[CRIU] [PATCH 1/2] lsm: don't crash with "undefined" profile in images

[Tycho Andersen]

If the profile is "undefined" render_lsm_profile doesn't render anything,
since there is no need to set a profile. We shouldn't crash in this case.

We never hit this bug because we are careful not to put an "undefined"
profile into the images. But, if someone else edits the images, we
shouldn't crash on restore because of that.

Closes #110

Reported-by: Coverity
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
---
 cr-restore.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cr-restore.c b/cr-restore.c
index 3254efc..7524b12 100644
--- a/cr-restore.c
+++ b/cr-restore.c
@@ -2831,13 +2831,14 @@ rst_prep_creds_args(CredsEntry *ce, unsigned long *prev_pos)
 		if (validate_lsm(profile) < 0)
 			return ERR_PTR(-EINVAL);
 
-		if (profile) {
+		if (profile && render_lsm_profile(profile, &rendered)) {
+			return ERR_PTR(-EINVAL);
+		}
+
+		if (rendered) {
 			size_t lsm_profile_len;
 			char *lsm_profile;
 
-			if (render_lsm_profile(profile, &rendered))
-				return ERR_PTR(-EINVAL);
-
 			args->mem_lsm_profile_pos = rst_mem_cpos(RM_PRIVATE);
 			lsm_profile_len = strlen(rendered);
 			lsm_profile = rst_mem_alloc(lsm_profile_len + 1, RM_PRIVATE);
-- 
2.5.0