From 21d08eaa675ff90a09f7f03f4bb31a0548bba246 Mon Sep 17 00:00:00 2001
From: Robert Swiecki <robert@swiecki.net>
Date: Sat, 7 Oct 2017 00:18:21 +0200
Subject: [PATCH] config: make config static so we can get rid of strdup()

---
 Makefile  |  3 +--
 cmdline.c |  2 +-
 common.h  |  4 ++--
 config.cc | 47 +++++++++++++++++++++++++----------------------
 mount.c   | 34 ++++++++++++++++++++++------------
 mount.h   |  8 +++++++-
 subproc.c |  4 ++--
 7 files changed, 60 insertions(+), 42 deletions(-)

diff --git a/Makefile b/Makefile
index c469d21..7bce4a6 100644
--- a/Makefile
+++ b/Makefile
@@ -114,5 +114,4 @@ user.o: user.h common.h log.h subproc.h util.h
 util.o: util.h common.h log.h
 uts.o: uts.h common.h log.h
 cpu.o: cpu.h common.h log.h util.h
-config.o: common.h caps.h config.h log.h mount.h user.h util.h config.pb.h
-config.pb.o: config.pb.h
+config.o: common.h caps.h cmdline.h config.h log.h mount.h user.h util.h
diff --git a/cmdline.c b/cmdline.c
index f7c35ba..b1498cd 100644
--- a/cmdline.c
+++ b/cmdline.c
@@ -820,7 +820,7 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
 	}
 
 	if (argv[optind]) {
-		nsjconf->argv = &argv[optind];
+		nsjconf->argv = (const char *const *)&argv[optind];
 	}
 	if (nsjconf->argv == NULL || nsjconf->argv[0] == NULL) {
 		cmdlineUsage(argv[0]);
diff --git a/common.h b/common.h
index cdbdd38..632b2af 100644
--- a/common.h
+++ b/common.h
@@ -103,7 +103,7 @@ enum ns_mode_t {
 };
 
 struct charptr_t {
-	char *val;
+	const char *val;
 	 TAILQ_ENTRY(charptr_t)
 	 pointers;
 };
@@ -122,7 +122,7 @@ struct nsjconf_t {
 	const char *exec_file;
 	const char *hostname;
 	const char *cwd;
-	char *const *argv;
+	const char *const *argv;
 	int port;
 	const char *bindhost;
 	int log_fd;
diff --git a/config.cc b/config.cc
index 4d13176..d49cfdd 100644
--- a/config.cc
+++ b/config.cc
@@ -42,10 +42,11 @@ extern "C" {
 #include <google/protobuf/io/zero_copy_stream_impl.h>
 #include <google/protobuf/text_format.h>
 #include <string>
+#include <vector>
 
 #include "config.pb.h"
 
-#define DUP_IF_SET(njc, val) (njc.has_##val() ? utilStrDup(njc.val().c_str()) : NULL)
+#define DUP_IF_SET(njc, val) (njc.has_##val() ? njc.val().c_str() : NULL)
 
 static __rlim64_t configRLimit(int res, const nsjail::RLimit& rl, const uint64_t val, unsigned long mul = 1UL)
 {
@@ -87,10 +88,10 @@ static bool configParseInternal(struct nsjconf_t* nsjconf,
     }
     nsjconf->chroot = DUP_IF_SET(njc, chroot_dir);
     nsjconf->is_root_rw = njc.is_root_rw();
-    nsjconf->hostname = utilStrDup(njc.hostname().c_str());
-    nsjconf->cwd = utilStrDup(njc.cwd().c_str());
+    nsjconf->hostname = njc.hostname().c_str();
+    nsjconf->cwd = njc.cwd().c_str();
     nsjconf->port = njc.port();
-    nsjconf->bindhost = utilStrDup(njc.bindhost().c_str());
+    nsjconf->bindhost = njc.bindhost().c_str();
     nsjconf->max_conns_per_ip = njc.max_conns_per_ip();
     nsjconf->tlimit = njc.time_limit();
     nsjconf->max_cpus = njc.max_cpus();
@@ -132,7 +133,7 @@ static bool configParseInternal(struct nsjconf_t* nsjconf,
     nsjconf->keep_env = njc.keep_env();
     for (ssize_t i = 0; i < njc.envar_size(); i++) {
         struct charptr_t* p = reinterpret_cast<charptr_t*>(utilMalloc(sizeof(struct charptr_t)));
-        p->val = utilStrDup(njc.envar(i).c_str());
+        p->val = njc.envar(i).c_str();
         TAILQ_INSERT_TAIL(&nsjconf->envs, p, pointers);
     }
 
@@ -219,8 +220,10 @@ static bool configParseInternal(struct nsjconf_t* nsjconf,
         flags |= njc.mount(i).is_bind() ? (MS_BIND | MS_REC) : 0;
         bool mandatory = njc.mount(i).mandatory();
 
-        const bool isDir = (njc.mount(i).has_is_dir() && njc.mount(i).is_dir()) ? true : false;
-        const bool* isDirPtr = (njc.mount(i).has_is_dir()) ? &isDir : NULL;
+        isDir_t isDir = NS_DIR_MAYBE;
+        if (njc.mount(i).has_is_dir()) {
+            isDir = njc.mount(i).is_dir() ? NS_DIR_YES : NS_DIR_NO;
+        }
 
         const char* src_content = NULL;
         size_t src_content_len = 0;
@@ -229,7 +232,7 @@ static bool configParseInternal(struct nsjconf_t* nsjconf,
             src_content_len = njc.mount(i).src_content().size();
         }
 
-        if (mountAddMountPt(nsjconf, src, dst, fstype, options, flags, isDirPtr,
+        if (mountAddMountPt(nsjconf, src, dst, fstype, options, flags, isDir,
                 mandatory, src_env, dst_env, src_content,
                 src_content_len, njc.mount(i).is_symlink())
             == false) {
@@ -255,31 +258,31 @@ static bool configParseInternal(struct nsjconf_t* nsjconf,
         : NULL;
 
     nsjconf->cgroup_mem_max = njc.cgroup_mem_max();
-    nsjconf->cgroup_mem_mount = utilStrDup(njc.cgroup_mem_mount().c_str());
-    nsjconf->cgroup_mem_parent = utilStrDup(njc.cgroup_mem_parent().c_str());
+    nsjconf->cgroup_mem_mount = njc.cgroup_mem_mount().c_str();
+    nsjconf->cgroup_mem_parent = njc.cgroup_mem_parent().c_str();
     nsjconf->cgroup_pids_max = njc.cgroup_pids_max();
-    nsjconf->cgroup_pids_mount = utilStrDup(njc.cgroup_pids_mount().c_str());
-    nsjconf->cgroup_pids_parent = utilStrDup(njc.cgroup_pids_parent().c_str());
+    nsjconf->cgroup_pids_mount = njc.cgroup_pids_mount().c_str();
+    nsjconf->cgroup_pids_parent = njc.cgroup_pids_parent().c_str();
 
     nsjconf->iface_no_lo = njc.iface_no_lo();
     nsjconf->iface_vs = DUP_IF_SET(njc, macvlan_iface);
-    nsjconf->iface_vs_ip = utilStrDup(njc.macvlan_vs_ip().c_str());
-    nsjconf->iface_vs_nm = utilStrDup(njc.macvlan_vs_nm().c_str());
-    nsjconf->iface_vs_gw = utilStrDup(njc.macvlan_vs_gw().c_str());
+    nsjconf->iface_vs_ip = njc.macvlan_vs_ip().c_str();
+    nsjconf->iface_vs_nm = njc.macvlan_vs_nm().c_str();
+    nsjconf->iface_vs_gw = njc.macvlan_vs_gw().c_str();
 
     if (njc.has_exec_bin()) {
-        char** argv = reinterpret_cast<char**>(utilCalloc(sizeof(const char*) * (njc.exec_bin().arg().size() + 2)));
+			std::vector<const char*>* argv = new std::vector<const char*>;
         if (njc.exec_bin().has_arg0()) {
-            argv[0] = utilStrDup(njc.exec_bin().arg0().c_str());
+            argv->push_back(njc.exec_bin().arg0().c_str());
         } else {
-            argv[0] = utilStrDup(njc.exec_bin().path().c_str());
+            argv->push_back(njc.exec_bin().path().c_str());
         }
         for (ssize_t i = 0; i < njc.exec_bin().arg().size(); i++) {
-            argv[i + 1] = utilStrDup(njc.exec_bin().arg(i).c_str());
+            argv->push_back(njc.exec_bin().arg(i).c_str());
         }
-        argv[njc.exec_bin().arg().size() + 1] = NULL;
+        argv->push_back(nullptr);
         nsjconf->exec_file = DUP_IF_SET(njc.exec_bin(), path);
-        nsjconf->argv = argv;
+        nsjconf->argv = argv->data();
     }
 
     return true;
@@ -304,7 +307,7 @@ extern "C" bool configParse(struct nsjconf_t* nsjconf, const char* file)
     google::protobuf::io::FileInputStream input(fd);
     input.SetCloseOnDelete(true);
 
-    nsjail::NsJailConfig nsc;
+    static nsjail::NsJailConfig nsc;
 
     auto parser = google::protobuf::TextFormat::Parser();
 
diff --git a/mount.c b/mount.c
index 91c1c79..08f95a9 100644
--- a/mount.c
+++ b/mount.c
@@ -411,7 +411,7 @@ bool mountInitNs(struct nsjconf_t * nsjconf)
 }
 
 bool mountAddMountPt(struct nsjconf_t * nsjconf, const char *src, const char *dst,
-		     const char *fstype, const char *options, uintptr_t flags, const bool * isDir,
+		     const char *fstype, const char *options, uintptr_t flags, isDir_t isDir,
 		     bool mandatory, const char *src_env, const char *dst_env,
 		     const char *src_content, size_t src_content_len, bool is_symlink)
 {
@@ -452,18 +452,28 @@ bool mountAddMountPt(struct nsjconf_t * nsjconf, const char *src, const char *ds
 	p->isSymlink = is_symlink;
 	p->mandatory = mandatory;
 
-	if (isDir) {
-		p->isDir = *isDir;
-	} else {
-		if (src_content) {
-			p->isDir = false;
-		} else if (p->src == NULL) {
-			p->isDir = true;
-		} else if (p->flags & MS_BIND) {
-			p->isDir = mountIsDir(p->src);
-		} else {
-			p->isDir = true;
+	switch (isDir) {
+	case NS_DIR_YES:
+		p->isDir = true;
+		break;
+	case NS_DIR_NO:
+		p->isDir = false;
+		break;
+	case NS_DIR_MAYBE:{
+			if (src_content) {
+				p->isDir = false;
+			} else if (p->src == NULL) {
+				p->isDir = true;
+			} else if (p->flags & MS_BIND) {
+				p->isDir = mountIsDir(p->src);
+			} else {
+				p->isDir = true;
+			}
 		}
+		break;
+	default:
+		LOG_F("Unknown isDir value: %d", isDir);
+		break;
 	}
 
 	p->src_content = utilMemDup((const uint8_t *)src_content, src_content_len);
diff --git a/mount.h b/mount.h
index be9633f..c4deb0c 100644
--- a/mount.h
+++ b/mount.h
@@ -26,11 +26,17 @@
 
 #include "common.h"
 
+typedef enum {
+	NS_DIR_NO = 0,
+	NS_DIR_YES,
+	NS_DIR_MAYBE,
+} isDir_t;
+
 const char *mountFlagsToStr(uintptr_t flags);
 bool mountIsDir(const char *path);
 bool mountInitNs(struct nsjconf_t *nsjconf);
 bool mountAddMountPt(struct nsjconf_t *nsjconf, const char *src, const char *dst,
-		     const char *fstype, const char *options, uintptr_t flags, const bool * isDir,
+		     const char *fstype, const char *options, uintptr_t flags, isDir_t isDir,
 		     bool mandatory, const char *src_env, const char *dst_env,
 		     const char *src_content, size_t src_content_len, bool is_symlink);
 const char *mountDescribeMountPt(struct mounts_t *mpt);
diff --git a/subproc.c b/subproc.c
index 9243bb4..c556a72 100644
--- a/subproc.c
+++ b/subproc.c
@@ -148,7 +148,7 @@ static int subprocNewProc(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int
 	}
 	struct charptr_t *p;
 	TAILQ_FOREACH(p, &nsjconf->envs, pointers) {
-		putenv(p->val);
+		putenv((char *)p->val);
 	}
 
 	char cs_addr[64];
@@ -163,7 +163,7 @@ static int subprocNewProc(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int
 	if (sandboxApply(nsjconf) == false) {
 		exit(0xff);
 	}
-	execv(nsjconf->exec_file, &nsjconf->argv[0]);
+	execv(nsjconf->exec_file, (char *const *)&nsjconf->argv[0]);
 
 	PLOG_E("execve('%s') failed", nsjconf->exec_file);