Skip to content

Prevent NPE in addServiceInfoToCluster()#2239

Closed
thaJeztah wants to merge 1 commit into
moby:masterfrom
thaJeztah:prevent_npe
Closed

Prevent NPE in addServiceInfoToCluster()#2239
thaJeztah wants to merge 1 commit into
moby:masterfrom
thaJeztah:prevent_npe

Conversation

@thaJeztah

Copy link
Copy Markdown
Member

ep.Iface() can return nil, in which case Address() would result in a NPE.

relates to moby/moby#37506

`ep.Iface()` can return `nil`, in which case `Address()`
would result in a NPE.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Comment thread agent.go

func (ep *endpoint) addServiceInfoToCluster(sb *sandbox) error {
if ep.isAnonymous() && len(ep.myAliases) == 0 || ep.Iface().Address() == nil {
if ep.isAnonymous() && len(ep.myAliases) == 0 || ep.Iface() == nil || ep.Iface().Address() == nil {

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could use some input here; I started with this, but noticed there's quite some places where a "fluent" interface is used (foo.Iface().SomeFunction()), so having to check in all places is likely problematic.

Comment thread endpoint_info.go
}

return nil
return &endpointInterface{}

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps this would work to prevent the situation, but I see there's many other places where nil can be returned, which won't really work with a fluent interface 😓, so likely all those occurrences need to be addressed?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, so I grepped the code specifically for \.Iface\(\) and came away with the following locations where it is used. Most of the fluid uses are protected by tests and so don't need further protection. Here are the locations I think need further protection:

  • agent.go L586 -- already mentioned above
  • agent.go L709 -- could add a protection similar to L586 at the start of the function: L668
  • controller.go L955 -- Probably needs an if ep.Iface() == nil { continue } right before
  • network.go L1317 -- Should probably become iface := ep.Iface(); if iface != nil && iface.Address() != nil { ...
    So we should be covered without returning the &endpointInterface{} if we add three more tests.

Just as a side comment:

  • service_windows.go L41 -- should be protected by epInfo.LoadBalancer() test
  • service_linux.go (all) -- all fluid references are protected by a call to findLBEndpointSandbox() which only returns the endpoint if epi.LoadBalancer() is true. (as per Windows above)
  • maybe there's some kind of race in those files where somone tries to add a binding while the sandbox is still coming up? But I'm not sure. If so, then a test in findLBEndpointSandbox() would be in order for service_linux.go.
  • there are a few test files that are unprotected -- I'm not worried about those.

I'm not really sure why we can have endpoints without interfaces -- I thought these were a 1-to-1 mapping conceptually. But given comments in service_linux.go that indicate that this is deliberate, I'm disinclined to return a pointer to an empty structure. OTOH, I don't see anywhere in the code that is positively acting on Iface() returning nil. So, maybe it is OK after all w/ a small change to L36 of service_linux.go. Others w/ more history, please chime in.

@thaJeztah

Copy link
Copy Markdown
Member Author
@selansen

Copy link
Copy Markdown
Contributor

I see blow files are having similar implementation and invokes "ep.Iface().Address()" without checking if Iface returns null or not.
We should be able to clean it up quickly and push it.
agent.go
controller.go
network.go
service_linux.go

@fcrisciani WDYT?

@alekc

alekc commented Jun 4, 2019

Copy link
Copy Markdown

Just fiy, this is still happening with docker 18.09
docker/for-linux#688

@arkodg

arkodg commented Jun 21, 2019

Copy link
Copy Markdown
Contributor

@selansen is this still needed ?

@Kunde21

Kunde21 commented Mar 15, 2020

Copy link
Copy Markdown

@arkodg I just ran into this same bug, so it's likely still needed

docker info:

Client:
 Debug Mode: false

Server:
 Containers: 2
  Running: 2
  Paused: 0
  Stopped: 0
 Images: 2
 Server Version: 19.03.7-ce
 Storage Driver: overlay2
  Backing Filesystem: <unknown>
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d76c121f76a5fc8a462dc64594aea72fe18e1178.m
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.5.9-arch1-2
 Operating System: Arch Linux
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 15.53GiB
 Name: shuttie
 ID: F2HJ:B3XS:JSWF:KFV6:WP2G:P3AZ:TW7F:IL4F:4DZK:F7TT:J6BS:2AFE
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Panic trace:

Mar 15 18:26:26 machine dockerd[10984]: panic: runtime error: invalid memory address or nil pointer dereference
Mar 15 18:26:26 machine dockerd[10984]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x557a38d93185]
Mar 15 18:26:26 machine dockerd[10984]: goroutine 129 [running]:
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/vendor/github.com/docker/libnetwork.(*endpoint).addServiceInfoToCluster(0xc000a73b80, 0xc000d086c0, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/vendor/github.com/docker/libnetwork/agent.go:599 +0xfe5
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/vendor/github.com/docker/libnetwork.(*sandbox).EnableService(0xc000d086c0, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/vendor/github.com/docker/libnetwork/sandbox.go:702 +0x18f
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).ActivateContainerServiceBinding(0xc0008341e0, 0xc000ad4990, 0x6, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/container_operations.go:1118 +0x89
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).connectToNetwork(0xc0008341e0, 0xc00094a000, 0x557a39828d61, 0x6, 0xc000966000, 0x0, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/container_operations.go:800 +0xa2d
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).allocateNetwork(0xc0008341e0, 0xc00094a000, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/container_operations.go:543 +0xa22
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).initializeNetworking(0xc0008341e0, 0xc00094a000, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/container_operations.go:957 +0x90
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).containerStart(0xc0008341e0, 0xc00094a000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/start.go:150 +0x323
Mar 15 18:26:26 machine dockerd[10984]: github.com/docker/docker/daemon.(*Daemon).restore.func5(0xc00041e230, 0xc0008341e0, 0xc000ba3e30, 0xc0004fbb70, 0xc00094a000, 0xc000a1d3e0)
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/daemon.go:501 +0x2c6
Mar 15 18:26:26 machine dockerd[10984]: created by github.com/docker/docker/daemon.(*Daemon).restore
Mar 15 18:26:26 machine dockerd[10984]:         /build/docker/src/src/github.com/docker/docker/daemon/daemon.go:482 +0x72f
arkodg pushed a commit to arkodg/libnetwork that referenced this pull request Apr 3, 2020
This PR carryforwards moby#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
arkodg pushed a commit to arkodg/libnetwork that referenced this pull request Apr 3, 2020
This PR carryforwards moby#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
arkodg pushed a commit to arkodg/libnetwork that referenced this pull request Apr 3, 2020
This PR carryforwards moby#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to a null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
@arkodg arkodg closed this in #2544 Apr 4, 2020
@thaJeztah thaJeztah deleted the prevent_npe branch April 4, 2020 18:02
thaJeztah pushed a commit to thaJeztah/libnetwork that referenced this pull request Apr 6, 2020
This PR carryforwards moby#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to a null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
(cherry picked from commit c55657f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah added a commit to thaJeztah/docker that referenced this pull request Apr 21, 2020
full diff: moby/libnetwork@ef149a9...1a17fb3

- moby/libnetwork#2538 produce an error with invalid address pool
    - addresses moby#40388 dockerd ignores the --default-address-pool option
- moby/libnetwork#2471 DOCKER-USER chain not created when IPTableEnable=false
- moby/libnetwork#2544 Fix NPE due to null value returned by ep.Iface()
    - carries moby/libnetwork#2239 Prevent NPE in addServiceInfoToCluster()
    - addresses moby#37506 Error initializing docker.server while starting daemon by systemd

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins pushed a commit to docker-archive/docker-ce that referenced this pull request Apr 25, 2020
full diff: moby/libnetwork@ef149a9...1a17fb3

- moby/libnetwork#2538 produce an error with invalid address pool
    - addresses moby/moby#40388 dockerd ignores the --default-address-pool option
- moby/libnetwork#2471 DOCKER-USER chain not created when IPTableEnable=false
- moby/libnetwork#2544 Fix NPE due to null value returned by ep.Iface()
    - carries moby/libnetwork#2239 Prevent NPE in addServiceInfoToCluster()
    - addresses moby/moby#37506 Error initializing docker.server while starting daemon by systemd

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: c3808634e7a44fc5b4fb8caacd9d079f7e0a0fee
Component: engine
cpuguy83 pushed a commit to cpuguy83/docker that referenced this pull request May 25, 2021
This PR carryforwards moby/libnetwork#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to a null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
TechForce-Lyron0785 pushed a commit to TechForce-Lyron0785/libnetwork that referenced this pull request Apr 17, 2026
This PR carryforwards moby/libnetwork#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to a null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
(cherry picked from commit 0ac125c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
TechForce-Lyron0785 pushed a commit to TechForce-Lyron0785/libnetwork that referenced this pull request Apr 17, 2026
This PR carryforwards moby/libnetwork#2239
and incorporates the suggestions in comments to fix the NPE and
potential NPEs due to a null value returned by ep.Iface()

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

6 participants