Unverified Commit 078bf943 authored by Zichen Xie's avatar Zichen Xie Committed by Mickaël Salaün
Browse files

samples/landlock: Fix possible NULL dereference in parse_path() 



malloc() may return NULL, leading to NULL dereference.  Add a NULL
check.

Fixes: ba84b0bf ("samples/landlock: Add a sandbox manager example")
Signed-off-by: default avatarZichen Xie <zichenxie0106@gmail.com>
Link: https://lore.kernel.org/r/20241128032955.11711-1-zichenxie0106@gmail.com


[mic: Simplify fix]
Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
parent b665ee5f

samples/landlock/sandboxer.c

+7 −0
Original line number Diff line number Diff line
@@ -91,6 +91,9 @@ static int parse_path(char *env_path, const char ***const path_list) 
		}

	}

	*path_list = malloc(num_paths * sizeof(**path_list));

	if (!*path_list)

		return -1;



	for (i = 0; i < num_paths; i++)

		(*path_list)[i] = strsep(&env_path, ENV_DELIMITER);
@@ -127,6 +130,10 @@ static int populate_ruleset_fs(const char *const env_var, const int ruleset_fd, 
	env_path_name = strdup(env_path_name);

	unsetenv(env_var);

	num_paths = parse_path(env_path_name, &path_list);

	if (num_paths < 0) {

		fprintf(stderr, "Failed to allocate memory\n");

		goto out_free_name;

	}

	if (num_paths == 1 && path_list[0][0] == '\0') {

		/*

		 * Allows to not use all possible restrictions (e.g. use