selinux_child: Fix crash with initialized key

The semanage_seuser_key_t can be NULL in done section in case of issues with initializing semanage handle or failure with creating transaction. The semanage_seuser_key_free is not NULL tolerant therefore its better to prevent dereference of NULL pointer. #0 semanage_seuser_key_free_internal (key=0x0) at seuser_record.c:83 #1 0x000055c1f8a687ed in sss_set_seuser (login_name=0x55c1f9ff8a50 "user4_1", seuser_name=0x55c1f9ff8960 "staff_u", mls=<optimized out>) at src/util/sss_semanage.c:344 #2 0x000055c1f8a67eea in sc_set_seuser (mls=0x55c1f9ff89d0 "s0-s0:c0.c1023", seuser_name=0x55c1f9ff8960 "staff_u", login_name=0x55c1f9ff8a50 "user4_1") at src/providers/ipa/selinux_child.c:162 #3 main (argc=<optimized out>, argv=<optimized out>) at src/providers/ipa/selinux_child.c:334 Merges: https://pagure.io/SSSD/sssd/pull-request/3732 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
jhrozek · May 24, 2018 · 51c6c48 · 51c6c48
1 parent 92addd7
commit 51c6c48
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/util/sss_semanage.c b/src/util/sss_semanage.c
@@ -341,7 +341,9 @@ int sss_set_seuser(const char *login_name, const char *seuser_name,
 
     ret = EOK;
 done:
-    semanage_seuser_key_free(key);
+    if (key != NULL) {
+        semanage_seuser_key_free(key);
+    }
     sss_semanage_close(handle);
     return ret;
 }