41 lines
1.6 KiB
Diff
41 lines
1.6 KiB
Diff
From 9070c9f2f33aacc10eb65a9430e3bf78bce5aea7 Mon Sep 17 00:00:00 2001
|
|
From: Space Meyer <spm@google.com>
|
|
Date: Wed, 7 Dec 2022 14:11:30 +0100
|
|
Subject: [PATCH] journald: prevent segfault on empty attr/current
|
|
|
|
getpidcon() might set con to NULL, even when it returned a 0 return
|
|
code[0]. The subsequent strlen(con) will then cause a segfault.
|
|
|
|
Alternatively the behaviour could also be changed in getpidcon. I
|
|
don't know whether the libselinux folks are comitted to the current
|
|
behaviour, but the getpidcon man page doesn't really make it obvious
|
|
this case could happen.
|
|
|
|
[0] https://github.com/SELinuxProject/selinux/blob/fb7f35495fbad468d6efa76c5fed727659903038/libselinux/src/procattr.c#L155-L158
|
|
|
|
(cherry picked from commit ff868eaadecde2568d1e08a375ec8a3b327984fa)
|
|
(cherry picked from commit 4119d25e621b5e5b7860e971092239379768081c)
|
|
|
|
Conflict:NA
|
|
Reference:https://github.com/systemd/systemd-stable/commit/9070c9f2f33aacc10eb65a9430e3bf78bce5aea7
|
|
---
|
|
src/journal/journald-context.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c
|
|
index 27608ff089..0953fb2119 100644
|
|
--- a/src/journal/journald-context.c
|
|
+++ b/src/journal/journald-context.c
|
|
@@ -258,7 +258,7 @@ static int client_context_read_label(
|
|
|
|
/* If we got no SELinux label passed in, let's try to acquire one */
|
|
|
|
- if (getpidcon(c->pid, &con) >= 0) {
|
|
+ if (getpidcon(c->pid, &con) >= 0 && con) {
|
|
free_and_replace(c->label, con);
|
|
c->label_size = strlen(c->label);
|
|
}
|
|
--
|
|
2.33.0
|
|
|