568,8 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
 	}
 
 	// make sure to marshal the network options before we get the db lock
-	networks := make(map[string][]byte, len(ctr.config.Networks))
-	for net, opts := range ctr.config.Networks {
+	networks := make(map[string][]byte, len(configNetworks))
+	for net, opts := range configNetworks {
 		// Check that we don't have any empty network names
 		if net == "" {
 			return errors.Wrapf(define.ErrInvalidArg, "network names cannot be an empty string")
@@ -581,9 +585,6 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error {
 		}
 		networks[net] = optBytes
 	}
-	// Set the original value to nil. We can safe some space by not storing it in the config
-	// since we store it in a different mutable bucket anyway.
-	ctr.config.Networks = nil
 
 	db, err := s.getDBCon()
 	if err != nil {
-- 
cgit v1.2.3-54-g00ecf