-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5yUroACgkQrlYvE4MpobPI5ACgnbkyGO8usgHURiVFb2Etyfzq
qpIAoJg8v82Z56p70IFxUHoNucnuaoXv
=7Q+j
-----END PGP SIGNATURE-----
>From 5938f0d1f2f8ff02a26d8686a85c887616a92981 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Tue, 9 Aug 2011 09:53:49 -0400
Subject: [PATCH 12/67] policycoreutils: setfiles: FIXME Fix potential crash
using dereferenced ftsent
If fts_read() fails for any reason ftsent will be NULL. Previously we
would have reported the error and then continued processing. Now we
report the error and stop using the NULL pointer.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
Acked-by: Dan Walsh <dwalsh@xxxxxxxxxx>
---
policycoreutils/setfiles/restore.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/policycoreutils/setfiles/restore.c b/policycoreutils/setfiles/restore.c
index 3f32f47..5bcb44a 100644
--- a/policycoreutils/setfiles/restore.c
+++ b/policycoreutils/setfiles/restore.c
@@ -318,11 +318,16 @@ static int process_one(char *name, int recurse_this_path)
ftsent = fts_read(fts_handle);
- if (ftsent != NULL) {
- /* Keep the inode of the first one. */
- dev_num = ftsent->fts_statp->st_dev;
+ if (ftsent == NULL) {
+ fprintf(stderr,
+ "%s: error while labeling %s: %s\n",
+ r_opts->progname, namelist[0], strerror(errno));
+ goto err;
}
+ /* Keep the inode of the first one. */
+ dev_num = ftsent->fts_statp->st_dev;
+
do {
rc = 0;
/* Skip the post order nodes. */
--
1.7.6.2
