From 08bb9a32592079b982e93b1e21fc084431334c2d Mon Sep 17 00:00:00 2001 From: Kamalesh Babulal Date: Tue, 21 Feb 2023 10:49:06 +0000 Subject: [PATCH] wrapper: fix segfault in cgroup_get_value_string() The second and third arguments passed to cgroup_get_value_string() are of type char * and the user might pass NULL in place of one or both of the arguments, causing a segfault. segfault is trigger when the NULL, argument values are used without checks, fix it by checking for NULL before proceeding. Reproducer: ----------- int main(void) { struct cgroup_controller *cgc; struct cgroup *cgrp; int ret; cgroup_init(); if (ret) exit(1); cgrp = cgroup_new_cgroup("fuzzer"); if (!cgrp) exit(1); cgc = cgroup_add_controller(cgrp, "cpu"); if (!cgc) exit(1); ret = cgroup_add_value_string(cgc, "cpu.shares", "1024"); if (!cgc) exit(1); ret = cgroup_create_cgroup(cgrp, 1); if (ret) exit(1); cgc = cgroup_get_controller(cgrp, "cpu"); if (!cgc) exit(1); cgroup_get_value_string(cgc, NULL, NULL); return 0; } Signed-off-by: Kamalesh Babulal Signed-off-by: Tom Hromatka --- src/wrapper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wrapper.c b/src/wrapper.c index dc6dd936..8625fddf 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -437,7 +437,7 @@ int cgroup_get_value_string(struct cgroup_controller *controller, const char *na { int i; - if (!controller) + if (!controller || !name || !value) return ECGINVAL; for (i = 0; i < controller->index; i++) { -- 2.47.3