diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | isolation.c | 2 | ||||
| -rw-r--r-- | udp_flow.c | 11 |
3 files changed, 12 insertions, 3 deletions
@@ -32,7 +32,7 @@ endif FLAGS := -Wall -Wextra -Wno-format-zero-length -Wformat-security FLAGS += -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE -FLAGS += $(FORTIFY_FLAG) -O2 -pie -fPIE +FLAGS += $(FORTIFY_FLAG) -g -Og -pie -fPIE FLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE) FLAGS += -DVERSION=\"$(VERSION)\" FLAGS += -DDUAL_STACK_SOCKETS=$(DUAL_STACK_SOCKETS) diff --git a/isolation.c b/isolation.c index c944fb3..72d8513 100644 --- a/isolation.c +++ b/isolation.c @@ -377,8 +377,6 @@ void isolate_postfork(const struct ctx *c) { struct sock_fprog prog; - prctl(PR_SET_DUMPABLE, 0); - switch (c->mode) { case MODE_PASST: prog.len = (unsigned short)ARRAY_SIZE(filter_passt); @@ -32,6 +32,17 @@ struct udp_flow *udp_at_sidx(flow_sidx_t sidx) if (!flow) return NULL; + if (flow->f.type != FLOW_UDP) { + union flow *next = &flowtab[++flow_first_free]; + + err("=== Podman issue #26073, index: %i", FLOW_IDX(flow)); + err("=== state: %i, type: %i", flow->f.state, flow->f.type); + err("=== n: %i, next: %i", next->free.n, next->free.next); + flow_err(flow, ""); + flow_err_details(flow); + ASSERT(false); + } + ASSERT(flow->f.type == FLOW_UDP); return &flow->udp; } |