From 9070c9f2f33aacc10eb65a9430e3bf78bce5aea7 Mon Sep 17 00:00:00 2001 From: Space Meyer Date: Wed, 7 Dec 2022 14:11:30 +0100 Subject: [PATCH] journald: prevent segfault on empty attr/current getpidcon() might set con to NULL, even when it returned a 0 return code[0]. The subsequent strlen(con) will then cause a segfault. Alternatively the behaviour could also be changed in getpidcon. I don't know whether the libselinux folks are comitted to the current behaviour, but the getpidcon man page doesn't really make it obvious this case could happen. [0] https://github.com/SELinuxProject/selinux/blob/fb7f35495fbad468d6efa76c5fed727659903038/libselinux/src/procattr.c#L155-L158 (cherry picked from commit ff868eaadecde2568d1e08a375ec8a3b327984fa) (cherry picked from commit 4119d25e621b5e5b7860e971092239379768081c) Conflict:NA Reference:https://github.com/systemd/systemd-stable/commit/9070c9f2f33aacc10eb65a9430e3bf78bce5aea7 --- src/journal/journald-context.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c index 27608ff089..0953fb2119 100644 --- a/src/journal/journald-context.c +++ b/src/journal/journald-context.c @@ -258,7 +258,7 @@ static int client_context_read_label( /* If we got no SELinux label passed in, let's try to acquire one */ - if (getpidcon(c->pid, &con) >= 0) { + if (getpidcon(c->pid, &con) >= 0 && con) { free_and_replace(c->label, con); c->label_size = strlen(c->label); } -- 2.33.0