summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorElena Reshetova <elena.reshetova@intel.com>2013-05-31 15:51:38 +0300
committerElena Reshetova <elena.reshetova@intel.com>2013-05-31 15:51:38 +0300
commita157e55f5042c9733d524ef7484fc65eae36c0f7 (patch)
treea2b69bbe011c9b1eea16a4fda933945ee741878a /plugins
parent132a15d427a5490a7c6dcdbc6549589acb1278ad (diff)
downloadrpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.tar.gz
rpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.tar.bz2
rpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.zip
Security-plugin: Fix the null pointer comparison
possibility in msmXattrSupport
Diffstat (limited to 'plugins')
-rw-r--r--plugins/msmxattr.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/plugins/msmxattr.c b/plugins/msmxattr.c
index 75aca54d9..146481a92 100644
--- a/plugins/msmxattr.c
+++ b/plugins/msmxattr.c
@@ -1153,7 +1153,8 @@ int msmSetFileXAttributes(manifest_x *mfx, const char* filepath, magic_t cookie)
goto found;
}
len = strlen(filesystem->path);
- rpmlog(RPMLOG_DEBUG, "filesystem->path: %s, length %d\n", filesystem->path, len);
+ rpmlog(RPMLOG_DEBUG, "filepath: %s, filesystem->type %s\n", filepath, filesystem->type);
+ rpmlog(RPMLOG_DEBUG, "filesystem->path: %s, length %d, match %d\n", filesystem->path, len, match);
rpmlog(RPMLOG_DEBUG, "filesystem->path + len - 1: %s\n", filesystem->path + len - 1);
if (len > match) {
if ((!strncmp(filepath, filesystem->path, len)) && (filesystem->type)) {
@@ -1180,8 +1181,8 @@ int msmSetFileXAttributes(manifest_x *mfx, const char* filepath, magic_t cookie)
if (exec_label) {
execLabeldefined = 1;
if ((strcmp(exec_label, "none") == 0)
- || (strcmp(exec_label, mfx->request->ac_domain) == 0)
- || (strcmp(exec_label, mfx->define->name) == 0)) {
+ || ( (mfx->request) && (mfx->request->ac_domain) && (strcmp(exec_label, mfx->request->ac_domain) == 0))
+ || ( (mfx->define) && (mfx->define->name) && (strcmp(exec_label, mfx->define->name) == 0))) {
// these labels are allowed
} else {
// ignore all other exec labels, because they aren't allowed for security reasons