Skip to content

libpod: Don't dereference ctrSpec.Linux if it is nil#28317

Merged
Luap99 merged 1 commit intocontainers:mainfrom
dfr:freebsd-network-host
Mar 18, 2026
Merged

libpod: Don't dereference ctrSpec.Linux if it is nil#28317
Luap99 merged 1 commit intocontainers:mainfrom
dfr:freebsd-network-host

Conversation

@dfr
Copy link
Contributor

@dfr dfr commented Mar 18, 2026

This prevents a nil pointer crash when running network=host containers on a FreeBSD host using podman-remote.

Fixes: #28289

Checklist

Ensure you have completed the following checklist for your pull request to be reviewed:

  • Certify you wrote the patch or otherwise have the right to pass it on as an open-source patch by signing all
    commits. (git commit -s). (If needed, use git commit -s --amend). The author email must match
    the sign-off email address. See CONTRIBUTING.md
    for more information.
  • Referenced issues using Fixes: #00000 in commit message (if applicable)
  • Tests have been added/updated (or no tests are needed)
  • Documentation has been updated (or no documentation changes are needed)
  • All commits pass make validatepr (format/lint checks)
  • Release note entered in the section below (or None if no user-facing changes)

Does this PR introduce a user-facing change?

None

@dfr
libpod: Don't dereference ctrSpec.Linux if it is nil
9a10cef 
This prevents a nil pointer crash when running network=host containers
on a FreeBSD host using podman-remote.

Fixes: containers#28289
Signed-off-by: Doug Rabson <dfr@rabson.org>
Luap99
Luap99 reviewed Mar 18, 2026
View reviewed changes
libpod/container.go
// configuring with Slirp or CNI. That
// means it's --net=none
networkMode = "none"
if ctrSpec.Linux != nil {
Copy link
Member

@Luap99 Luap99 Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how is --network none vs --network host handled on freebsd spec? In general this change would make it that you display host even when created with network none or network ns:/somepath (though I guess this does not work at all)

Copy link
Contributor Author

@dfr dfr Mar 18, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right now, --network=none is broken - it behaves the same as --network=host.

With the FreeBSD OCI runtime extension, it is possible to represent --network=none by creating a private vnet for the jail which is not bridged to any network. I have a work-in-progress which adds support for the new FreeBSD OCI runtime bits but its currently blocked waiting for opencontainers/runtime-tools#801 which adds support in the runtime-tools library.

@mheon mheon added the No New Tests Allow PR to proceed without adding regression tests label Mar 18, 2026
@mheon
Copy link
Member

mheon commented Mar 18, 2026

While I share the question about this doing the right thing with --net=none - LGTM otherwise

Luap99
Luap99 approved these changes Mar 18, 2026
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Luap99 Luap99 enabled auto-merge March 18, 2026 18:52
@Luap99 Luap99 merged commit e67778b into containers:main Mar 18, 2026
80 of 82 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mheon mheon mheon approved these changes

@Luap99 Luap99 Luap99 approved these changes

Assignees

No one assigned

Labels

No New Tests Allow PR to proceed without adding regression tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

FreeBSD: nil pointer dereference in Container.NetworkMode() during inspect when network_mode=host via REST API

3 participants

@dfr @mheon @Luap99