agent: Fix segv running in --server mode
authorWerner Koch <wk@gnupg.org>
Mon, 2 Jul 2018 18:22:42 +0000 (20:22 +0200)
committerWerner Koch <wk@gnupg.org>
Mon, 2 Jul 2018 18:25:30 +0000 (20:25 +0200)
* agent/command.c (start_command_handler): Do not write to
CLIENT_CREDS after an error.
--

assuan_get_peercred is special insofar that it returns a pointer into
CTX.  Writing data via this pointer should never be done.

Fixes-commit: 28aa6890588cc108639951bb4bef03ac17743046
Signed-off-by: Werner Koch <wk@gnupg.org>
agent/command.c

index 1a08cfc..9bc3b02 100644 (file)
@@ -3351,7 +3351,8 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
 
   for (;;)
     {
-      assuan_peercred_t client_creds;
+      assuan_peercred_t client_creds; /* Note: Points into CTX.  */
+      pid_t pid;
 
       rc = assuan_accept (ctx);
       if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1)
@@ -3367,17 +3368,21 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
       rc = assuan_get_peercred (ctx, &client_creds);
       if (rc)
         {
-          log_info ("Assuan get_peercred failed: %s\n", gpg_strerror (rc));
-          client_creds->pid = assuan_get_pid (ctx);
+
+          if (listen_fd == GNUPG_INVALID_FD && fd == GNUPG_INVALID_FD)
+            ;
+          else
+            log_info ("Assuan get_peercred failed: %s\n", gpg_strerror (rc));
+          pid = assuan_get_pid (ctx);
           ctrl->client_uid = -1;
         }
-      ctrl->server_local->connect_from_self =
-        (client_creds->pid == getpid ());
-      if (client_creds->pid != ASSUAN_INVALID_PID)
-        ctrl->client_pid = (unsigned long)client_creds->pid;
       else
-        ctrl->client_pid = 0;
-      ctrl->client_uid = client_creds->uid;
+        {
+          pid = client_creds->pid;
+          ctrl->client_uid = client_creds->uid;
+        }
+      ctrl->client_pid = (pid == ASSUAN_INVALID_PID)? 0 : (unsigned long)pid;
+      ctrl->server_local->connect_from_self = (pid == getpid ());
 
       rc = assuan_process (ctx);
       if (rc)