moby/daemon/export.go
Kir Kolyshkin 81f6307eda daemon.ContainerExport(): do not panic
In case ContainerExport() is called for an unmounted container, it leads
to a daemon panic as container.BaseFS, which is dereferenced here, is
nil.

To fix, do not rely on container.BaseFS; use the one returned from
rwlayer.Mount().

Fixes: 7a7357dae1 ("LCOW: Implemented support for docker cp + build")
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-03-13 21:24:43 -07:00

86 lines
2.4 KiB
Go

package daemon // import "github.com/docker/docker/daemon"
import (
"fmt"
"io"
"runtime"
"github.com/docker/docker/container"
"github.com/docker/docker/errdefs"
"github.com/docker/docker/pkg/archive"
"github.com/docker/docker/pkg/ioutils"
"github.com/docker/docker/pkg/system"
)
// ContainerExport writes the contents of the container to the given
// writer. An error is returned if the container cannot be found.
func (daemon *Daemon) ContainerExport(name string, out io.Writer) error {
container, err := daemon.GetContainer(name)
if err != nil {
return err
}
if runtime.GOOS == "windows" && container.OS == "windows" {
return fmt.Errorf("the daemon on this operating system does not support exporting Windows containers")
}
if container.IsDead() {
err := fmt.Errorf("You cannot export container %s which is Dead", container.ID)
return errdefs.Conflict(err)
}
if container.IsRemovalInProgress() {
err := fmt.Errorf("You cannot export container %s which is being removed", container.ID)
return errdefs.Conflict(err)
}
data, err := daemon.containerExport(container)
if err != nil {
return fmt.Errorf("Error exporting container %s: %v", name, err)
}
defer data.Close()
// Stream the entire contents of the container (basically a volatile snapshot)
if _, err := io.Copy(out, data); err != nil {
return fmt.Errorf("Error exporting container %s: %v", name, err)
}
return nil
}
func (daemon *Daemon) containerExport(container *container.Container) (arch io.ReadCloser, err error) {
if !system.IsOSSupported(container.OS) {
return nil, fmt.Errorf("cannot export %s: %s ", container.ID, system.ErrNotSupportedOperatingSystem)
}
rwlayer, err := daemon.imageService.GetLayerByID(container.ID, container.OS)
if err != nil {
return nil, err
}
defer func() {
if err != nil {
daemon.imageService.ReleaseLayer(rwlayer, container.OS)
}
}()
basefs, err := rwlayer.Mount(container.GetMountLabel())
if err != nil {
return nil, err
}
archive, err := archivePath(basefs, basefs.Path(), &archive.TarOptions{
Compression: archive.Uncompressed,
UIDMaps: daemon.idMappings.UIDs(),
GIDMaps: daemon.idMappings.GIDs(),
})
if err != nil {
rwlayer.Unmount()
return nil, err
}
arch = ioutils.NewReadCloserWrapper(archive, func() error {
err := archive.Close()
rwlayer.Unmount()
daemon.imageService.ReleaseLayer(rwlayer, container.OS)
return err
})
daemon.LogContainerEvent(container, "export")
return arch, err
}