[libvirt] [PATCH 2/2] security: Fix comparison for virSecuritySELinuxRecallLabel

John Ferlan jferlan at redhat.com
Thu Dec 20 21:41:34 UTC 2018


The @con type security_context_t is actually a "char *", so the
correct check should be to dereference one more level; otherwise,
we could return/use the NULL pointer later in a subsequent
virSecuritySELinuxSetFileconImpl call (using @fcon).

Suggested-by: Michal Prívozník <mprivozn at redhat.com>
Signed-off-by: John Ferlan <jferlan at redhat.com>
---
 src/security/security_selinux.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index f3690a4cb1..5cdb839c13 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -211,7 +211,7 @@ virSecuritySELinuxRecallLabel(const char *path,
                                       path, con) < 0)
         return -1;
 
-    if (!con)
+    if (!*con)
         return 1;
 
     return 0;
-- 
2.19.2




More information about the libvir-list mailing list