From ff868eaadecde2568d1e08a375ec8a3b327984fa Mon Sep 17 00:00:00 2001
From: Space Meyer <spm@google.com>
Date: Wed, 7 Dec 2022 14:11:30 +0100
Subject: [PATCH] journald: prevent segfault on empty attr/current

getpidcon() might set con to NULL, even when it returned a 0 return
code[0]. The subsequent strlen(con) will then cause a segfault.

Alternatively the behaviour could also be changed in getpidcon. I
don't know whether the libselinux folks are comitted to the current
behaviour, but the getpidcon man page doesn't really make it obvious
this case could happen.

[0] https://github.com/SELinuxProject/selinux/blob/fb7f35495fbad468d6efa76c5fed727659903038/libselinux/src/procattr.c#L155-L158
---
 src/journal/journald-context.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c
index b2f6fcc2a3..222855ae60 100644
--- a/src/journal/journald-context.c
+++ b/src/journal/journald-context.c
@@ -259,7 +259,7 @@ static int client_context_read_label(
 
                 /* If we got no SELinux label passed in, let's try to acquire one */
 
-                if (getpidcon(c->pid, &con) >= 0) {
+                if (getpidcon(c->pid, &con) >= 0 && con) {
                         free_and_replace(c->label, con);
                         c->label_size = strlen(c->label);
                 }