From c833ac2c536428fc1026a2d4bd12dc64613248bb Mon Sep 17 00:00:00 2001
From: Ted Yu <yute@vmware.com>
Date: Thu, 21 Nov 2019 15:34:33 -0800
Subject: [PATCH] vc: BlockIndex should not be altered in case of error

BlockIndex should not increment in case of error.

Similar issue applies to decrementSandboxBlockIndex where the symptom may be more severe - in worst case, the block index may become negative.

Fixes #2244

Signed-off-by: Ted Yu <yuzhihong@gmail.com>
---
 virtcontainers/sandbox.go | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
index 4a6a0d6d52..c61cdd26d0 100644
--- a/virtcontainers/sandbox.go
+++ b/virtcontainers/sandbox.go
@@ -1686,6 +1686,12 @@ func (s *Sandbox) resumeSetStates() error {
 // block device is assigned to a container in the sandbox.
 func (s *Sandbox) getAndSetSandboxBlockIndex() (int, error) {
 	currentIndex := s.state.BlockIndex
+	var err error
+	defer func() {
+		if err != nil {
+			s.state.BlockIndex = currentIndex
+		}
+	}()
 
 	// Increment so that container gets incremented block index
 	s.state.BlockIndex++
@@ -1704,12 +1710,19 @@ func (s *Sandbox) getAndSetSandboxBlockIndex() (int, error) {
 // decrementSandboxBlockIndex decrements the current sandbox block index.
 // This is used to recover from failure while adding a block device.
 func (s *Sandbox) decrementSandboxBlockIndex() error {
+	var err error
+	original := s.state.BlockIndex
 	s.state.BlockIndex--
+	defer func() {
+		if err != nil {
+			s.state.BlockIndex = original
+		}
+	}()
 
 	if !s.supportNewStore() {
 		// experimental runtime use "persist.json" which doesn't need "state.json" anymore
 		// update on-disk state
-		if err := s.store.Store(store.State, s.state); err != nil {
+		if err = s.store.Store(store.State, s.state); err != nil {
 			return err
 		}
 	}