-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5yT0EACgkQrlYvE4MpobOopgCeNA/rmHQmKKWFWSSeJ9G70+y6
GFQAniDwazwZFpQgaH8tCQJSE22lEU7b
=+xVV
-----END PGP SIGNATURE-----
>From 5938f0d1f2f8ff02a26d8686a85c887616a92981 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Tue, 9 Aug 2011 09:53:49 -0400
Subject: [PATCH 12/67] policycoreutils: setfiles: FIXME Fix potential crash
using dereferenced ftsent
If fts_read() fails for any reason ftsent will be NULL. Previously we
would have reported the error and then continued processing. Now we
report the error and stop using the NULL pointer.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
Acked-by: Dan Walsh <dwalsh@xxxxxxxxxx>
---
policycoreutils/setfiles/restore.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 3f32f47..5bcb44a 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -318,11 +318,16 @@ static int process_one(char *name, int recurse_this_path)
ftsent = fts_read(fts_handle);
- if (ftsent != NULL) {
- /* Keep the inode of the first one. */
- dev_num = ftsent->fts_statp->st_dev;
+ if (ftsent == NULL) {
+ fprintf(stderr,
+ "%s: error while labeling %s: %s\n",
+ r_opts->progname, namelist[0], strerror(errno));
+ goto err;
}
+ /* Keep the inode of the first one. */
+ dev_num = ftsent->fts_statp->st_dev;
+
do {
rc = 0;
/* Skip the post order nodes. */
--
1.7.6.2
