diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2024-12-11 00:13:39 +0100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2024-12-11 12:21:23 +0100 |
| commit | 09478d55fe1a21f8c55902399df84d13867e71be (patch) | |
| tree | 2da5e56ad80f2fb0d47b278d1eb1d4ebf9978f92 /conf.c | |
| parent | e24f0262229a1f9c673dca3452ad103cbe06b866 (diff) | |
| download | passt-09478d55fe1a21f8c55902399df84d13867e71be.tar passt-09478d55fe1a21f8c55902399df84d13867e71be.tar.gz passt-09478d55fe1a21f8c55902399df84d13867e71be.tar.bz2 passt-09478d55fe1a21f8c55902399df84d13867e71be.tar.lz passt-09478d55fe1a21f8c55902399df84d13867e71be.tar.xz passt-09478d55fe1a21f8c55902399df84d13867e71be.tar.zst passt-09478d55fe1a21f8c55902399df84d13867e71be.zip | |
treewide: Dodge dynamic memory allocation in strerror() from glibc > 2.402024_12_11.09478d5
With glibc commit 25a5eb4010df ("string: strerror, strsignal cannot
use buffer after dlmopen (bug 32026)"), strerror() now needs, at least
on x86, the getrandom() and brk() system calls, in order to fill in
the locale-translated error message. But getrandom() and brk() are not
allowed by our seccomp profiles.
This became visible on Fedora Rawhide with the "podman login and
logout" Podman tests, defined at test/e2e/login_logout_test.go in the
Podman source tree, where pasta would terminate upon printing error
descriptions (at least the ones related to the SO_ERROR queue for
spliced connections).
Avoid dynamic memory allocation by calling strerrordesc_np() instead,
which is a GNU function returning a static, untranslated version of
the error description. If it's not available, keep calling strerror(),
which at that point should be simple enough as to be usable (at least,
that's currently the case for musl).
Reported-by: Paul Holzinger <pholzing@redhat.com>
Link: https://github.com/containers/podman/issues/24804
Analysed-by: Paul Holzinger <pholzing@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Paul Holzinger <pholzing@redhat.com>
Diffstat (limited to 'conf.c')
| -rw-r--r-- | conf.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -365,7 +365,7 @@ mode_conflict: die("Port forwarding mode '%s' conflicts with previous mode", optarg); bind_fail: die("Failed to bind port %u (%s) for option '-%c %s', exiting", - i, strerror(-ret), optname, optarg); + i, strerror_(-ret), optname, optarg); bind_all_fail: die("Failed to bind any port for '-%c %s', exiting", optname, optarg); } @@ -655,7 +655,7 @@ static unsigned int conf_ip4(unsigned int ifi, struct ip4_ctx *ip4) &ip4->guest_gw); if (rc < 0) { debug("Couldn't discover IPv4 gateway address: %s", - strerror(-rc)); + strerror_(-rc)); return 0; } } @@ -665,7 +665,7 @@ static unsigned int conf_ip4(unsigned int ifi, struct ip4_ctx *ip4) &ip4->addr, &ip4->prefix_len, NULL); if (rc < 0) { debug("Couldn't discover IPv4 address: %s", - strerror(-rc)); + strerror_(-rc)); return 0; } } @@ -729,7 +729,7 @@ static unsigned int conf_ip6(unsigned int ifi, struct ip6_ctx *ip6) rc = nl_route_get_def(nl_sock, ifi, AF_INET6, &ip6->guest_gw); if (rc < 0) { debug("Couldn't discover IPv6 gateway address: %s", - strerror(-rc)); + strerror_(-rc)); return 0; } } @@ -738,7 +738,7 @@ static unsigned int conf_ip6(unsigned int ifi, struct ip6_ctx *ip6) IN6_IS_ADDR_UNSPECIFIED(&ip6->addr) ? &ip6->addr : NULL, &prefix_len, &ip6->our_tap_ll); if (rc < 0) { - debug("Couldn't discover IPv6 address: %s", strerror(-rc)); + debug("Couldn't discover IPv6 address: %s", strerror_(-rc)); return 0; } |