wrapper: fix segfault in cgroup_get_value_string()

The second and third arguments passed to cgroup_get_value_string() are
of type char * and the user might pass NULL in place of one or both of
the arguments, causing a segfault.  segfault is trigger when the NULL,
argument values are used without checks, fix it by checking for NULL
before proceeding.

Reproducer:
-----------

int main(void)
{
        struct cgroup_controller *cgc;
        struct cgroup *cgrp;
        int ret;

        cgroup_init();
        if (ret)
                exit(1);

        cgrp = cgroup_new_cgroup("fuzzer");
        if (!cgrp)
                exit(1);

        cgc = cgroup_add_controller(cgrp, "cpu");
        if (!cgc)
                exit(1);

        ret = cgroup_add_value_string(cgc, "cpu.shares", "1024");
        if (!cgc)
                exit(1);

        ret = cgroup_create_cgroup(cgrp, 1);
        if (ret)
                exit(1);

        cgc = cgroup_get_controller(cgrp, "cpu");
        if (!cgc)
                exit(1);

        cgroup_get_value_string(cgc, NULL, NULL);

        return 0;
}

Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit 08bb9a32592079b982e93b1e21fc084431334c2d)

diff --git a/src/wrapper.c b/src/wrapper.c
index dc6dd9363bb76bd95d924ca717358968c67d86a9..8625fddf2616949dc31b20624dcd89ab8b3d2eb0 100644 (file)
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -437,7 +437,7 @@ int cgroup_get_value_string(struct cgroup_controller *controller, const char *na
 {
        int i;
 
-       if (!controller)
+       if (!controller || !name || !value)
                return ECGINVAL;
 
        for (i = 0; i < controller->index; i++) {