MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-23 07:23:12 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

samples/landlock: Fix possible NULL dereference in parse_path()

Browse Source 
[ Upstream commit 078bf9438a ]

malloc() may return NULL, leading to NULL dereference.  Add a NULL
check.

Fixes: ba84b0bf5a ("samples/landlock: Add a sandbox manager example")
Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
Link: https://lore.kernel.org/r/20241128032955.11711-1-zichenxie0106@gmail.com
[mic: Simplify fix]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Zichen Xie 2024-11-27 21:29:56 -06:00 committed by Greg Kroah-Hartman
parent e30d21ed45
commit 9450b3c3c4
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
samples/landlock/sandboxer.c
View File

@ -65,6 +65,9 @@ static int parse_path(char *env_path, const char ***const path_list)
} }
} }
*path_list = malloc(num_paths * sizeof(**path_list)); *path_list = malloc(num_paths * sizeof(**path_list));
if (!*path_list)
return -1;
for (i = 0; i < num_paths; i++) for (i = 0; i < num_paths; i++)
(*path_list)[i] = strsep(&env_path, ENV_PATH_TOKEN); (*path_list)[i] = strsep(&env_path, ENV_PATH_TOKEN);
@ -100,6 +103,10 @@ static int populate_ruleset(const char *const env_var, const int ruleset_fd,
env_path_name = strdup(env_path_name); env_path_name = strdup(env_path_name);
unsetenv(env_var); unsetenv(env_var);
num_paths = parse_path(env_path_name, &path_list); num_paths = parse_path(env_path_name, &path_list);
if (num_paths < 0) {
fprintf(stderr, "Failed to allocate memory\n");
goto out_free_name;
}
if (num_paths == 1 && path_list[0][0] == '\0') { if (num_paths == 1 && path_list[0][0] == '\0') {
/* /*
* Allows to not use all possible restrictions (e.g. use * Allows to not use all possible restrictions (e.g. use