diff options
author | Elena Reshetova <elena.reshetova@intel.com> | 2013-05-31 15:51:38 +0300 |
---|---|---|
committer | Elena Reshetova <elena.reshetova@intel.com> | 2013-05-31 15:51:38 +0300 |
commit | a157e55f5042c9733d524ef7484fc65eae36c0f7 (patch) | |
tree | a2b69bbe011c9b1eea16a4fda933945ee741878a /plugins | |
parent | 132a15d427a5490a7c6dcdbc6549589acb1278ad (diff) | |
download | rpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.tar.gz rpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.tar.bz2 rpm-a157e55f5042c9733d524ef7484fc65eae36c0f7.zip |
Security-plugin: Fix the null pointer comparison
possibility in msmXattrSupport
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/msmxattr.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/plugins/msmxattr.c b/plugins/msmxattr.c index 75aca54d9..146481a92 100644 --- a/plugins/msmxattr.c +++ b/plugins/msmxattr.c @@ -1153,7 +1153,8 @@ int msmSetFileXAttributes(manifest_x *mfx, const char* filepath, magic_t cookie) goto found; } len = strlen(filesystem->path); - rpmlog(RPMLOG_DEBUG, "filesystem->path: %s, length %d\n", filesystem->path, len); + rpmlog(RPMLOG_DEBUG, "filepath: %s, filesystem->type %s\n", filepath, filesystem->type); + rpmlog(RPMLOG_DEBUG, "filesystem->path: %s, length %d, match %d\n", filesystem->path, len, match); rpmlog(RPMLOG_DEBUG, "filesystem->path + len - 1: %s\n", filesystem->path + len - 1); if (len > match) { if ((!strncmp(filepath, filesystem->path, len)) && (filesystem->type)) { @@ -1180,8 +1181,8 @@ int msmSetFileXAttributes(manifest_x *mfx, const char* filepath, magic_t cookie) if (exec_label) { execLabeldefined = 1; if ((strcmp(exec_label, "none") == 0) - || (strcmp(exec_label, mfx->request->ac_domain) == 0) - || (strcmp(exec_label, mfx->define->name) == 0)) { + || ( (mfx->request) && (mfx->request->ac_domain) && (strcmp(exec_label, mfx->request->ac_domain) == 0)) + || ( (mfx->define) && (mfx->define->name) && (strcmp(exec_label, mfx->define->name) == 0))) { // these labels are allowed } else { // ignore all other exec labels, because they aren't allowed for security reasons |