You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
929 B
32 lines
929 B
From c134e85526f160ad4392edb333caadc5e425957d Mon Sep 17 00:00:00 2001 |
|
From: Lennart Poettering <lennart@poettering.net> |
|
Date: Tue, 1 Feb 2022 12:06:21 +0100 |
|
Subject: [PATCH] util: another set of CVE-2021-4034 assert()s |
|
|
|
It's a good idea that we validate argc/argv when we are supposed to |
|
store them away. |
|
|
|
(cherry picked from commit 007e03b284e8ffc0b92edb2122cd9d2d16f049ef) |
|
|
|
Related: #2017035 |
|
--- |
|
src/basic/util.h | 6 ++++++ |
|
1 file changed, 6 insertions(+) |
|
|
|
diff --git a/src/basic/util.h b/src/basic/util.h |
|
index 94804f28e3..68ae3b51e0 100644 |
|
--- a/src/basic/util.h |
|
+++ b/src/basic/util.h |
|
@@ -9,6 +9,12 @@ extern int saved_argc; |
|
extern char **saved_argv; |
|
|
|
static inline void save_argc_argv(int argc, char **argv) { |
|
+ |
|
+ /* Protect against CVE-2021-4034 style attacks */ |
|
+ assert_se(argc > 0); |
|
+ assert_se(argv); |
|
+ assert_se(argv[0]); |
|
+ |
|
saved_argc = argc; |
|
saved_argv = argv; |
|
}
|
|
|