1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-05 09:17:44 +03:00

pid1: fix segv triggered by status query (#26279)

If any query makes it to the end of install_info_follow() then I think symlink_target is set to NULL.
If that is followed by -EXDEV from unit_file_load_or_readlink(), then that causes basename(NULL)
which segfaults pid 1.

This is triggered by eg. "systemctl status crond" in RHEL9 if

/etc/systemd/system/crond.service
  -> /ram/etc/systemd/system/crond.service
  -> /usr/lib/systemd/system/.crond.service.blah.blah
  -> /usr/lib/systemd/system/crond.service
This commit is contained in:
Robin Humble 2023-02-01 23:36:48 +11:00 committed by GitHub
parent e4c7b5f517
commit 19cfda9fc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1658,7 +1658,7 @@ static int install_info_traverse(
r = install_info_follow(ctx, i, lp, flags, r = install_info_follow(ctx, i, lp, flags,
/* If linked, don't look at the target name */ /* If linked, don't look at the target name */
/* ignore_different_name= */ i->install_mode == INSTALL_MODE_LINKED); /* ignore_different_name= */ i->install_mode == INSTALL_MODE_LINKED);
if (r == -EXDEV) { if (r == -EXDEV && i->symlink_target) {
_cleanup_free_ char *buffer = NULL; _cleanup_free_ char *buffer = NULL;
const char *bn; const char *bn;