diff options
| author | Zichen Xie <zichenxie0106@gmail.com> | 2024-11-27 21:29:56 -0600 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-02-21 13:49:03 +0100 |
| commit | 434fb6a2461eec70e082e0e86daa58ce1040c846 (patch) | |
| tree | ab38f4bdffe379eeecf16b56e8b167e3f5dccec6 /samples | |
| parent | fa78395d955ace70c2019a981a175ecf6f822378 (diff) | |
samples/landlock: Fix possible NULL dereference in parse_path()
[ Upstream commit 078bf9438a31567e2c0587159ccefde835fb1ced ]
malloc() may return NULL, leading to NULL dereference. Add a NULL
check.
Fixes: ba84b0bf5a16 ("samples/landlock: Add a sandbox manager example")
Signed-off-by: Zichen Xie <zichenxie0106@gmail.com>
Link: https://lore.kernel.org/r/20241128032955.11711-1-zichenxie0106@gmail.com
[mic: Simplify fix]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'samples')
| -rw-r--r-- | samples/landlock/sandboxer.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c index f29bb3c72230..ce9b77bc167b 100644 --- a/samples/landlock/sandboxer.c +++ b/samples/landlock/sandboxer.c @@ -65,6 +65,9 @@ static int parse_path(char *env_path, const char ***const path_list) } } *path_list = malloc(num_paths * sizeof(**path_list)); + if (!*path_list) + return -1; + for (i = 0; i < num_paths; i++) (*path_list)[i] = strsep(&env_path, ENV_PATH_TOKEN); @@ -99,6 +102,10 @@ static int populate_ruleset(const char *const env_var, const int ruleset_fd, env_path_name = strdup(env_path_name); unsetenv(env_var); num_paths = parse_path(env_path_name, &path_list); + if (num_paths < 0) { + fprintf(stderr, "Failed to allocate memory\n"); + goto out_free_name; + } if (num_paths == 1 && path_list[0][0] == '\0') { /* * Allows to not use all possible restrictions (e.g. use |