Commit 0ae4f887 ("lxc: introduce lxc_execute()" - Greg Kurz) introduced
a regression with the use of lxc-execute for containers with large
argument lists. In lxc-0.7.5, the following command produced 100000
lines of output:
lxc-execute -n test -- /usr/bin/printf '%s\n' {1..100000}
In lxc-0.8.0-rc2, the same command produces no output. Running strace
reveals that a child of lxc-execute receives a segmentation fault before
it starts lxc-init. The crash occurs because the new function allocates
too few elements for the argv of the child, so a long argument list
causes it to trash the heap. Given a large enough argument list, it
will run off the end of the heap and access an unmapped page, causing a
segmentation fault.
I have a patch for this posted in my master branch on GitHub:
https://github.com/kevin-dot-pyle/lxc
The following changes since commit ed55bf5203aca88809d979b289d6b2280a18e79c:
lxc-0.8.0-rc2 (2012-03-20 23:27:47 +0100)
are available in the git repository at:
git://github.com/kevin-dot-pyle/lxc.git master
Kevin Pyle (4):
conf: make struct config const
network: make lxc_ipv{4,6}_addr_add const correct
log: make locinfo static const
execute: fix argument counting regression from 0ae4f887
src/lxc/confile.c | 8 ++++----
src/lxc/execute.c | 5 ++++-
src/lxc/log.h | 24 ++++++++++++------------
src/lxc/network.c | 12 ++++++------
src/lxc/network.h | 10 +++++-----
5 files changed, 31 insertions(+), 28 deletions(-)
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
