libsemanage/0001-libsemanage-fix-use-after-free-in-parse_module_store.patch

37 lines
1.2 KiB
Diff
Raw Normal View History

From 6bff61c5981d4b928a0c304aad0b4adf772776cd Mon Sep 17 00:00:00 2001
From: HuaxinLu <luhuaxin1@foxmail.com>
Date: Mon, 14 Jun 2021 12:21:26 +0800
Subject: [PATCH] libsemanage: fix use-after-free in parse_module_store()
The passing parameter "arg" of parse_module_store will be freed after
calling. A copy of parameter should be used instead of itself.
Signed-off-by: HuaxinLu <luhuaxin1@foxmail.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
libsemanage/src/conf-parse.y | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y
index 9bf9364a1ce4..eac913447ecd 100644
--- a/libsemanage/src/conf-parse.y
+++ b/libsemanage/src/conf-parse.y
@@ -516,12 +516,12 @@ static int parse_module_store(char *arg)
char *s;
current_conf->store_type = SEMANAGE_CON_POLSERV_REMOTE;
if ((s = strchr(arg, ':')) == NULL) {
- current_conf->store_path = arg;
+ current_conf->store_path = strdup(arg);
current_conf->server_port = 4242;
} else {
char *endptr;
*s = '\0';
- current_conf->store_path = arg;
+ current_conf->store_path = strdup(arg);
current_conf->server_port = strtol(s + 1, &endptr, 10);
if (*(s + 1) == '\0' || *endptr != '\0') {
return -2;
--
2.32.0