When built with GCC undefined behaviour sanitizer the following problem
surfaces:
src/libsystemd/sd-bus/bus-socket.c:180:11: runtime error: null pointer
passed as argument 1, which is declared to never be null
Indeed, calling memmem where b->rbuffer == NULL is undefined behaviour.
Fix that by returning if rbuffer is null or rbuffer_size < 2
---
src/libsystemd/sd-bus/bus-socket.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libsystemd/sd-bus/bus-socket.c
b/src/libsystemd/sd-bus/bus-socket.c
index 94a5c04..6463f7c 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -177,6 +177,9 @@ static int bus_socket_auth_verify_client(sd_bus *b) {
/* We expect two response lines: "OK" and possibly
* "AGREE_UNIX_FD" */
+ if(!b->rbuffer || b->rbuffer_size < 2)
+ return 0;
+
e = memmem(b->rbuffer, b->rbuffer_size, "\r\n", 2);
if (!e)
return 0;
--
2.3.7
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
