specconv: fix systemd property handling bugs#5130
Closed
lukefr09 wants to merge 1 commit intoopencontainers:mainfrom
Closed
specconv: fix systemd property handling bugs#5130lukefr09 wants to merge 1 commit intoopencontainers:mainfrom
lukefr09 wants to merge 1 commit intoopencontainers:mainfrom
Conversation
Fix two bugs in systemd property annotation handling:
1. initSystemdProps panics when a property name is exactly "Sec".
TrimSuffix("Sec", "Sec") returns an empty string, and the
subsequent index trimName[len(trimName)-1] causes an out-of-bounds
panic. Add a len(trimName) > 0 guard before indexing.
2. convertSecToUSec silently wraps negative signed integer values to
huge uint64 values. For example, int16(-1) becomes
uint64(18446744073709551615) * 1000000, which overflows. Add
negative value checks for the signed integer types (int16, int32,
int64) and float64.
Signed-off-by: Luke Hinds <luke@stacklok.com>
Author
|
Apologies, this was submitted by an automated tool that wasn't properly scoped. Shouldn't have hit upstream. Closing and sorry for the noise. |
kolyshkin
reviewed
Feb 27, 2026
Contributor
kolyshkin
left a comment
There was a problem hiding this comment.
IMO overflow in convertSecToUSec due to negative inputs results in either high or random xxxUsec property values, which is not ideal but I don't see any big issue here.
Also, -1 might be a valid value (meaning "infinity" in systemd lingo), and while we currently don't handle it correctly (I guess this should be passed as is, not multiplied), it is not a big deal either.
Still might worth fixing, but is kind of low priority
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fix two bugs in systemd property annotation handling:
Panic on property name "Sec":
initSystemdPropspanics when a systemd property annotation has the name exactly "Sec" (after prefix stripping).TrimSuffix("Sec", "Sec")returns an empty string, andtrimName[len(trimName)-1]causes an index-out-of-bounds panic. Add alen(trimName) > 0guard.Negative value wrapping in
convertSecToUSec: Negative signed integer values (int16, int32, int64) are silently converted to huge uint64 values via unsigned wrapping. For example,int16(-1)becomesuint64(18446744073709551615) * 1000000. Add negative value checks for the signed types and float64.Found during code review.
Signed-off-by: Luke Hinds luke@stacklok.com