From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 12 Jun 2025 15:37:45 +0000 (+0200)
Subject: nspawn: don't use strjoina() for user controlled strings
X-Git-Tag: v258-rc1~140^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93555abe292e5f90165d89193e2ea0fd44de5c07;p=thirdparty%2Fsystemd.git

nspawn: don't use strjoina() for user controlled strings
---

diff --git a/src/nspawn/nspawn-register.c b/src/nspawn/nspawn-register.c
index b746d095300..15820695057 100644
--- a/src/nspawn/nspawn-register.c
+++ b/src/nspawn/nspawn-register.c
@@ -266,7 +266,7 @@ int allocate_scope(
         _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
         _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
         _cleanup_free_ char *scope = NULL;
-        const char *description, *object;
+        const char *object;
         int r;
 
         assert(bus);
@@ -292,12 +292,14 @@ int allocate_scope(
         if (r < 0)
                 return bus_log_create_error(r);
 
-        description = strjoina("Container ", machine_name);
-
         r = bus_append_scope_pidref(m, pid, FLAGS_SET(flags, ALLOCATE_SCOPE_ALLOW_PIDFD));
         if (r < 0)
                 return bus_log_create_error(r);
 
+        _cleanup_free_ char *description = strjoin("Container ", machine_name);
+        if (!description)
+                return log_oom();
+
         r = sd_bus_message_append(m, "(sv)(sv)(sv)(sv)(sv)",
                                   "Description", "s", description,
                                   "Delegate", "b", 1,