confile: sanity-check netdev->type before setting netdev->priv elements

The netdev->priv is shared for the netdev types.  A bad config file
could mix configuration for different types, resulting in a bad
netdev->priv when starting or even destroying a container.  So sanity
check the netdev->type before setting a netdev->priv element.

This should fix https://github.com/lxc/lxc/issues/254

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 69d1bb667632b4abcd0f5c4733fea409127b58c6..42b29d151149702eec3da46ed592338ad7c88eb0 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -595,6 +595,10 @@ static int config_network_veth_pair(const char *key, const char *value,
        if (!netdev)
                return -1;
 
+       if (netdev->type != LXC_NET_VETH) {
+               ERROR("Invalid veth pair for a non-veth netdev")
+               return -1;
+       }
        return network_ifname(&netdev->priv.veth_attr.pair, value);
 }
 
@@ -607,6 +611,10 @@ static int config_network_macvlan_mode(const char *key, const char *value,
        if (!netdev)
                return -1;
 
+       if (netdev->type != LXC_NET_MACVLAN) {
+               ERROR("Invalid macvlan.mode for a non-macvlan netdev")
+               return -1;
+       }
        return macvlan_mode(&netdev->priv.macvlan_attr.mode, value);
 }
 
@@ -647,6 +655,10 @@ static int config_network_vlan_id(const char *key, const char *value,
        if (!netdev)
                return -1;
 
+       if (netdev->type != LXC_NET_VLAN) {
+               ERROR("Invalid vlan.id for a non-macvlan netdev")
+               return -1;
+       }
        if (get_u16(&netdev->priv.vlan_attr.vid, value, 0))
                return -1;