chiark / gitweb /
systemd: fix uninitialized memory access in selinux
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 8 Feb 2013 01:58:02 +0000 (20:58 -0500)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 8 Feb 2013 02:13:19 +0000 (21:13 -0500)
==6129== Syscall param socketcall.getsockopt(optlen) points to uninitialised byte(s)
==6129== at 0x312D0F325A: getsockopt (syscall-template.S:81)
==6129== by 0x4615E6: get_audit_data (selinux-access.c:268)
==6129== by 0x461A81: selinux_access_check (selinux-access.c:394)
==6129== by 0x453B23: bus_manager_message_handler (dbus-manager.c:1395)
==6129== by 0x313581D9C4: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:862)
==6129== by 0x313580FC1F: dbus_connection_dispatch (dbus-connection.c:4672)
==6129== by 0x44CD4C: bus_dispatch (dbus.c:528)
==6129== by 0x41292F: manager_loop (manager.c:1573)
==6129== by 0x40CD8E: main (main.c:1735)
==6129== Address 0x7fefff2c0 is on thread 1's stack

src/core/selinux-access.c

index be728d5..08a4834 100644 (file)
@@ -256,7 +256,7 @@ static int get_audit_data(
         const char *sender;
         int r, fd;
         struct ucred ucred;
-        socklen_t len;
+        socklen_t len = sizeof(ucred);
 
         sender = dbus_message_get_sender(message);
         if (sender)