BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
getpidcon documentation does not specify that a pid of 0 refers to the
current process, and getcon exists specifically to provide this
functionality, and getpidcon(getpid()) would provide it as well.
Disallow pid values <= 0 that may lead to unintended behavior in
userspace object managers.
(from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c)
(cherry-picked from commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da)
Signed-off-by: Daniel Cashman <dcashman@android.com>
AOSP Bug: 200617
Bug: 27111481
Change-Id: I69b00df6413f5c3d566ac76cb4a464c97c167cdf
diff --git a/src/procattr.c b/src/procattr.c
index a55465a..74c0012 100644
--- a/src/procattr.c
+++ b/src/procattr.c
@@ -139,7 +139,12 @@
#define getpidattr_def(fn, attr) \
int get##fn(pid_t pid, char **c) \
{ \
- return getprocattrcon(c, pid, #attr); \
+ if (pid <= 0) { \
+ errno = EINVAL; \
+ return -1; \
+ } else { \
+ return getprocattrcon(c, pid, #attr); \
+ } \
}
all_selfattr_def(con, current)