conf: safely retrieve path of slave device

openpty() is a horrible function that uses strcpy() into the char *name
argument if name != NULL. We can't rely on the path being sane in all cases so
let's split out the name retrieval to ttyname_r().

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 8ba5fa8339006a423421ef21f206a64396d902fb..0f02e400c568d7eaeff2ddcad386ad79054b880a 100644 (file)
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -971,15 +971,22 @@ int lxc_allocate_ttys(struct lxc_conf *conf)
 
                tty->master = -EBADF;
                tty->slave = -EBADF;
-               ret = openpty(&tty->master, &tty->slave,
-                             tty->name, NULL, NULL);
-               if (ret) {
+               ret = openpty(&tty->master, &tty->slave, NULL, NULL, NULL);
+               if (ret < 0) {
                        SYSERROR("Failed to create tty %d", i);
                        ttys->max = i;
                        lxc_delete_tty(ttys);
                        return -ENOTTY;
                }
 
+               ret = ttyname_r(tty->slave, tty->name, sizeof(tty->name));
+               if (ret < 0) {
+                       SYSERROR("Failed to retrieve name of tty %d slave", i);
+                       ttys->max = i;
+                       lxc_delete_tty(ttys);
+                       return -ENOTTY;
+               }
+
                DEBUG("Created tty \"%s\" with master fd %d and slave fd %d",
                      tty->name, tty->master, tty->slave);