[PATCH 2/2] erofs-utils: lib: oci: restrict `ocierofs_io_open()` to single-layer images

[Yifan Zhao]

When mounting an OCI image with `mount.erofs -t erofs.nbd` without
specifying either `oci.layer=` or `oci.blob=`, a segfault occurs in the
`ocierofs_download_blob_range() → ocierofs_find_layer_by_digest()` call
path due to an empty `ctx->blob_digest`.

As mounting multi-layer OCI images is not yet supported, let's exit
early in `ocierofs_io_open()` with an error in this case.

Signed-off-by: Yifan Zhao <zhaoyifan28 at huawei.com>
---
 lib/remotes/oci.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/lib/remotes/oci.c b/lib/remotes/oci.c
index d5afd6a..ce7a1a5 100644
--- a/lib/remotes/oci.c
+++ b/lib/remotes/oci.c
@@ -1479,16 +1479,18 @@ int ocierofs_io_open(struct erofs_vfile *vfile, const struct ocierofs_config *cf
 		return -ENOMEM;
 
 	err = ocierofs_init(ctx, cfg);
-	if (err) {
-		free(ctx);
-		return err;
+	if (err)
+		goto out;
+
+	if (!ctx->blob_digest) {
+		err = -EINVAL;
+		goto out;
 	}
 
 	oci_iostream = calloc(1, sizeof(*oci_iostream));
 	if (!oci_iostream) {
-		ocierofs_ctx_cleanup(ctx);
-		free(ctx);
-		return -ENOMEM;
+		err = -ENOMEM;
+		goto out;
 	}
 
 	oci_iostream->ctx = ctx;
@@ -1496,6 +1498,11 @@ int ocierofs_io_open(struct erofs_vfile *vfile, const struct ocierofs_config *cf
 	*vfile = (struct erofs_vfile){.ops = &ocierofs_io_vfops};
 	*(struct ocierofs_iostream **)vfile->payload = oci_iostream;
 	return 0;
+
+out:
+	ocierofs_ctx_cleanup(ctx);
+	free(ctx);
+	return err;
 }
 
 char *ocierofs_encode_userpass(const char *username, const char *password)
-- 
2.43.0