journald: prevent segfault on empty attr/current

getpidcon() might set con to NULL, even when it returned a 0 return code[0]. The subsequent strlen(con) will then cause a segfault. Alternatively the behaviour could also be changed in getpidcon. I don't know whether the libselinux folks are comitted to the current behaviour, but the getpidcon man page doesn't really make it obvious this case could happen. [0] fb7f35495f/libselinux/src/procattr.c (L155-L158)
2026-04-14 16:37:19 +09:00 · 2022-12-07 14:11:30 +01:00
parent 2d18605ca8
commit ff868eaade
1 changed files with 1 additions and 1 deletions
--- a/src/journal/journald-context.c
+++ b/src/journal/journald-context.c
@@ -259,7 +259,7 @@ static int client_context_read_label(

                /* If we got no SELinux label passed in, let's try to acquire one */

-                if (getpidcon(c->pid, &con) >= 0) {
+                if (getpidcon(c->pid, &con) >= 0 && con) {
                        free_and_replace(c->label, con);
                        c->label_size = strlen(c->label);
                }