From c6af9a11dbec772ac8a9d204df1bc730c396310f Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 29 Jul 2016 11:58:01 +0200 Subject: [PATCH] patch: conf: set pty_info to NULL after free This is upstream and will be in the next release. --- ...conf-set-pty_info-to-NULL-after-free.patch | 30 +++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 debian/patches/0001-conf-set-pty_info-to-NULL-after-free.patch diff --git a/debian/patches/0001-conf-set-pty_info-to-NULL-after-free.patch b/debian/patches/0001-conf-set-pty_info-to-NULL-after-free.patch new file mode 100644 index 0000000..795ad9c --- /dev/null +++ b/debian/patches/0001-conf-set-pty_info-to-NULL-after-free.patch @@ -0,0 +1,30 @@ +From e00c024230e457a0f37ea5c90bd8caac0c30020e Mon Sep 17 00:00:00 2001 +From: Wolfgang Bumiller +Date: Thu, 28 Jul 2016 11:52:18 +0200 +Subject: [PATCH] conf: set pty_info to NULL after free + +This fixes a double free corruption on container-requested +reboots when lxc_spawn() fails before receiving the ttys, as +lxc_fini() (part of __lxc_start()'s cleanup) calls +lxc_delete_tty(). + +Signed-off-by: Wolfgang Bumiller +--- + src/lxc/conf.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/lxc/conf.c b/src/lxc/conf.c +index 48a2978..1e330ac 100644 +--- a/src/lxc/conf.c ++++ b/src/lxc/conf.c +@@ -3327,6 +3327,7 @@ void lxc_delete_tty(struct lxc_tty_info *tty_info) + } + + free(tty_info->pty_info); ++ tty_info->pty_info = NULL; + tty_info->nbtty = 0; + } + +-- +2.1.4 + diff --git a/debian/patches/series b/debian/patches/series index 3737812..72bfbb4 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ include-linux-sched.patch use-var-lib-vz-as-default-dir.patch #do-not-use-config-path-for-rootfs.patch run-lxcnetaddbr.patch +0001-conf-set-pty_info-to-NULL-after-free.patch