samples/landlock: Fix possible NULL dereference in parse_path()

[ Upstream commit 078bf9438a31567e2c0587159ccefde835fb1ced ]

malloc() may return NULL, leading to NULL dereference.  Add a NULL
check.

Fixes: ba84b0bf5a16 ("samples/landlock: Add a sandbox manager example")
Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
Link: https://lore.kernel.org/r/20241128032955.11711-1-zichenxie0106@gmail.com
[mic: Simplify fix]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c
index c089e9cdaf3283cd62cdec0cce4734247cc47218..1825a2935bd82a839c0017b90421f89b1f55185e 100644 (file)
--- a/samples/landlock/sandboxer.c
+++ b/samples/landlock/sandboxer.c
@@ -65,6 +65,9 @@ static int parse_path(char *env_path, const char ***const path_list)
                }
        }
        *path_list = malloc(num_paths * sizeof(**path_list));
+       if (!*path_list)
+               return -1;
+
        for (i = 0; i < num_paths; i++)
                (*path_list)[i] = strsep(&env_path, ENV_PATH_TOKEN);
 
@@ -99,6 +102,10 @@ static int populate_ruleset(const char *const env_var, const int ruleset_fd,
        env_path_name = strdup(env_path_name);
        unsetenv(env_var);
        num_paths = parse_path(env_path_name, &path_list);
+       if (num_paths < 0) {
+               fprintf(stderr, "Failed to allocate memory\n");
+               goto out_free_name;
+       }
        if (num_paths == 1 && path_list[0][0] == '\0') {
                /*
                 * Allows to not use all possible restrictions (e.g. use