From 4d2ba779e1a0596c51cc6ed2ddb7c2139830f15c Mon Sep 17 00:00:00 2001
From: unclejack <unclejacksons@gmail.com>
Date: Sat, 19 Oct 2013 01:56:52 +0300
Subject: [PATCH] validate bind mounts on the server side

This changes the server side code to make sure that:
1) the source of a bind mount isn't /
   The bind mount "/:/foo" isn't allowed.
2) Check that the source exists
   The source to be bind mounted must exist.

This fixes issue #2070.
---
 server.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/server.go b/server.go
index 314df0256b..cbe7c6435c 100644
--- a/server.go
+++ b/server.go
@@ -1316,6 +1316,25 @@ func (srv *Server) RegisterLinks(name string, hostConfig *HostConfig) error {
 func (srv *Server) ContainerStart(name string, hostConfig *HostConfig) error {
 	runtime := srv.runtime
 	container := runtime.Get(name)
+
+	if hostConfig != nil {
+		for _, bind := range hostConfig.Binds {
+			splitBind := strings.Split(bind, ":")
+			source := splitBind[0]
+
+			// refuse to bind mount "/" to the container
+			if source == "/" {
+				return fmt.Errorf("Invalid bind mount '%s' : source can't be '/'", bind)
+			}
+
+			// ensure the source exists on the host
+			_, err := os.Stat(source)
+			if err != nil && os.IsNotExist(err) {
+				return fmt.Errorf("Invalid bind mount '%s' : source doesn't exist", bind)
+			}
+		}
+	}
+
 	if container == nil {
 		return fmt.Errorf("No such container: %s", name)
 	}