util: another set of CVE-2021-4034 assert()s

It's a good idea that we validate argc/argv when we are supposed to
store them away.

diff --git a/src/basic/util.h b/src/basic/util.h
index 94804f28e3f7256afb282a4b6162e931d984f1e8..68ae3b51e0e0a897ee02b8661ca95589141459f1 100644 (file)
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -9,6 +9,12 @@ extern int saved_argc;
 extern char **saved_argv;
 
 static inline void save_argc_argv(int argc, char **argv) {
+
+        /* Protect against CVE-2021-4034 style attacks */
+        assert_se(argc > 0);
+        assert_se(argv);
+        assert_se(argv[0]);
+
         saved_argc = argc;
         saved_argv = argv;
 }