jail: guard boolean blobmsg attributes

ujail tried to parse boolean values in config.json even if they were
not present which lead to segfaults.
Check if booleans are actually present before trying to parse them.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

diff --git a/jail/jail.c b/jail/jail.c
index 9f806b579be346c81bcea4bec00dceb3425c0f41..757f6cfc1a5824c85309ed295787294180056481 100644 (file)
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -1323,7 +1323,8 @@ static int parseOCIroot(const char *jsonfile, struct blob_attr *msg)
 
        opts.extroot = rootpath;
 
-       opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
+       if (tb[OCI_ROOT_READONLY])
+               opts.ronly = blobmsg_get_bool(tb[OCI_ROOT_READONLY]);
 
        return 0;
 }
@@ -1669,8 +1670,11 @@ static int parseOCIprocess(struct blob_attr *msg)
        if (res)
                return res;
 
-       opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
-       opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
+       if (tb[OCI_PROCESS_TERMINAL])
+               opts.console = blobmsg_get_bool(tb[OCI_PROCESS_TERMINAL]);
+
+       if (tb[OCI_PROCESS_NONEWPRIVILEGES])
+               opts.no_new_privs = blobmsg_get_bool(tb[OCI_PROCESS_NONEWPRIVILEGES]);
 
        if (tb[OCI_PROCESS_CWD])
                opts.cwd = strdup(blobmsg_get_string(tb[OCI_PROCESS_CWD]));