pesign/0005-Handle-NULL-pwdata-in-cms_set_pw_data.patch
Robbie Harwood accbbe601f Fix explicit NULL deref when daemonizing
Resolves: #2049320
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-02-14 21:14:51 +00:00

57 lines
1.8 KiB
Diff

From 73ad69b8c7b49c8e6175497130bcfc71d5318c86 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mon, 14 Feb 2022 15:46:25 -0500
Subject: [PATCH 5/6] Handle NULL pwdata in cms_set_pw_data()
When 12f16710ee44ef64ddb044a3523c3c4c4d90039a rewrote this function, it
didn't handle the NULL pwdata invocation from daemon.c. This leads to a
explicit NULL dereference and crash on all attempts to daemonize pesign.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
(cherry picked from commit b879dda52f8122de697d145977c285fb0a022d76)
(cherry picked from commit 4d1ead068248b56ecaeb437f0c0b59f9d89b9748)
---
src/cms_common.c | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 332999e..ca37e6a 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -313,7 +313,7 @@ void cms_set_pw_data(cms_context *cms, secuPWData *pwdata)
case PW_FROMFD:
if (cms->pwdata.intdata >= 0 &&
- !(pwdata->source == PW_FROMFD &&
+ !(pwdata && pwdata->source == PW_FROMFD &&
cms->pwdata.intdata == pwdata->intdata))
close(cms->pwdata.intdata);
break;
@@ -330,12 +330,18 @@ void cms_set_pw_data(cms_context *cms, secuPWData *pwdata)
xfree(cms->pwdata.data);
break;
}
- memmove(&cms->pwdata, pwdata, sizeof(*pwdata));
- dprintf("pwdata:%p", pwdata);
- dprintf("pwdata->source:%d", pwdata->source);
- dprintf("pwdata->data:%p (\"%s\")", pwdata->data,
- pwdata->data ? pwdata->data : "(null)");
+ if (!pwdata) {
+ cms->pwdata.source = PW_SOURCE_INVALID;
+ dprintf("pwdata:NULL");
+ } else {
+ memmove(&cms->pwdata, pwdata, sizeof(*pwdata));
+ dprintf("pwdata:%p", pwdata);
+ dprintf("pwdata->source:%d", pwdata->source);
+ dprintf("pwdata->data:%p (\"%s\")", pwdata->data,
+ pwdata->data ? pwdata->data : "(null)");
+ }
+
egress();
}
--
2.34.1