jail: guard boolean blobmsg attributes

ujail tried to parse boolean values in config.json even if they were not present which lead to segfaults. Check if booleans are actually present before trying to parse them. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
author: Daniel Golle 2020-10-27 22:15:09 +0000
committer: Daniel Golle 2020-10-28 13:45:46 +0000
commit: 2f381fe51c21fe195389ef11bff116362bc1915f (patch)
tree: e8f9aa64560ef49cd790cdee916fd3c89191ce30
parent: 33b799b94c38fd2d3961b465a8114e384573a6d6 (diff)
download: procd-2f381fe51c21fe195389ef11bff116362bc1915f.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/jail/jail.c b/jail/jail.c
index 9f806b5..757f6cf 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1323,7 +1323,8 @@ static int parseOCIroot(const char *jsonfile, struct blob_attr *msg)
 
 	opts.extroot = rootpath;
 
-	opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
+	if (tb[OCI_ROOT_READONLY])
+		opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
 
 	return 0;
 }
@@ -1669,8 +1670,11 @@ static int parseOCIprocess(struct blob_attr *msg)
 	if (res)
 		return res;
 
-	opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
-	opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
+	if (tb[OCI_PROCESS_TERMINAL])
+		opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
+
+	if (tb[OCI_PROCESS_NONEWPRIVILEGES])
+		opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
 
 	if (tb[OCI_PROCESS_CWD])
 		opts.cwd = strdup(blobmsg_get_string(tb[OCI_PROCESS_CWD]));
author	Daniel Golle	2020-10-27 22:15:09 +0000
committer	Daniel Golle	2020-10-28 13:45:46 +0000
commit	2f381fe51c21fe195389ef11bff116362bc1915f (patch)
tree	e8f9aa64560ef49cd790cdee916fd3c89191ce30
parent	33b799b94c38fd2d3961b465a8114e384573a6d6 (diff)
download	procd-2f381fe51c21fe195389ef11bff116362bc1915f.tar.gz