Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CRI stream server: Fix goroutine leak in Exec
In the CRI streaming server, a goroutine (`handleResizeEvents`) is launched to handle terminal resize events if a TTY is asked for with an exec; this is the sender of terminal resize events. Another goroutine is launched shortly after successful process startup to actually do something with these events, however the issue arises if the exec process fails to start for any reason that would have `process.Start` return non-nil. The receiver goroutine never gets launched so the sender is stuck blocked on a channel send infinitely. This could be used in a malicious manner by repeatedly launching execs with a command that doesn't exist in the image, as a single goroutine will get leaked on every invocation which will slowly grow containerd's memory usage. Signed-off-by: Danny Canter <danny@dcantah.dev> (cherry picked from commit f012617)
- Loading branch information