[libvirt] [PATCH] security:selinux: Fix crash when tcon is NULL

Saturday, 8 November 2014

https://bugzilla.redhat.com/show_bug.cgi?id=1161831

Libvirtd will crash when parameter tcon = NULL in virSecuritySELinuxSetFileconHelper
function, because libvirt do not check the first parameter when use strcmp().
Add a check for tcon before use strcmp() and output a error in log when tcon is NULL.

Signed-off-by: Luyao Huang <lhuang(a)redhat.com&gt;
---
 src/security/security_selinux.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index f96be50..4fd09b8 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -887,6 +887,11 @@ virSecuritySELinuxSetFileconHelper(const char *path, char *tcon, bool
optional)
         int setfilecon_errno = errno;
 
         if (getfilecon_raw(path, &econ) >= 0) {
+            if (tcon == NULL) {
+                virReportSystemError(errno,"%s",
+                                 _("Invalid security context : NULL"));
+                return -1;
+            }
             if (STREQ(tcon, econ)) {
                 freecon(econ);
                 /* It's alright, there's nothing to change anyway. */
-- 
1.8.3.1


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH] security:selinux: Fix crash when tcon is NULL