diff options
author | Grzegorz Antoniak <ga@anadoxin.org> | 2018-07-02 06:57:40 +0200 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-07-02 07:48:39 +0000 |
commit | 8155400fca0424dcc730393bea851bbeef79a4f5 (patch) | |
tree | 7b84d78f241d4a0d2602e0f19f9b9fa37fe049ef | |
parent | db1b39bdae6a921629d8c2c5ea0a6aa487db4625 (diff) | |
download | flatpak-8155400fca0424dcc730393bea851bbeef79a4f5.tar.gz |
NULL pointer check after calling getgrgid()
When the user runs with gid=X, but X doesn't have an entry in
/etc/groups, then a segmentation fault occured. This was happening
because flatpak-run.c didn't guard against a NULL pointer after calling
getgrgid() in flatpak_run_setup_base_argv.
Closes: #1850
Closes: #1851
Approved by: alexlarsson
-rw-r--r-- | common/flatpak-run.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/common/flatpak-run.c b/common/flatpak-run.c index 0277cb97..e70ed2a2 100644 --- a/common/flatpak-run.c +++ b/common/flatpak-run.c @@ -2296,19 +2296,26 @@ flatpak_run_setup_base_argv (FlatpakBwrap *bwrap, FlatpakRunFlags flags, GError **error) { - g_autofree char *run_dir = g_strdup_printf ("/run/user/%d", getuid ()); + g_autofree char *run_dir; g_autofree char *passwd_contents = NULL; g_autofree char *group_contents = NULL; const char *pkcs11_conf_contents = NULL; - struct group *g = getgrgid (getgid ()); + struct group *g; gulong pers; + gid_t gid = getgid (); + + g = getgrgid (gid); + if(g == NULL) + return flatpak_fail (error, "Invalid gid: %d", gid); + + run_dir = g_strdup_printf ("/run/user/%d", getuid ()); g_autoptr(GFile) etc = NULL; passwd_contents = g_strdup_printf ("%s:x:%d:%d:%s:%s:%s\n" "nfsnobody:x:65534:65534:Unmapped user:/:/sbin/nologin\n", g_get_user_name (), - getuid (), getgid (), + getuid (), gid, g_get_real_name (), g_get_home_dir (), DEFAULT_SHELL); @@ -2316,7 +2323,7 @@ flatpak_run_setup_base_argv (FlatpakBwrap *bwrap, group_contents = g_strdup_printf ("%s:x:%d:%s\n" "nfsnobody:x:65534:\n", g->gr_name, - getgid (), g_get_user_name ()); + gid, g_get_user_name ()); pkcs11_conf_contents = "# Disable user pkcs11 config, because the host modules don't work in the runtime\n" |