From: Axel Rasmussen <axelrasmussen@google.com>
Date: Thu, 23 Jul 2020 17:54:23 +0000 (-0700)
Subject: selinux: handle getcon_raw producing a NULL pointer, despite returning 0
X-Git-Tag: v246-rc2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=199a892218e1f36e7bd7d5da2d78de6b13f04488;p=thirdparty%2Fsystemd.git

selinux: handle getcon_raw producing a NULL pointer, despite returning 0

Previously, we assumed that success meant we definitely got a valid
pointer. There is at least one edge case where this is not true (i.e.,
we can get both a 0 return value, and *also* a NULL pointer):
https://github.com/SELinuxProject/selinux/blob/4246bb550dee5246c8567804325b7da206cd76cf/libselinux/src/procattr.c#L175

When this case occurrs, if we don't check the pointer we SIGSEGV in
early initialization.
---

diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index b8a94a52ab6..817069b3fe6 100644
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -50,7 +50,8 @@ int mac_selinux_setup(bool *loaded_policy) {
 
         /* Already initialized by somebody else? */
         r = getcon_raw(&con);
-        if (r == 0) {
+        /* getcon_raw can return 0, and still give us a NULL pointer. */
+        if (r == 0 && con) {
                 initialized = !streq(con, "kernel");
                 freecon(con);
         }