From 7bf818c8344ecbf0e14a26e6393582ae79df864e Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Tue, 30 Jan 2024 15:04:03 +0200 Subject: [PATCH] Tip-toe around rpmfiFN() thin ice in fsm Any pointer gotten from rpmfiFN() is only valid until the next rpmfiFN() call, and here the path can end up inside plugins which may have their own reasons for calling rpmfiFN(). At which point the dest we passed would be invalid. strdup() it to appease ASAN, but this needs a saner solution really. --- lib/fsm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/fsm.c b/lib/fsm.c index a54e43bae..36708acc3 100644 --- a/lib/fsm.c +++ b/lib/fsm.c @@ -736,7 +736,7 @@ static int fsmSetmeta(int fd, int dirfd, const char *path, int nofcaps) { int rc = 0; - const char *dest = rpmfiFN(fi); + char *dest = xstrdup(rpmfiFN(fi)); if (!rc && !getuid()) { rc = fsmChown(fd, dirfd, path, st->st_mode, st->st_uid, st->st_gid); @@ -756,6 +756,7 @@ static int fsmSetmeta(int fd, int dirfd, const char *path, fd, path, dest, st->st_mode, action); } + free(dest); return rc; } -- 2.33.0