in file 0003-CVE-2015-1335.patch checks if ws and start are the same.
According to the given error (which I forgot to paste above), ws and target ARE different:
lxc-start: utils.c: ensure_not_symlink: 1384 Mount onto /usr/lib/x86_64-linux-gnu/lxc//proc resulted in /usr/lib/x86_64-linux-gnu/lxc/proc
So target is
/usr/lib/x86_64-linux-gnu/lxc//proc
and ws is
/usr/lib/x86_64-linux-gnu/lxc/proc
Any hints how we could prevent the double slashing? Or would you just "clean up" the path somehow?
The problem lies in the ubuntu patch
http:// archive. ubuntu. com/ubuntu/ pool/main/ l/lxc/lxc_ 1.0.7-0ubuntu0. 5.debian. tar.gz
where this code
+ size_t start = croot ? strlen(croot) : 0;
+ if (strcmp(ws + start, target + start) != 0) {
+ ERROR("Mount onto %s resulted in %s\n", target, ws);
+ goto out;
+ }
in file 0003-CVE- 2015-1335. patch checks if ws and start are the same.
According to the given error (which I forgot to paste above), ws and target ARE different:
lxc-start: utils.c: ensure_not_symlink: 1384 Mount onto /usr/lib/ x86_64- linux-gnu/ lxc//proc resulted in /usr/lib/ x86_64- linux-gnu/ lxc/proc
So target is
/usr/ lib/x86_ 64-linux- gnu/lxc/ /proc
and ws is
/usr/ lib/x86_ 64-linux- gnu/lxc/ proc
Any hints how we could prevent the double slashing? Or would you just "clean up" the path somehow?