Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix denial of service with large numbers in cpuset-cpus and cpuset-mems #37967

Merged
merged 1 commit into from Oct 8, 2018
Merged

Fix denial of service with large numbers in cpuset-cpus and cpuset-mems #37967

merged 1 commit into from Oct 8, 2018

Conversation

thaJeztah
Copy link
Member

Using a value such as --cpuset-mems=1-9223372036854775807 would cause
dockerd to run out of memory allocating a map of the values in the
validation code. Set limits to the normal limit of the number of CPUs,
and improve the error handling.

Reported by Huawei PSIRT.

- Description for the changelog

* Fix denial of service with large numbers in `--cpuset-cpus` and `--cpuset-mems`

@thaJeztah
Copy link
Member Author

ping @justincormack @AkihiroSuda @vdemeester PTAL 🤗

@thaJeztah thaJeztah mentioned this pull request Oct 4, 2018
Closed
vdemeester
vdemeester reviewed Oct 4, 2018
View reviewed changes
pkg/parsers/parsers.go Outdated
@@ -31,7 +32,7 @@ func ParseKeyValueOpt(opt string) (string, string, error) {
// 03,1-3 <- this is gonna get parsed as [1,2,3]
// 3,2,1
// 0-2,3,1
func ParseUintList(val string) (map[int]bool, error) {
func ParseUintList(val string, maximum int) (map[int]bool, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we keep the signature (for not breaking downstream-dependencies) and add a new method ParsUintListMaximum or something ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, yes; I could add a new one.

@thaJeztah thaJeztah mentioned this pull request Oct 4, 2018
Merged
@codecov
Copy link

codecov bot commented Oct 4, 2018
edited

Codecov Report

❗ No coverage uploaded for pull request base (master@c77cfbf). Click here to learn what that means.
The diff coverage is 62.5%.

@@            Coverage Diff            @@
##             master   #37967   +/-   ##
=========================================
  Coverage          ?    36.1%           
=========================================
  Files             ?      610           
  Lines             ?    45155           
  Branches          ?        0           
=========================================
  Hits              ?    16302           
  Misses            ?    26612           
  Partials          ?     2241

@thaJeztah
Copy link
Member Author

@vdemeester pushed an extra commit; if it looks good, I'll squash, and update my backports 😅

vdemeester
vdemeester approved these changes Oct 4, 2018
View reviewed changes
Copy link
Member

@vdemeester vdemeester left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🐯

@justincormack @thaJeztah
Fix denial of service with large numbers in cpuset-cpus and cpuset-mems
f8e876d 
Using a value such as `--cpuset-mems=1-9223372036854775807` would cause
`dockerd` to run out of memory allocating a map of the values in the
validation code. Set limits to the normal limit of the number of CPUs,
and improve the error handling.

Reported by Huawei PSIRT.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Copy link
Member Author

Squashed; this should be ready to go

ping @justincormack PTAL

yongtang
yongtang approved these changes Oct 8, 2018
View reviewed changes
Copy link
Member

@yongtang yongtang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yongtang yongtang merged commit 2cc338c into moby:master Oct 8, 2018
@thaJeztah thaJeztah deleted the upstream_dos_fix branch October 9, 2018 01:30
runcom added a commit to projectatomic/docker that referenced this pull request Jan 18, 2019
@runcom
Fix denial of service with large numbers in cpuset-cpus and cpuset-mems
11e17d3 
Backport of moby#37967
Fix BZ https://bugzilla.redhat.com/show_bug.cgi?id=1666565

Signed-off-by: Antonio Murdaca <runcom@linux.com>
runcom added a commit to projectatomic/docker that referenced this pull request Jan 18, 2019
@runcom
Fix denial of service with large numbers in cpuset-cpus and cpuset-mems
0d829ef 
Backport of moby#37967
Fix BZ https://bugzilla.redhat.com/show_bug.cgi?id=1666565

Signed-off-by: Antonio Murdaca <runcom@linux.com>
runcom added a commit to projectatomic/docker that referenced this pull request Jan 18, 2019
@runcom
Fix denial of service with large numbers in cpuset-cpus and cpuset-mems
1185cfd 
Backport of moby#37967
Fix BZ https://bugzilla.redhat.com/show_bug.cgi?id=1666565

Signed-off-by: Antonio Murdaca <runcom@linux.com>
@tatianab tatianab mentioned this pull request Nov 8, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vdemeester vdemeester vdemeester approved these changes

@yongtang yongtang yongtang approved these changes

Assignees
No one assigned
Labels
impact/changelog status/4-merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@thaJeztah @vdemeester @yongtang @GordonTheTurtle @justincormack