Package: policykit-1 / 0.105-15~deb8u2

0.113/Fix-a-possible-NULL-dereference.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
From: =?utf-8?q?Miloslav_Trma=C4=8D?= <mitr@redhat.com>
Date: Wed, 11 Jun 2014 22:36:50 +0200
Subject: Fix a possible NULL dereference.
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit

polkit_backend_session_monitor_get_user_for_subject() may return NULL
(and because it is using external processes, we can’t really rule it
out).  The code was already anticipating NULL in the cleanup section, so
handle it also when actually using the value.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80767
Origin: upstream, 0.113, commit:6109543303def367b84eaac97d2ff9cefe735efb
---
 src/polkitbackend/polkitbackendinteractiveauthority.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 25e13fb..00ee044 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -557,7 +557,11 @@ log_result (PolkitBackendInteractiveAuthority    *authority,
   user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor, subject, NULL);
 
   subject_str = polkit_subject_to_string (subject);
-  user_of_subject_str = polkit_identity_to_string (user_of_subject);
+
+  if (user_of_subject != NULL)
+    user_of_subject_str = polkit_identity_to_string (user_of_subject);
+  else
+    user_of_subject_str = g_strdup ("<unknown>");
   caller_str = polkit_subject_to_string (caller);
 
   subject_cmdline = _polkit_subject_get_cmdline (subject);