1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
From 7bf818c8344ecbf0e14a26e6393582ae79df864e Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 30 Jan 2024 15:04:03 +0200
Subject: [PATCH] Tip-toe around rpmfiFN() thin ice in fsm
Any pointer gotten from rpmfiFN() is only valid until the next
rpmfiFN() call, and here the path can end up inside plugins which
may have their own reasons for calling rpmfiFN(). At which point
the dest we passed would be invalid. strdup() it to appease ASAN,
but this needs a saner solution really.
---
lib/fsm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index a54e43bae..36708acc3 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -736,7 +736,7 @@ static int fsmSetmeta(int fd, int dirfd, const char *path,
int nofcaps)
{
int rc = 0;
- const char *dest = rpmfiFN(fi);
+ char *dest = xstrdup(rpmfiFN(fi));
if (!rc && !getuid()) {
rc = fsmChown(fd, dirfd, path, st->st_mode, st->st_uid, st->st_gid);
@@ -756,6 +756,7 @@ static int fsmSetmeta(int fd, int dirfd, const char *path,
fd, path, dest,
st->st_mode, action);
}
+ free(dest);
return rc;
}
--
2.33.0
|
