general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[libos] Fix envs overidden bug

Browse Source
This commit is contained in:
Zheng, Qi 2022-12-02 17:22:15 +08:00 committed by volcano
parent 0a367784cb
commit 242e0b63d2
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/libos/src/entry.rs
View File

@ -419,7 +419,8 @@ fn merge_env(env: *const *const c_char) -> Result<Vec<CString>> {
} }
// Filter out env which are not listed in Occlum.json env untrusted section // Filter out env which are not listed in Occlum.json env untrusted section
// and remove env default element if it is overrided // and record the index of env default element if it is overridden
let mut remove_idx: Vec<usize> = Vec::new();
if (!env.is_null()) { if (!env.is_null()) {
let env_untrusted = clone_cstrings_safely(env)?; let env_untrusted = clone_cstrings_safely(env)?;
for iter in env_untrusted.iter() { for iter in env_untrusted.iter() {
@ -427,11 +428,20 @@ fn merge_env(env: *const *const c_char) -> Result<Vec<CString>> {
if env_listed.contains(env_kv[0]) { if env_listed.contains(env_kv[0]) {
env_checked.push(iter.clone()); env_checked.push(iter.clone());
if let Some(idx) = env_default.helper.get(env_kv[0]) { if let Some(idx) = env_default.helper.get(env_kv[0]) {
env_default.content.remove(*idx); remove_idx.push(*idx);
} }
} }
} }
} }
// Only keep items in env_default if they are not overridden by untrusted envs
let mut env_keep: Vec<CString> = Vec::new();
for (idx, val) in env_default.content.iter().enumerate() {
if !remove_idx.contains(&idx) {
env_keep.push(CString::new(val.clone())?);
}
}
trace!("env_checked from env untrusted: {:?}", env_checked); trace!("env_checked from env untrusted: {:?}", env_checked);
Ok([env_default.content, env_checked].concat()) Ok([env_keep, env_checked].concat())
} }