BACKPORT: libselinux: procattr: return einval for <= 0 pid args. getpidcon documentation does not specify that a pid of 0 refers to the current process, and getcon exists specifically to provide this functionality, and getpidcon(getpid()) would provide it as well. Disallow pid values <= 0 that may lead to unintended behavior in userspace object managers. (from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c) (cherry-picked from commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da) Signed-off-by: Daniel Cashman <dcashman@android.com> AOSP Bug: 200617 Bug: 27111481 Change-Id: I69b00df6413f5c3d566ac76cb4a464c97c167cdf

commit: f8a650201c548c3498016b61e51d96294666798e [log] [tgz]
author: dcashman <dcashman@google.com> Mon Feb 29 12:57:54 2016 -0800
committer: dcashman <dcashman@google.com> Mon Feb 29 15:30:03 2016 -0800
tree: ecb380e43037933a68413362fc19f5460c16a900
parent: 5ff2a33bf370604a6260af338dde06cd67deaba2 [diff]
diff --git a/src/procattr.c b/src/procattr.c
index a55465a..74c0012 100644
--- a/src/procattr.c
+++ b/src/procattr.c

@@ -139,7 +139,12 @@
 #define getpidattr_def(fn, attr) \
 	int get##fn(pid_t pid, char **c)	\
 	{ \
-		return getprocattrcon(c, pid, #attr); \
+		if (pid <= 0) { \
+			errno = EINVAL; \
+			return -1; \
+		} else { \
+			return getprocattrcon(c, pid, #attr); \
+		} \
 	}
 
 all_selfattr_def(con, current)
commit	f8a650201c548c3498016b61e51d96294666798e	[log] [tgz]
author	dcashman <dcashman@google.com>	Mon Feb 29 12:57:54 2016 -0800
committer	dcashman <dcashman@google.com>	Mon Feb 29 15:30:03 2016 -0800
tree	ecb380e43037933a68413362fc19f5460c16a900
parent	5ff2a33bf370604a6260af338dde06cd67deaba2 [diff]