From: Daniel Golle <daniel@makrotopia.org>
Date: Tue, 27 Oct 2020 22:15:09 +0000 (+0000)
Subject: jail: guard boolean blobmsg attributes
X-Git-Url: http://git.openwrt.org/?p=project%2Fprocd.git;a=commitdiff_plain;h=2f381fe51c21fe195389ef11bff116362bc1915f

jail: guard boolean blobmsg attributes

ujail tried to parse boolean values in config.json even if they were
not present which lead to segfaults.
Check if booleans are actually present before trying to parse them.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---

diff --git a/jail/jail.c b/jail/jail.c
index 9f806b5..757f6cf 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1323,7 +1323,8 @@ static int parseOCIroot(const char *jsonfile, struct blob_attr *msg)
 
 	opts.extroot = rootpath;
 
-	opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
+	if (tb[OCI_ROOT_READONLY])
+		opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
 
 	return 0;
 }
@@ -1669,8 +1670,11 @@ static int parseOCIprocess(struct blob_attr *msg)
 	if (res)
 		return res;
 
-	opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
-	opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
+	if (tb[OCI_PROCESS_TERMINAL])
+		opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
+
+	if (tb[OCI_PROCESS_NONEWPRIVILEGES])
+		opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
 
 	if (tb[OCI_PROCESS_CWD])
 		opts.cwd = strdup(blobmsg_get_string(tb[OCI_PROCESS_CWD]));