systemd/backport-util-another-set-of-CVE-2021-4034-assert-s.patch

From 356b1ee1febeecf636eec6b7e08036603bf760d5 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 12:06:21 +0100
Subject: [PATCH] util: another set of CVE-2021-4034 assert()s

It's a good idea that we validate argc/argv when we are supposed to
store them away.

(cherry picked from commit 007e03b284e8ffc0b92edb2122cd9d2d16f049ef)
(cherry picked from commit dcba78244e5dc3a4b57fb978a2d21640164c89a2)

Conflict:NA
Reference:https://github.com/systemd/systemd/commit/356b1ee1febeecf636eec6b7e08036603bf760d5
---
 src/basic/util.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/basic/util.h b/src/basic/util.h
index b6c51c036e..22fcef719f 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -9,6 +9,12 @@ extern int saved_argc;
 extern char **saved_argv;
 
 static inline void save_argc_argv(int argc, char **argv) {
+
+        /* Protect against CVE-2021-4034 style attacks */
+        assert_se(argc > 0);
+        assert_se(argv);
+        assert_se(argv[0]);
+
         saved_argc = argc;
         saved_argv = argv;
 }
-- 
2.33.0