49 lines
1.9 KiB
Diff
49 lines
1.9 KiB
Diff
From 45b1017488cef2a5bacdf82028ce900a311c9a1c Mon Sep 17 00:00:00 2001
|
|
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
|
Date: Tue, 2 May 2023 22:36:36 +0200
|
|
Subject: [PATCH] core: fix NULL pointer dereference during deserialization
|
|
|
|
Conflict:NA
|
|
Reference:https://github.com/systemd/systemd-stable/commit/45b1017488cef2a5bacdf82028ce900a311c9a1c
|
|
---
|
|
src/core/service.c | 5 +++++
|
|
.../crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085 | 10 ++++++++++
|
|
2 files changed, 15 insertions(+)
|
|
create mode 100644 test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
|
|
|
|
diff --git a/src/core/service.c b/src/core/service.c
|
|
index c035f4c24e..2ba7511ad2 100644
|
|
--- a/src/core/service.c
|
|
+++ b/src/core/service.c
|
|
@@ -3219,6 +3219,11 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
|
|
} else if (streq(key, "accept-socket")) {
|
|
Unit *socket;
|
|
|
|
+ if (u->type != UNIT_SOCKET) {
|
|
+ log_unit_debug(u, "Failed to deserialize accept-socket: unit is not a socket");
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
r = manager_load_unit(u->manager, value, NULL, NULL, &socket);
|
|
if (r < 0)
|
|
log_unit_debug_errno(u, r, "Failed to load accept-socket unit '%s': %m", value);
|
|
diff --git a/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085 b/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
|
|
new file mode 100644
|
|
index 0000000000..8bafbb0bc6
|
|
--- /dev/null
|
|
+++ b/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
|
|
@@ -0,0 +1,10 @@
|
|
+current-job-tmp-dir=/niliclrd,ng
|
|
+
|
|
+plymo-.sliceuth-quiwt-dir=/niliclrd,ng
|
|
+
|
|
+plymo-.sliceuth-quiwt-ait.service
|
|
+srd2043d7818E@96s
|
|
+8582967570742745a94
|
|
+accept-socket=runn2043ait.service
|
|
+srd2043d7818E@96s
|
|
+8582967570742745a94
|
|
--
|
|
2.33.0
|
|
|