-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
FIXME: Would this be somehow a normal condition for an empty directory?
Don't know the code well enough to tell.
No the code works fine with empty directories.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5dTDsACgkQrlYvE4MpobPZOwCguShVgT7fhgSDOn3uNstJ7Gv1
eSEAn0/pNB6SFHvusyQ6LWpl56ENcajE
=WDFm
-----END PGP SIGNATURE-----
>From 038ef21bf51bcc12e4308f8b85608a0f59475bd8 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Tue, 9 Aug 2011 09:53:49 -0400
Subject: [PATCH 17/48] policycoreutils: setfiles: FIXME Fix potential crash
using dereferenced ftsent
If fts_read() fails for any reason ftsent will be NULL. Previously we
would have reported the error and then continued processing. Now we
report the error and stop using the NULL pointer.
FIXME: Would this be somehow a normal condition for an empty directory?
Don't know the code well enough to tell.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
policycoreutils/setfiles/restore.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 3f32f47..5bcb44a 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -318,11 +318,16 @@ static int process_one(char *name, int recurse_this_path)
ftsent = fts_read(fts_handle);
- if (ftsent != NULL) {
- /* Keep the inode of the first one. */
- dev_num = ftsent->fts_statp->st_dev;
+ if (ftsent == NULL) {
+ fprintf(stderr,
+ "%s: error while labeling %s: %s\n",
+ r_opts->progname, namelist[0], strerror(errno));
+ goto err;
}
+ /* Keep the inode of the first one. */
+ dev_num = ftsent->fts_statp->st_dev;
+
do {
rc = 0;
/* Skip the post order nodes. */
--
1.7.6.1
