f3cdfc488e
runc rc95 contains a fix for CVE-2021-30465. runc rc94 provides fixes and improvements. One notable change is cgroup manager's Set now accept Resources rather than Cgroup (see https://github.com/opencontainers/runc/pull/2906). Modify the code accordingly. Also update runc dependencies (as hinted by hack/lint-depdendencies.sh): github.com/cilium/ebpf v0.5.0 github.com/containerd/console v1.0.2 github.com/coreos/go-systemd/v22 v22.3.1 github.com/godbus/dbus/v5 v5.0.4 github.com/moby/sys/mountinfo v0.4.1 golang.org/x/sys v0.0.0-20210426230700-d19ff857e887 github.com/google/go-cmp v0.5.4 github.com/kr/pretty v0.2.1 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
53 lines
963 B
Go
53 lines
963 B
Go
package internal
|
|
|
|
import (
|
|
"debug/elf"
|
|
"fmt"
|
|
"io"
|
|
)
|
|
|
|
type SafeELFFile struct {
|
|
*elf.File
|
|
}
|
|
|
|
// NewSafeELFFile reads an ELF safely.
|
|
//
|
|
// Any panic during parsing is turned into an error. This is necessary since
|
|
// there are a bunch of unfixed bugs in debug/elf.
|
|
//
|
|
// https://github.com/golang/go/issues?q=is%3Aissue+is%3Aopen+debug%2Felf+in%3Atitle
|
|
func NewSafeELFFile(r io.ReaderAt) (safe *SafeELFFile, err error) {
|
|
defer func() {
|
|
r := recover()
|
|
if r == nil {
|
|
return
|
|
}
|
|
|
|
safe = nil
|
|
err = fmt.Errorf("reading ELF file panicked: %s", r)
|
|
}()
|
|
|
|
file, err := elf.NewFile(r)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &SafeELFFile{file}, nil
|
|
}
|
|
|
|
// Symbols is the safe version of elf.File.Symbols.
|
|
func (se *SafeELFFile) Symbols() (syms []elf.Symbol, err error) {
|
|
defer func() {
|
|
r := recover()
|
|
if r == nil {
|
|
return
|
|
}
|
|
|
|
syms = nil
|
|
err = fmt.Errorf("reading ELF symbols panicked: %s", r)
|
|
}()
|
|
|
|
syms, err = se.File.Symbols()
|
|
return
|
|
}
|