Re: [libvirt] [PATCH] security_selinux: Fix crash in virSecuritySELinuxRestoreFileLabel
On Thu, Jan 21, 2016 at 18:31:58 +0800, Shanzhi Yu wrote:
when failed to boot a guest, virSecuritySELinuxRestoreFileLabel
will be called eventually to reset security label, which will
lead a crash if pass null to virFileResolveLink(path, &newpath).
https://bugzilla.redhat.com/show_bug.cgi?id=1300532
Signed-off-by: Shanzhi Yu <shyu(a)redhat.com>
---
src/security/security_selinux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 9e98635..c8a7553 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1026,7 +1026,7 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr,
VIR_INFO("Restoring SELinux context on '%s'", path);
Here you use path without checking it's non-NULL.
- if (virFileResolveLink(path, &newpath) < 0) {
+ if (path && virFileResolveLink(path, &newpath) < 0) {
VIR_WARN("cannot resolve symlink %s: %s", path,
virStrerror(errno, ebuf, sizeof(ebuf)));
goto err;
Anyway, the bug is somewhere else. virSecuritySELinuxRestoreFileLabel
should never be called with NULL path.
Jirka