When curcon is NULL, calling strcmp(curcon, newcon) produces an undefined behavior. Avoid this by checking whether curcon is NULL beforehand.
This issue has been found using clang's static analyzer. Signed-off-by: Nicolas Iooss <[email protected]> --- libselinux/src/selinux_restorecon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c index eefd2cf83e32..a41fc48a82d8 100644 --- a/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c @@ -664,7 +664,7 @@ static int restorecon_sb(const char *pathname, const struct stat *sb, curcon = NULL; } - if (strcmp(curcon, newcon) != 0) { + if (curcon == NULL || strcmp(curcon, newcon) != 0) { if (!flags->set_specctx && curcon && (is_context_customizable(curcon) > 0)) { if (flags->verbose) { -- 2.12.0 _______________________________________________ Selinux mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
