https://bugzilla.redhat.com/show_bug.cgi?id=1161831 Libvirtd will crash when parameter tcon = NULL in virSecuritySELinuxSetFileconHelper function, because libvirt do not check the first parameter when use strcmp(). Add a check for tcon before use strcmp() and output a error in log when tcon is NULL. Signed-off-by: Luyao Huang <lhuang@xxxxxxxxxx> --- src/security/security_selinux.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index f96be50..4fd09b8 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -887,6 +887,11 @@ virSecuritySELinuxSetFileconHelper(const char *path, char *tcon, bool optional) int setfilecon_errno = errno; if (getfilecon_raw(path, &econ) >= 0) { + if (tcon == NULL) { + virReportSystemError(errno,"%s", + _("Invalid security context : NULL")); + return -1; + } if (STREQ(tcon, econ)) { freecon(econ); /* It's alright, there's nothing to change anyway. */ -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list