1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 4b7672d6fbfb9ef8a0b81f285b74aa299185aa83 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruenba@redhat.com>
Date: Mon, 24 Jun 2024 12:41:04 +0200
Subject: [PATCH] acl_copy_entry: Prevent accidental NULL pointer dereference
In acl_copy_entry(), when dest_d turns out to be invalid, dest_p will be
NULL. Instead of checking for that, we are accidentally checking if
dest_d is NULL. As a result, when called with an invalid dest_d object,
acl_copy_entry() will cause a NULL pointer dereference instead of
indicating an error. This is a relatively minor problem, but worth
fixing nonetheless.
Reported-by: His Shadow <shadowpilot34@gmail.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
libacl/acl_copy_entry.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libacl/acl_copy_entry.c b/libacl/acl_copy_entry.c
index f9c90c7..e92580c 100644
--- a/libacl/acl_copy_entry.c
+++ b/libacl/acl_copy_entry.c
@@ -28,7 +28,7 @@ acl_copy_entry(acl_entry_t dest_d, acl_entry_t src_d)
{
acl_entry_obj *dest_p = ext2int(acl_entry, dest_d),
*src_p = ext2int(acl_entry, src_d);
- if (!dest_d || !src_p)
+ if (!dest_p || !src_p)
return -1;
dest_p->etag = src_p->etag;
--
2.33.0
|
