BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
getpidcon documentation does not specify that a pid of 0 refers to the
current process, and getcon exists specifically to provide this
functionality, and getpidcon(getpid()) would provide it as well.
Disallow pid values <= 0 that may lead to unintended behavior in
userspace object managers.
(from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c)
Signed-off-by: Daniel Cashman <dcashman@android.com>
AOSP Bug: 200617
Bug: 271114815
Change-Id: If8ce0b9aea8f001f5c42911f2fccb2edfe9ded38
diff --git a/src/procattr.c b/src/procattr.c
index a55465a..74c0012 100644
--- a/src/procattr.c
+++ b/src/procattr.c
@@ -139,7 +139,12 @@
#define getpidattr_def(fn, attr) \
int get##fn(pid_t pid, char **c) \
{ \
- return getprocattrcon(c, pid, #attr); \
+ if (pid <= 0) { \
+ errno = EINVAL; \
+ return -1; \
+ } else { \
+ return getprocattrcon(c, pid, #attr); \
+ } \
}
all_selfattr_def(con, current)